18 Pages-Single-Spaced-Class Journal
write a 2-page Class Journal for each file(total 18 pages), record the issues that you have learned from the class meeting (lecture note, textbook chapter, class discussion …) They should be in Times-News Roman 12, single-spaced.
http://www.csun.edu/~dn58412/IS531
Lecture 4
Electronic Health Record
(Chapter 14)
Learning Objectives . . .
Define electronic health record (EHR).
Define electronic medical record (EMR).
Define computer-based patient record (CPR).
Similarities and differences between the EHR, EMR, and the CPR.
Attributes of the CPR for today’s EHR.
IS 531 : Lecture 4
*
IS 531 : Lecture 4
Learning Objectives
Meaningful Use and the adoption and use of the EHR in health care industry
Benefits associated with the EHR.
Concerns in implementation of the EHR.
Current status of the EHR.
IS 531 : Lecture 4
*
IS 531 : Lecture 4
Electronic Patient Record (EPR)
Relevant info for the current episode of care
Not necessarily a lifetime record
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Electronic Medical Record (EMR)
Legal record created in hospitals and ambulatory environments that is the source of data for the EHR.
Single encounter/episode of treatment, no info from previous visits or to future visits
Structured data (predefined format with discrete data
Unstructured data (text report)
Electronic imaging (ultrasonography, MRI)
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
*EMR Components*
Results reporting
Data repository
Decision support
Clinical messaging and e-mail
Documentation
Order entry
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Electronic Health Record (EHR)
Longitudinal electronic record of patient health information generated by one or more encounters in any care delivery setting
Interoperability standards to exchange info outside a single healthcare delivery system
Supports other care-related activities directly or indirectly—evidence-based decision support, quality management, and outcomes reporting
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Levels of Automation . . .
Stage 0: Not all ancillary systems (Lab, X-ray, Pharmacy) are operational
Stage 1: Major ancillary clinical systems installed
Stage 2: A clinical data repository(CDR) stores info from major ancillary clinical systems
Stage 3: Basic clinical documentation required, CDR storage retrieval (picture archiving communication systems-PACS)
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
. . . Levels of Automation
Stage 4: Computerized provider order entry(CPOE), support for evidence-based practice
Stage 5:Barcode medication administration (BCMA), radio frequency identification (RFID) integrated with CPOE and pharmacy
Stage 6:—Full physician documentation, decision support, alerts, full PACS
Stage 7:—Fully electronic paperless environment
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Computer-Based Patient Record (CPR)
Comprehensive lifetime record
Attributes identified by the Institute of Medicine (IOM) provide the basis for today’s understanding of the EHR
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
EHR Attributes . . .
Secure, reliable access where and when needed
Records and manages episodic and longitudinal information
Primary information source during care
Assists with planning and delivery of evidence-based care
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
. . . EHR Attributes
Captures data for:
Quality improvement
Utilization review
Risk management
Resource planning
Performance management
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
. . . EHR Attributes
Captures information needed for medical record and reimbursement purposes
Longitudinal, masked information supports clinical research, public health reporting, and population health initiatives
Supports clinical trials and evidence-based research
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Continuity of Care Document (CCD)
Intended to improve continuity of care when clients move between various points of care
Comprised of summaries from many types of caregivers
“Snapshot,” not a comprehensive record
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
IS 531 : Lecture 4
*
Meaningful use is using certified electronic health record (EHR) technology to:
Improve quality, safety, efficiency, and reduce health disparities
Engage patients and family
Improve care coordination, and population and public health
Maintain privacy and security of patient health information
Meaningful Use
IS 531 : Lecture 4
IS 531 : Lecture 4
*
Meaningful use compliance will result in:
Better clinical outcomes
Improved population health outcomes
Increased transparency and efficiency
Empowered individuals
More robust research data on health systems
Meaningful use sets specific objectives that eligible professionals (EPs) and hospitals must achieve to qualify for Centers for Medicare & Medicaid Services (CMS) Incentive Programs.
http://www.healthit.gov/providers-professionals/meaningful-use-definition-objectives
Meaningful Use …
IS 531 : Lecture 4
. . .Meaningful Use
Penalties imposed for failure to achieve Meaningful Use by 2015
Stage 1: electronic capture and sharing health info in coded format, use it to track conditions and coordinate care (Cf. Box 14-1,2, pp.281-282)
Stage 2: Ability to use HIT at the point of care
Stage 3: improvement in safety, quality, efficiency and expanded HER functionality.
IS 531 : Lecture 4
*
IS 531 : Lecture 4
General Benefits of the EHR
Improved data integrity:
readable, better organized, accurate, complete
Improved productivity:
access data whenever, wherever for timely decision
Increased quality of care:
tailored views, “dash-board”
Increased satisfaction for caregivers:
easy access to client data and related services
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Nursing Benefits
Decreased redundant data collection
Allowed data comparison from prior visits
Ongoing access, update record at bedside
Improved documentation and quality of care
Supported timely decision
Etc…
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Healthcare Provider Benefits
Better/faster/simultaneous data access
Improved documentation, reporting
Prompted to ensure administration of treatments and medications
Supported automation of critical pathways / workflows
Improved efficiency: eligibility, early warning of status changes
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Healthcare Enterprise Benefits
Better record security
Fewer lost records
Instant notice of eligibility/procedure authorization
Decreased need and cost for record storage, x-ray film, filing …
Decreased length of stay due to waiting
Faster turnaround for accounts
Increased compliance with regulatory requirements
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Patient Benefits . . .
Decreased wait time for treatment
Increased access/control over health information
Increased use of best practices/decision support
Increased ability to ask informed questions
Quicker turnaround time for ordered treatments
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
. . . Patient Benefits
Greater clarity to discharge instruction
Increased responsibility for own care
Alerts and reminders for appointments and scheduled tests
Increased satisfaction and understanding of choices
Issue: When a patient could access his/her own health information like in other online services ? (Pros, Cons)
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Driving Forces for EHR
Compliance with regulatory and reimbursement issues
Meaning Use to improve the quality of care
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Issues in EHR Implementation
Electronic Infrastructure
Common Vocabulary
Data Integrity
Master File Maintenance
Data Ownership
Privacy & Confidentiality
Development / Maintenance Costs
Caregiver Resistance
Timeline for Implementation
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Electronic Infrastructure *
Requires a linkage of various HIS via a network infrastructure
Agreement on nature and format of client data to be stored, exchanged, and retrieved by various internal/external stakeholders
Data communication standards
Interoperability, comparability, POC data capture of longitudinal electronic record
“Master Patient Index (MPI)”: a universal client identifier.
