HIEs Must Plan for Security, Financial Viability to Survive: IDC

To be successful, health information exchanges need proper privacy and security measures as well as financial resources that will outlast government grants, a new report by IDC revealed.

Health information exchanges are beneficial for the continuity of care, but they require privacy and security strategies as well as an effective financial plan to survive, according to an April 2 report by research firm IDC Health Insights.

In the report, "Best Practices: Establishing Sustainable Health Information Exchange," IDC interviewed about 45 executives from organizations running enterprise, regional and statewide HIEs.

IDC produced the study as part of its IDC MarketScape for Health Information Exchange Technologies research. MarketScape is IDC's IT vendor assessment tool.

Health care organizations need to better understand how the technology behind HIEs will be funded before implementing the platforms, according to Lynne Dunbrack, program director of connected health IT strategies at IDC Health Insights. Organizing them without taking this step hasn't worked, Dunbrack told eWEEK.

"Build it and they will come has been such a disaster," she said. "They're not really having a full understanding of the business plan."

Organizations running HIEs need to plan for sustainability and financial viability from the beginning, she said. The health exchanges are struggling to make money beyond grants provided by the federal government.

HIEs will need to factor in whether doctors will be willing to pay for access to data such as medical images. In fact, some HIE projects have had to shut down when they didn't have enough clients willing to pay to use it, Dunbrack noted.

When developing systems for electronic health record (EHR) sharing, health care organizations should factor in advice from doctors, said Dunbrack.

HIEs should also be sensitive to the structure of physicians' workflows, according to the report.

"When new applications disrupts workflows, the risk of abandonment is very high," said Dunbrack.

HIEs also need vendors that are flexible enough to make changes to EHR databases or to the workflows, she said.

Even as the Supreme Court reviews the constitutionality of the 2010 Patient Protection and Affordable Care Act (PPACA), the trend toward health care organization accountability will continue and doctors will need to factor in patient-centric care collaboration when sharing records in HIEs.

Under the Affordable Care Act, providers can set up accountable care organizations (ACOs) and be eligible for Medicare reimbursements based on patient outcomes.

"To be operational as an ACO [and] to have a more longitudinal view on the patients' health information, that will require greater connectivity and that the information flows across the care team," said Dunbrack. "That will really require that they have some level of health information exchange deployed."

Several states are implementing HIEs, and in November a coalition of states and health care IT software vendors organized the EHR/HIE Interoperability Workgroup to make data more compatible and reduce high costs and long delays for interfaces to be developed.

The New York eHealth Collaborative (NYeC), which oversees the HIE for New York State, formed the workgroup.

Clinical "informaticists," who use technology to improve health care, should be included in these workgroups, according to IDC. Demand for clinical informatics is growing in health care, according to a March 2 PwC report.

The IDC study also revealed that health care organizations' policies on privacy and security were out of sync with those of states. Securing patient data turned out to be less expensive with extra legal fees.

Developing a well-defined security policy will allow health organizations to trust the HIE platform, the report suggested.

Health care executives were also concerned that too many patients would opt out of record sharing altogether.

These concerns could be valid based on a March 6 report by the New York Civil Liberties Union. The NYCLU cited a need for more patient control over health records in HIEs. The union recommended that patients be able to "sort and segregate" so they can specify which doctors have access to their medical data.