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Standard Vocabulary *
To generalize research findings across settings, countries
To compare patient outcomes from may sources
To facilitate communication with other disciplines and delivery systems
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Data Integrity *
Due to incorrect entry, data tampering, system failure
Data may be entered/modified from many different encounters
“Input mask” to safeguard against incomplete / erroneous entry
“Audit trail”: tracking who, when, what changes in each data element
Policies and procedures for update/ modify/ recover data
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Master File Maintenance *
Frequent update and maintenance
Major system updates may change database structure : version control to avoid data lost
“Version control”: backup data from old system until new system functions properly
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Data Ownership *
Paper medical records are the property of the creators with full responsibilities: storage, accuracy
Many providers share / update the same electronic data in many sites, who is the responsible owner in HER ?
Meaning Use: patients “own” their data and should have full access
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Privacy & Confidentiality *
The easy of data sharing by many people/facilities/agencies may compromise privacy and confidentiality of patient data
“Access control”: user-IDs, passwords, authorized access level (Create, Read, Update, Delete)
Private encryption keys, biometric authentication
“Electronic Signature”: system automatically and permanently affixes user identification, date and time log to each entry
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Development/Maintenance Costs *
For a provider office: ~ $54,000.00
For a hospital: ~ 5,000.000.00
Not include annual maintenance cost
Need “incentives”
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Caregiver Resistance *
EHRs are perceived as lacking essential features and awkward/inconvenience to use
Some people have been unable / unwilling to use computers !
Professionals don’t want to change their “familiar”, “traditional” practices
Rather pay penalties than bear EHR implementing cost
May even refuse patients
Need “incentives”
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
* Timeline for Implementation *
Rushing to meet the deadline may commit to a poor purchasing decision
May sacrifice patient safety
Should prepare for culture changes, work redesign in the institution
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Current Status
Bush called for adoption of the EHR by 2014.
Departments of Defense, Health and Human Services, Veterans Administration, and Centers for Medicare and Medicaid Services mandated the EHR for their facilities and operations.
From Obamacare to “Nobodycare” !!!
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
Summary
Most of the potential benefits associated with the use of health information technology are contingent upon the implementation of the EHR.
IS 531 : Lecture 4
*
IS 531 : Lecture 4
*
*
“MEANINGFUL USE”:
WHAT DOES IT MEAN?
Marty Witrak
Shirley Eichenwald Maki
Ryan Sandefer
Outline
� A little about us
� Health Reform and HIT
� ARRA & HITECH—a quick overview
� What is meaningful use?� What is meaningful use?
� Meaningful use: our take on it
� Discussion
The College of St. Scholastica
� The School of Nursing, The School of Health Sciences & The Center for
Healthcare Innovation
� ATHENS EHR Project
� Academic Electronic Health Record Subscription Service
� Personal Health Record Project
� Rural Hospital EHR Optimization Project
� Nursing Education, Practice, and Retention Project� Nursing Education, Practice, and Retention Project
� HIIM and Nursing have nationally recognized undergraduate and graduate
programs
� Health Sciences and Nursing are nationally recognized for technologically
enhanced learning environment
� Center for Healthcare Innovation works with colleges and universities around the
country to implement EHRs into the classroom
� College has a long-standing history of serving rural communities
� Faculty involved in:
� RHIOs, CCHIT, e-Health Advisory Committees, National Rural HIT Coalition
We were meant for this work…
SISTER EHR
Health Care Reform is the REAL
Stimulus
� Currently the US system is:
� Expensive, we spend more on healthcare than any
other nation
� Ineffective, many low quality outcomes on standards
comparable to other countries
� Fraught with high rates of medical errors
� Not universally available
� Structured in a manner unsupportable with impending
workforce shortages
Why the emphasis on HIT?
� HIT and EHRs have the POTENTIAL to:
� Reduce costs
� Improve the quality of care by delineating areas for
improvement
� Save lives
� Improve access
� Redesign the work of providers to focus on critical
activities
HIT has potential to transform
healthcare
� Dr. David Blumenthal, the National Coordinator of
Health IT, recently said:
� Health IT has the potential to save the federal
government more than $12 billion over 10 years,
improve the quality of care, and make our health-care improve the quality of care, and make our health-care
system efficient”
Underinvestment in HIT
Per Capital Spending on Health Information Technology
$192.79
$150.00
$200.00
$250.00
$31.85 $21.20 $11.43 $4.93 $0.43
$-
$50.00
$100.00
United
Kingdom
Canada Germany Norway Australia United
States
Source: Anderson, G. F., Frogner, B. K., Johns, R. A., & Reinhardt, U. E. (2006). Health Care Spending And Use Of
Information Technology In OECD Countries. Health Affairs, 25(3), 819-831.
HIMSS EMR Adoption Model
3.
5
2.7 2.
7
4
5
6
7
EMR Scores by Hospital Type, 1st Qtr 2009
2.
3
2.7
1.9
1.5
2.7 2.6
2.
1
1.5
0
1
2
3
Source: HiMSSanalytics. Accessed at www.himssanalytics.org
Barriers to Adoption
1. Cost
2. Lack of Standards (interoperability)
3. Privacy and Confidentiality Concerns3. Privacy and Confidentiality Concerns
4. Resistance to Change
5. Workforce Issues
6. Complexity of the Change
System Failures
� Implementing these system successfully is a highly
complex endeavor. Depending on how one defines
“failure,” it is estimated that over 50% of EHR
systems fail. [1-2]
� Fewer than 40% of large systems purchased from
vendors reportedly meet institutional goals [3]
1. Lorenzi, N. M., Smith, J. B., Conner, S. R., & Campion, T. R. (2004). The Success Factor Profile for clinical
computer innovation. Stud Health Technol Inform, 107(Pt 2), 1077-1080.
2. Proceeding of the 11th Annual Symposium on Health Information Management Research, 2006
3. Kaplan, B., & Shaw, N. T. (2004). Future directions in evaluation research: people, organizational, and social
issues. Methods Inf Med, 43(3), 215-231.
American Recovery and Reinvestment
Act of 2009
� President Obama
signed the Act into
law on February 17, law on February 17,
2009
� Includes stimulus funds
for HIT through
HITECH Act Provisions
ARRA Vision
� “Our recovery plan will
invest in electronic health
records and new
technology that will
reduce errors, bring
down cost, ensure down cost, ensure
privacy, and save lives.”
~President Obama,
Address to Joint Session
of Congress, February
24, 2009
What we know….
� The HIT entire arena is highly complex, which is
illustrated by the plethora of acronyms!
� When discussing meaningful use of EHRs, we find � When discussing meaningful use of EHRs, we find
that humor helps.
� HITECH: An Interoperetta in Three Acts
American Recovery and Reinvestment
Act of 2009
� HITECH ACT creates:
� HIT Policy Committee
� HIT Standard Committee
� Process for adopting recommendations from these
CommitteesCommittees
� ONCHIT (permanent)
� HIT Extension Program
� Research Centers
� Extension Centers
� State Grants
� Medicare/Medicaid Incentives (meaningful use)
“HITECH” ACT: Health IT Provisions
� “Health Information Technology for Economic and
Clinical Health Act”
� Overall, the Act provides $31 billion dollars for health � Overall, the Act provides $31 billion dollars for health
information technology infrastructure and Medicare
and Medicaid incentives
HITECH Funding
� $2 billion in direct funding for health IT efforts through the
Office of the National Coordinator
� $300 million reserved for supporting regional health information
exchange efforts
� $20 million reserved for national Institute on Standards and
TechnologyTechnology
� Incentives through Medicare and Medicaid to providers and
hospitals that adopt and use health IT systems
� Starting in 2011 and increases the deficit by $29 billion through
2019
� Includes Medicare penalties that start in 2015
� Health IT expected to reduce federal spending by approximately
$12 billion
Source: Minnesota e-Health Initiative Public Meeting on the HITECH Act, Wednesday, March 18, 2009
ARRA for Professionals
� Medicare Incentive Payments for Professionals
� If physicians are using a qualified EHR in 2011 or 2012, they can
receive up to $44,000 through Medicare
� Physicians practicing in “health professional shortage areas” can
receive a 10% additional payment, for a total of $48,400
� Applies to all physicians who can prove meaningful use of a � Applies to all physicians who can prove meaningful use of a
qualified EHR, regardless of purchase date
� Medicaid Incentive Payments for Professionals
� A professional in a FQHC or RHC with at least 30% needy
individuals
� Other non-hospital based professionals with at least 30%
Medicaid patient volumes
� Pediatricians with at least 20% Medicaid patient volumes
Source: Minnesota e-Health Initiative Public Meeting on the HITECH Act, March, 18, 2009
ARRA & Medicare
� Medicare Incentive Payments for Hospitals
� Hospitals can receive up to $8 million over four years if
they are using health IT starting in 2011
� Paid only a pro-rated amount of the total based on
Medicare share and transition factor
� Critical Access Hospitals are eligible for incentives that
cover actual costs based on Medicare share plus 20%
� Covers an average of 86% of allowed costs
� Medicare payments reduced for non-users beginning in
2015
Source: Minnesota e-Health Initiative Public Meeting on the HITECH Act, March, 18, 2009
ARRA & Medicaid
� Medicaid Incentive Program
� New Medicaid payments to certain providers with high
Medicaid volumes to cover the providers costs of
acquiring, using and maintaining certified EHR
technologytechnology
� Payments can cover up to 85% of the providers’ costs and
are matched at 100% Federal Financial Participation (FFP)
� Minnesota’s costs for administering the payments would be
matched at 90% FFP
� The State would be responsible for covering 10% of the
costs of administering the new payments
Source: Minnesota e-Health Initiative Public Meeting on the HITECH Act, March, 18, 2009
ARRA & Medicaid
� Medicaid Incentive Payments can be made to:
� Children’s hospitals (regardless of Medicaid patient
volume)
� Acute care hospitals with at least 10% Medicaid
patient volume (including CAHs)
� A professional in a FQHC or RHC with at least 30%
needy individuals
� Other non-hospital based professionals with at least
30% Medicaid patient volume
Source: Minnesota e-Health Initiative Public Meeting on the HITECH Act, March, 18, 2009
Meaningful Use
�To receive any of these incentive
payments, the “eligible professional”
or hospital must be a “meaningful or hospital must be a “meaningful
EHR user.”
Defining Meaningful Use
� The National Committee
on Vital and Health
Statistics held a hearing
on “meaningful use” of
health information
technology on April 28-
29, 2009
technology on April 28-
29, 2009
� Over 100 stakeholders
testified, and, for the most
part, agreed that
meaningful use should
include interoperability,
reporting quality measures,
and clinical decision
support
Defining Meaningful Use
� Nevertheless, with input from a broad group of
stakeholders, the HHS Secretary, Kathleen Sebelius,
will define meaningful use. The definition will
eventually affect all healthcare providers and
institutions in the country.institutions in the country.
� There is presently no definition, but we’ve heard it
may be released on June 16th—tomorrow!
Key to Health IT Reform
�”The definition (of ‘meaningful use’)
will inform everything that we do that
is related to health IT.” is related to health IT.”
� David Blumenthal, MD, National Coordinator for Health
Information Technology, April 28, 2009
This is What We Know Now
1. Using certified EHR technology in a “meaningful
manner,” including electronic prescribing, to the
“satisfaction of the Secretary”
Demonstrates “electronic exchange of health information 2. Demonstrates “electronic exchange of health information
to improve the quality of health care, such as promoting
care coordination,” to the satisfaction……
3. Reporting on clinical quality measures to the
satisfaction….
Certified EHR Technology
The ARRA defines “qualified electronic health record”
as:
an electronic record of health-related information on a individual that—
(A) Includes patient demographic and clinical health information, such as
medical history and problem lists;medical history and problem lists;
And (B) has the capacity –
(i)To provide clinical decision support;
(ii)To support physician order entry;
(iii)To capture and query information relevant to health care quality; and
(iv) To exchange electronic health information with, and integrate such
information from other sources.
*Note: emphasis added
Certified EHR Technology
� Certification Commission for Health Information
Technology (CCHIT) is the body that currently
certifies EHRs
� Ensures privacy and security of patient recordsEnsures privacy and security of patient records
� Ensures ability to send information between other
healthcare related entities, such as laboratories and
pharmacies
� CCHIT is now assigning certification criteria to each
of ARRA’s EHR qualifications
For additional information, see the “Concise Guide to CCHIT Certification Criteria” at www.cchit.org
Information Exchange
� The EHR user must demonstrate that the EHR is used
“for the electronic exchange of health information to
improve the quality of health care, such as
promoting care coordination.”
� Laboratory
� Medication
� Radiology
� Demographics
Reporting on Measures
� The EHR is used by eligible professional to submit
information, “in a form and manner specified by the
secretary, on such clinical quality measures and such
other measures as selected by the Secretary.”
� All measures will require public comment before
selected
� “The Secretary may not require the electronic reporting
of information under subparagraph (A)(iii) unless the
Secretary has the capacity to accept the information
electronically.”
Quality Measures
� Stakeholders testified that measures should focus
on:
� Quality deficits
� High variation� High variation
� Inappropriate utilization
� High costs
� Some want to keep the number of measures low—
subset of NQF-endorsed measures
Demonstration of Meaningful Use
� Professionals and hospitals “may satisfy the
demonstration requirement” by:
1. An attestation
2. The submission of claims with appropriate coding (such as a
code indicating that a patient encounter was documented code indicating that a patient encounter was documented
using certified EHR technology)
1. E-prescribing: using Part D data to
3. A survey response
4. Reporting of measures using EHR—NQF, etc.
5. Other means specified by the Secretary—patients, Leap
Frog,
Meaningful Use: Our Take
� The emphasis has to be on defining meaningful use in a
way that emphasizes USE, not simply adoption.
� without trained IT & HIM staff, organizational champions, a
climate that promotes change, and clinician engagement,
EHRs will fail to meet objectives, whatever they are.
� We are “drowning in data, but starved for knowledge.”� We are “drowning in data, but starved for knowledge.”
� Meaningful use must be defined dynamically, be tied
to health reform goals, and accommodate a phased-in
approach:
� Decision-support
� Health information exchange
� Quality reporting
Meaningful Use: Our Take
� Effective use (aka meaningful use) should include the
entire continuum, as emphasized by the MN e-
Health Initiative—from assessing through
interoperability
Meaningful Use: Our Take
� Focus of meaningful use must be patient-centric.
“IT is a tool, not a goal. Success should not be
measured by the number of hospitals with
computerized order entry systems or patients
with electronic personal health records. Success with electronic personal health records. Success
is when clinical outcomes improve. Success is
when everyone can learn which methods and
treatments work , and which don’t, in days
instead of decades.”
~Carol C. Diamond and Clay Shirky [1]
Diamond, C. C., & Shirky, C. (2008). Health Information Technology: A Few Years Of Magical Thinking?
Health Affairs, 27, w383-w390.
Marty Witrak, RN, PhD
mwitrak@css.edu
Questions?
mwitrak@css.edu
Shirley Eichenwald Maki, MBA, RHIA
seichenw@css.edu
Ryan Sandefer, MA
rsandefe@css.edu
eHealthProvider Webinar
July 2, 2013
Introduction to the EHR Incentive Programs:
Overview of Basic Eligibility, Payment
Information, and Key
Deadlines
Presentation Objectives
Assist Eligible Professionals with:
1.
Eligibility
requirements for EPs
2. Basic participation requirements
3. Key program deadlines
4. Payment amounts
5. Payment Adjustments & Hardship Exceptions
What are the EHR Incentive
Programs?
The Medicare and Medicaid EHR Incentive
Programs provide incentive payments to eligible
professionals (EPs) who demonstrate meaningful
use of electronic health records (EHRs)
EPs must demonstrate meaningful use and
submit measures for Stage 1, Stage 2, and Stage 3
What is meaningful use?
Meaningful use is using certified EHR technology to:
Improve quality, safety, efficiency, and reduce health
disparities
Engage patients and families in their health care
Improve care coordination
Improve population and public health
All the while maintaining privacy and security
Meaningful use mandated by law to receive incentives
How does the program work?
The EHR Incentive Programs consist of 3 stages of meaningful use
Each stage has its own set of requirements to meet in order to demonstrate
meaningful use
Stage 1
Data
capturing and
sharing
Stage 2
Advanced
clinical
processes Stage 3
Improved
outcomes
HIT can also turn data
into information
5
Eligibility
Who is eligible to participate?
Eligibility determined by law
Hospital-based EPs are NOT eligible for incentives
DEFINITION: 90% or more of their covered professional
services in either an inpatient (POS 21) or emergency room
(POS 23) of a hospital
Definition of hospital-based determined in law
Incentives are based on the individual, not the practice
Who is eligible to participate?
Medicare EPs include:
Doctors of medicine or osteopathy
Doctors of dental surgery or dental medicine
Doctors of podiatric medicine
Doctors of optometry
Chiropractors
EPs may not be hospital-based
CAH II physicians can begin participation in calendar year
(CY) 2013
Who is eligible to participate?
EPs in Medicare Advantage must:
Furnish, on average, at least 20 hours/week of patient-care
services and be employed by the qualifying MA organization
OR
Furnish, on average, at least 20 hours/week of patient care
services and be employed by, or be a partner of, an entity that
through contract with the qualifying MA organization furnishes
at least 80% of the entity’s Medicare patient care services to
enrollees of the qualifying MA organization
AND
80% of professional services are provided to enrollees of
the MAO
Who is eligible to participate?
Medicaid EPs include:
Physicians
Nurse practitioners
Certified nurse-midwives
Dentists
Physicians assistants working in a Federally Qualified
Health Center (FQHC) or rural health clinic (RHC) that is so
led by a physicians assistant
EPs may not be hospital-based
Who is eligible to participate?
Medicaid EPs must also meet one of the three patient
volume thresholds:
1. Have a minimum of 30% Medicaid patient volume
2. Pediatricians ONLY: Have a minimum of 20% Medicaid patient volume
3. Working in FQHC or RHC ONLY: Have a minimum of 30% patient
volume attributed to needy individuals
CHIP, sliding scale, free care only count toward
thresholds if working in RHC or FQHC
Are you eligible?
CMS has created an eligibility tool to help EPs
determine their eligibility:
Requirements
What are the requirements for
1st year Medicaid EPs?
MEDICAID – Only for first participation year:
Adopted – Acquired access to certified EHR technology in a legally and/or
financially committed manner
Implemented – Began using certified EHR technology
Upgraded – Demonstrated having upgraded access to EHR technology
newly certified in a legally and/or financially committed manner
Must be certified EHR technology capable of meeting meaningful
use
No EHR reporting period in 1st year, but in 2nd year Medicaid EPs
must meet the meaningful use requirements for 90 days
What are the requirements for
1st year Medicare EPs?
For the first year they participate, Medicare EPs have to:
Meet the requirements for and report data on a continuous 90-
day period during the calendar year (any 90 days from January
1st to December 31st)
For the remaining years they participate, EPs have to meet
the requirements for the entire calendar year
Both of these are called the reporting periods
What do Medicare EPs need for
registration?
Before registering:
Make sure to have an enrollment record in
the Provider Enrollment, Chain and
Ownership System (PECOS)*
Verify that the Medicare Administrative
Contractor (MAC) has the correct banking
information and payee information
including:
Bank account number
Bank routing number
Payee Address
Payee National Provider Identifier (NPI)
and Payee Tax Identification Number
(TIN) Combinations
When registering, have on-hand:
An NPI
A National Plan and Provider Enumeration
System (NPPES) Identity and Access
Management (I&A) ID and password for
the individual provider;
A Payee TIN
A Payee NPI
EHR Certification Number
•
•
•
•
••
•
•
•
•
•
What do Medicaid EPs need for
registration?
When registering, have on-hand:
An NPI
An NPPES I&A ID and Password
A Payee TIN
A Payee NPI**
EHR Certification Number
•
•
•
•
•
What are the requirements for
Stage 1 of meaningful use?
EPs participating must meet the following for Stage 1:
14 required core objectives
5 objectives chosen from a list of 10 menu set objectives
In addition to meeting the thresholds for the 14 core and 5 menu objectives, all
EPs have to report on clinical quality measures (CQMs)
Meaningful Use
13
Core
Measures
+ 5
Menu
Measures
+ 6
CQMs
= MU
Meaningful
Use
Beginning in 2014, reporting CQMs will no longer be part of the 14 core
measures, but will be still be required. The total of core measures will become 13.
What are the core objectives
for Stage 1?
EPs must meet all core objectives:
Core Objective Measure
1. CPOE Use CPOE for at least 30% of medication orders
2. Drug-drug and Drug-allergy
Checks
Enable drug-drug and drug-allergy checks on EHR
3. Problem List Record patient diagnoses for more than 80%
4. E-Rx E-Rx for more than 40%
5. Medication List Record patient medications for more than 80%
6. Medication Allergy List Record patient medications for more than 80%
7. Demographics Record demographics for more than 50%
8. Vital Signs Record vital signs for more than 50%
9. Smoking Status Record smoking status for more than 50%
10. Clinical Decision Implement one clinical decision support rule
11. Electronic Copy
Provide electronic copy of health information for more than
50% of patients
12. Clinical Summaries Provide clinical summaries to more than 50% of patients
13. Protect health information Conduct security risk analysis and implement security updates
What are the core objectives
for Stage 1?
EPs must meet all core objectives:
Core Objective Measure
EPs must select 5 menu objectives:
Menu Objective Measure
1. Drug Formulary Checks Enable the formulary check for the entire reporting period
2. Lab Results Incorporate lab results for more than 40%
3. Patient List Generate patient list by specific condition
4. Preventive Reminders
Use EHR to identify and provide reminders for preventive/follow-up care for
more than 20% of patients 65 years or older or 5 years old or younger
5. Patient Access Provide online access to health information for at least 10%
6. Education
Resources
Use EHR to identify and provide education resources more than 10%
7. Rx Reconciliation Medication reconciliation at more than 50% of transitions of care
8. Summary of Care
Provide summary of care document for more than 50% of transitions of
care and referrals
9. Immunization Registries Submit at least one immunization registry electronically
10. Syndromic Surveillance Perform at least one transmission of syndromic surveillance data
What are the menu objectives
for Stage 1?
What do EPs need for
attestation?
Before attesting Medicare EPs should have:
Met all of the necessary measures to successfully demonstrate meaningful
use and qualify for an EHR incentive payment
Completed the appropriate reporting period and timeframe
A successful and active Registration status in the Registration and Attestation
system
An EHR Certification Number
State requirements may vary for Medicaid EPs
EPs should refer to their State for details about attestation
What is required for Stage 2?
In the Stage 1 meaningful use regulations, CMS had established a timeline that
required providers to progress to Stage 2 criteria after two program years under
the Stage 1 criteria
CMS delayed the onset of Stage 2 criteria, therefore the earliest that the Stage 2
criteria will be effective is in calendar year 2014 for EPs
EPs must meet the following for Stage 2:
17 core objectives
3 menu objectives that they select from a total list of 6
–
–
Deadlines
What are the important 2013
deadlines?
Date Deadline
October 3, 2013 Last day for EPs to begin 90-day reporting period for CY 2013
December 31,
2013
Reporting year ends for EPs
February 28,
2014
Last day for Medicare EPs to register and attest to receive an
incentive payment for CY 2013 (deadline varies for Medicaid
EPs)
January 1, 2014- Reporting period begins for EPs for CY 2014 (90
days for Medicaid and 3 months on the quarter for Medicare)
What is happening in 2014?
For 2014 only, all providers regardless of their stage of meaningful use are
only required to demonstrate meaningful use for a 3-month EHR reporting
period:
For Medicare EPs- 3-month reporting period is fixed to the quarter of
the year in order to align with existing CMS quality measurement
programs
For Medicaid EPs- 3-month reporting period is not fixed for Medicaid
EPs that are only eligible to receive Medicaid EHR incentives, where
providers do not have the same alignment needs
This one-time 3-month reporting period in 2014 will help all providers who must upgrade to 2014
Certified EHR Technology to have adequate time to implement their new Certified EHR systems
Payment Amounts
How sequestration affects EHR
payments
As required by law, President Obama issued a sequestration order on March 1,
2013:
Under these mandatory reductions, Medicare EHR incentive payments made to EPs
and eligible hospitals will be reduced by 2%
The 2% reduction will be applied to any Medicare EHR incentive payment for a
reporting period that ends on or after April 1, 2013
If the final day of the reporting period occurs before April 1, 2013, those incentive
payments will not be subject to the reduction
Medicaid payments are not affected by sequestration
The Medicare payment slides do not take into account the 2% reduction for
sequestration
How much are Medicare
incentive payments?
Incentive amounts based on Fee-for-Service allowable
charges
Maximum incentive for EPs starting in 2013 is $39,000 over 4
years
Must begin by 2014 to receive incentive payments
Extra bonus amount available for practicing predominantly in
a Health Professional Shortage Area
Only 1 incentive payment per year
Medicare incentive payment
schedule
Maximum
Payment
by Start
Year
2011 2012 2013 2014 2015 2016
2011 1 1 1 2 2 3
$44,000 18,000 12,000 8,000 4,000 2,000
2012 1 1 2 2 3
$44,000 18,000 12,000 8,000 4,000 2,000
2013 1 1 2 2
$39,000 15,000 12,000 8,000 4,000
2014 1 1 2
$24,000 12,000 8,000 4,000
Medicare incentive payment sequestration
schedule*
*This 2% reduction will be applied to any Medicare EHR incentive payment for a
reporting period that ends on or after April 1, 2013. If the final day of the reporting
period occurs before April 1, 2013, those incentive payments will not be subject to the
reduction.
Maximum
Payment
by Start
Year
2011 2012 2013 2014 2015 2016
2011 1 1 1 2 2 3
$43,720 18,000 12,000
7,840
Reduction ($160)
3,920
Reduction ($80)
1,960
Reduction ($40)
2012 1 1 2 2 3
$43,480 18,000
11,760
Reduction ($240)
7,840
Reduction ($160)
3,920
Reduction ($80)
1,960
Reduction ($40)
2013 1 1 2 2
$38,220 14,700
Reduction ($300)
11,760
Reduction ($240)
7,840
Reduction ($160)
3,920
Reduction ($80)
2014 1 1 2
$23,520 11,760
Reduction ($240)
7,840
Reduction ($160)
3,920
Reduction ($80)
How much are Medicaid
incentive payments?
Maximum incentives are $63,750 over 6 years
Incentives are same regardless of start year
The first year payment is $21,250
Must begin by 2016 to receive incentive payments
No extra bonus for health professional shortage areas
Incentives available through 2021
Only 1 incentive payment per year
Medicaid incentive payments
amounts
Annual Incentive Payment by Stage of Meaningful Use
Year 1 Year 2 Year 3 Year 4 Year 5 Year 6
(AIU) 1 1 2 2 3
$21,250 $8,500 $8,500 $8,500 $8,500 $8,500
Maximum incentive payment amount is $63,750. Payments are made over 6 years and
do not have to be consecutive.
*2016 is the last year that Medicaid EPs can begin participation in the program.
When Do I Start Stage 2?
http://cms.gov/Regulations-and-
Guidance/Legislation/EHRIncentivePrograms/Participation-Timeline.html
http://cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Participation-Timeline.html
http://cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Participation-Timeline.html
Payment Adjustments
& Hardship Exceptions
Medicare EPs and payment
adjustments
The HITECH Act stipulates that for Medicare EPs a payment adjustment
applies if they are not a meaningful EHR user
An EP becomes a meaningful EHR user when he/she successfully attest to
meaningful use under either the Medicare or Medicaid EHR Incentive
Program
Adopt, implement and upgrade ≠ meaningful use
A provider receiving a Medicaid incentive for AIU would still be subject to
the Medicare payment adjustment.
Avoiding the 2015 payment
adjustments
Demonstrate meaningful use to CMS by:
Apply to CMS for a hardship exemption by July 1, 2014
Medicaid EPs are not subject to payment adjustments
Meaningful EHR User in 2011 or 2012 Never been a Meaningful EHR User
End EHR reporting period by December
13, 2013
End EHR reporting period by
September 30, 2014
Attest by February 28, 2014 Attest by October 1, 2014
Payment adjustments for
EPs eligible for both programs
Eligible for both programs?
If you are eligible to participate in both the Medicare and Medicaid EHR Incentive
Programs, you MUST demonstrate meaningful use according to the timelines in the
previous slides to avoid the payment adjustments. You may demonstrate meaningful
use under either Medicare or Medicaid.
Note: Congress mandated that an EP must be a meaningful user in order to avoid the payment
adjustment; therefore receiving a Medicaid EHR incentive payment for adopting, implementing,
or upgrading your certified EHR Technology would not exempt you from the payment
adjustments.
What are the hardship
exceptions for EPs?
EPs can apply for hardship exceptions in the following categories:
1. Infrastructure
EPs must demonstrate that they are in an area
without sufficient internet access or face
insurmountable barriers to obtaining
infrastructure (e.g., lack of broadband).
2. New EPs
Newly practicing EPs who would not have had
time to become meaningful users can apply for
a 2-year limited exception to payment
adjustments.
3. Unforeseen Circumstances
Examples may include a natural disaster or other
unforeseeable barrier.
4. EPs must demonstrate that they meet the
following criteria:
Lack of face-to-face or telemedicine interaction
with patients
Lack of follow-up need with patients
5. EPs who practice at multiple locations must
demonstrate that they:
Lack of control over availability of CEHRT for more
than 50% of patient encounters
•
•
What are the hardship
exceptions for EPs?
EPs whose primary specialties are anesthesiology, radiology or pathology:
As of July 1st of the year preceding the payment adjustment year, EPs in these
specialties will receive a hardship exception based on the 4th criteria for EPs
EPs must demonstrate that they meet the following
criteria:
Lack of face-to-face or telemedicine interaction with
patients
Lack of follow-up need with patients
•
•
How do EPs apply for a
hardship exceptions?
Applying: EPs, eligible hospitals, and CAHs must apply for hardship exceptions to avoid the
payment adjustments.
Granting Exceptions: Hardship exceptions will be granted only if CMS determines that
providers have demonstrated that those circumstances pose a significant barrier to their
achieving meaningful use.
Deadlines: Applications need to be submitted no later than April 1 for hospitals, and July 1
for EPs of the year before the payment adjustment year; however, CMS encourages earlier
submission
For More Info: Details on how to apply for a hardship exception will be posted on the CMS EHR
Incentive Programs website in the future: www.cms.gov/EHRIncentivePrograms
http://www.cms.gov/EHRIncentivePrograms
Resources
Resources from CMS and ONC
Get information, tip sheets and more at CMS’ official website for
the EHR incentive programs: www.cms.gov/EHRIncentivePrograms
Introduction to EHR Incentive Programs
Frequently Asked Questions (FAQs)
Meaningful Use Attestation Calculator
Registration & Attestation User Guides
Listserv
Learn about certification and certified EHRs, as well as other ONC
programs designed to support providers as they make the
transition: www.healthit.gov/
http://www.cms.gov/EHRIncentivePrograms
http://www.healthit.gov/
Questions?
The Electronic Health Record (EHR) Information Center is open to assist you
with all of your registration and attestation system inquiries.
7:30 a.m. – 6:30 p.m. (Central Time) Monday through Friday (except federal
holidays)
1-888-734-6433 (primary number) or 888-734-6563
(TTY number)
•
•
- Introduction to the EHR Incentive Programs: Overview of Basic Eligibility, Payment Information, and Key Deadlines
Presentation Objectives
What are the EHR Incentive Programs?
What is meaningful use?
How does the program work?
Stage 1
Stage 2
Stage 3
Eligibility
Who is eligible to participate?
Are you eligible?
Requirements
What are the requirements for 1st year Medicaid EPs?
What are the requirements for 1st year Medicare EPs?
What do Medicare EPs need for registration?
Before registering:
When registering, have on-hand:
What do Medicaid EPs need for registration?
When registering, have on-hand:
What are the requirements for Stage 1 of meaningful use?
Meaningful Use
What are the core objectives for Stage 1?
What do EPs need for attestation?
What is required for Stage 2?
Deadlines
What are the important 2013 deadlines?
What is happening in 2014?
Payment Amounts
How sequestration affects EHR payments
How much are Medicare incentive payments?
Medicare incentive payment schedule
Medicare incentive payment sequestration schedule*
How much are Medicaid incentive payments?
Medicaid incentive payments amounts
When Do I Start Stage 2?
Payment Adjustments & Hardship Exceptions
Medicare EPs and payment adjustments
Avoiding the 2015 payment adjustments
Payment adjustments for EPs eligible for both programs
Eligible for both programs?
What are the hardship exceptions for EPs?
How do EPs apply for a hardship exceptions?
Resources
Resources from CMS and ONC
Questions?
A HIMSS Guide to Participating in a Health Information
Exchange
HIMSS Healthcare Information Exchange
HIE Guide Work Group White Paper
November 2009
© 2009 Healthcare Information and Management Systems Society (HIMSS). 1
Table of Contents
…………………………………………………………………………………………………………. 5
Target Audience(s)……………………………………………………………………………………………………………….. 5
How to Use This Guide…………………………………………………………………………………………………………. 6
…………………………………………………………………………………………………… 6
What is an HIE? …………………………………………………………………………………………………………………… 6
The National Perspective ………………………………………………………………………………………………………. 7
HIE Commonly Offered Services …………………………………………………………………………………………… 8
HIE Content Examples………………………………………………………………………………………………………… 14
…………………………………………. 14
The Centralized Model………………………………………………………………………………………………………… 15
The Decentralized or Federated Model………………………………………………………………………………….. 17
The Hybrid Model………………………………………………………………………………………………………………. 19
The Health Record Banking Model ………………………………………………………………………………………. 20
International Models …………………………………………………………………………………………………………… 20
State-Led vs. Community-Based Models ………………………………………………………………………………. 21
Industry Drivers ……………………………………………………………………………………………………………… 22
The Business Models ………………………………………………………………………………………………………….. 22
………………………………………… 23
Technology Building Blocks ……………………………………………………………………………………………. 23
Network Infrastructure ………………………………………………………………………………………………………… 23
HIE Applications………………………………………………………………………………………………………………… 24
Middleware ……………………………………………………………………………………………………………………….. 24
Integration Engine ………………………………………………………………………………………………………….. 24
Patient Matching Algorithms and Enterprise Master Patient/Person Index (EMPI) …………………….. 25
Proprietary Products ……………………………………………………………………………………………………….. 25
Open Source Products……………………………………………………………………………………………………… 26
Record Locator Service……………………………………………………………………………………………………….. 26
Provider Matching………………………………………………………………………………………………………………. 28
Applicable Standards ………………………………………………………………………………………………………….. 28
About Standards……………………………………………………………………………………………………………… 28
Core Standards……………………………………………………………………………………………………………….. 28
Standards for Transactions ………………………………………………………………………………………………. 29
……………………………………………………………… 31
Understanding the Goals and Philosophy of the HIE ………………………………………………………………. 32
Understanding to What Your Organization will need to Commit by Participating in an HIE ……….. 33
Understanding the Prevalence of Nationally-Accepted Standards …………………………………………….. 33
Understanding the Value for Users of the HIE Information and Data………………………………………… 34
Understanding the Economics and Financial Sustainability of the HIE ……………………………………… 35
Understanding Risks …………………………………………………………………………………………………………… 36
Understanding Applicable Regulations …………………………………………………………………………………. 36
Understanding Leadership and Governance …………………………………………………………………………… 36
Understanding the HIE’s Maturity………………………………………………………………………………………… 37
……………………………………………………………………. 39
……………………………………………………………………………….. 40
……………………………………………………………. 46
HIPAA ……………………………………………………………………………………………………………………………… 46
© 2009 Healthcare Information and Management Systems Society (HIMSS). 2
Privacy Rule…………………………………………………………………………………………………………………… 46
Security Rule …………………………………………………………………………………………………………………. 47
American Recovery and Reinvestment Act ……………………………………………………………………………. 47
Business Associates ………………………………………………………………………………………………………… 47
Marketing/Sale of PHI …………………………………………………………………………………………………….. 48
Electronic Health Records ……………………………………………………………………………………………….. 48
Disclosures…………………………………………………………………………………………………………………….. 48
Breach Notification…………………………………………………………………………………………………………. 48
Education Programs………………………………………………………………………………………………………… 48
Enforcement/Penalties …………………………………………………………………………………………………….. 48
State Laws …………………………………………………………………………………………………………………………. 48
…………………………………………………………………………. 50
Background ……………………………………………………………………………………………………………………….. 50
Regional Business Environment & Demographics ……………………………………………………………… 50
Factors Aligning and Driving Local Stakeholders ………………………………………………………………. 50
Operations …………………………………………………………………………………………………………………………. 50
Vision, Mission and Guiding Principles …………………………………………………………………………….. 50
Governance and Management Structure…………………………………………………………………………….. 51
Service Offerings ……………………………………………………………………………………………………………. 52
Technical Architecture…………………………………………………………………………………………………….. 52
Unique Operational Considerations…………………………………………………………………………………… 52
Sustainability……………………………………………………………………………………………………………………… 52
Business Model Summary ……………………………………………………………………………………………….. 52
Realized Benefits ……………………………………………………………………………………………………………. 53
…………………………………………………………………………………. 54
Background ……………………………………………………………………………………………………………………….. 54
Regional Business Environment and Demographics……………………………………………………………. 54
Factors Aligning and Driving Local Stakeholders ………………………………………………………………. 54
Operations …………………………………………………………………………………………………………………………. 54
Vision, Mission and Guiding Principles …………………………………………………………………………….. 54
Governance and Management Structure…………………………………………………………………………….. 55
Service Offerings ……………………………………………………………………………………………………………. 55
Technical Architecture…………………………………………………………………………………………………….. 55
Sustainability……………………………………………………………………………………………………………………… 55
Business Model Summary ……………………………………………………………………………………………….. 55
Realized Benefits ……………………………………………………………………………………………………………. 56
………………… 57
Background ……………………………………………………………………………………………………………………….. 57
Regional Business Environment & Demographics ……………………………………………………………… 57
Factors Aligning & Driving Local Stakeholders …………………………………………………………………. 57
Operations …………………………………………………………………………………………………………………………. 58
Vision, Mission, and Guiding Principles ……………………………………………………………………………. 58
Governance and Management Structure…………………………………………………………………………….. 58
Service Offerings ……………………………………………………………………………………………………………. 59
Technical Architecture…………………………………………………………………………………………………….. 60
Sustainability……………………………………………………………………………………………………………………… 63
Business Model Summary ……………………………………………………………………………………………….. 63
Marketing Plan……………………………………………………………………………………………………………….. 63
Risk Management …………………………………………………………………………………………………………… 65
© 2009 Healthcare Information and Management Systems Society (HIMSS). 3
Realized Benefits ……………………………………………………………………………………………………………. 68
…………………………………………………………………………………………………………. 70
………………………………………………………………………………………………………………… 80
© 2009 Healthcare Information and Management Systems Society (HIMSS). 4
Section 1 – Introduction
When the idea for this guide was first conceived, meaningful use was not in the forefront of healthcare
discussions and the landmark 2009 Health Information Technology for Economic and Clinical Health
(HITECH) Act in the American Recovery and Reinvestment Act (ARRA) was not yet a reality. Even
with the passing of HITECH, the original objective of this guide remains important to the current
healthcare discussion. The focus of this guide is to provide individual stakeholders with a tool that
assists in the decision-making process of joining a health information exchange (HIE). For the
beginner, the tool will provide basic background information that most people should understand
before engaging with an HIE. Building upon the background information presented in this paper, a list
of questions is provided that stakeholders may use as a guide to explore participation in an HIE. The
suggested questions are intended to provide a clear-cut decision process to guide organizations’
choices. This guide does not provide insight into meaningful use as outlined in HITECH and is not
intended to be a comprehensive guide nor will it lead a stakeholder in making the right choice.
Participating in a local HIE is an important step for organizations that want to establish the foundation
for improving patient safety, quality of care and decreasing the cost of health-related activities. There
are many published reports that cite statistics on patients that die every year due to missing or
inadequate information at the point of care. Other industries have placed importance on obtaining
reliable information used in decision making. This reliance on information has transformed many
other industries in the past 15 years. Healthcare has been slow to transform in that the information
needed is in so many disparate locations. An HIE attempts to pull disparate information together so
that it becomes more useful; one element of a sustainable model that will help transform the industry.
Meaningful use is an essential factor in health reform. This guide will continue to evolve in 2010 and
provide guidance on how an HIE can be a tool in healthcare transformation and achieving meaningful
use.
Target Audience(s)
This guide is intended to be used by any stakeholder faced with the challenge of making a decision on
whether to participate in an HIE. The stakeholders that can have an interest in providing or obtaining
information from an HIE are defined as:
• Consumers, especially seniors;
• caregivers;
• physicians and clinicians;
• hospital provider organizations;
• hospital administrators;
• third-party payors and health plans, including Medicare and Medicaid;
• employers;
• government agencies;
• public health departments;
• retail providers;
• durable medical equipment providers; and
• educators/researchers.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 5
How to Use This Guide
This guide is divided into six sections, plus appendices. The first four sections provide the background
necessary to understanding what an HIE is, followed by common approaches and data standards. The
appendices include case studies that can be helpful to understand the different models, as well as the
glossary of terminology. Section 5 and the checklist identify the questions that should be asked in
evaluating a particular HIE opportunity.
Section 2 – Defining the HIE
What is an HIE?
An HIE automates the transfer of health-
related information that is typically stored
in multiple organizations, while
maintaining the context and integrity of
the information being exchanged. An
HIE provides access to and retrieval of
patient information to authorized users in
order to provide safe, efficient, effective
and timely patient care. Formal
organizations have been formed in a
number of states and regions that provide
technology, governance and support for
HIE efforts. Those formal organizations
are termed health information
organizations (HIO) or even regional health information organizations (RHIO).
Figure 1. HIE Overview
HIEs are formed by a group of stakeholders from a specific area or region to facilitate the electronic
exchange of health-related information for the purpose of improving healthcare for a defined
population. Thus, HIEs provide the ability for participating organizations to safely and securely share
health information with authorized providers to improve and expedite the clinical decision-making
process. An HIE is not an information system within a single organization, nor is it one that has a
single directional flow of information. A true HIE involves multi-directional flows of information
electronically between providers (hospitals, physicians, clinics, labs) and other sources of
administrative or clinical information provided by consumers, health plans, employers, local, state or
national organizations.
The HIE is a tool to facilitate the aggregation of data into a longitudinal electronic health record for all
citizens.
Below are a few definitions that are instrumental to understanding what an HIE is and what it is not.
Other definitions will be found in the appendix at the end of this white paper.
Definitions: In April 2008, the National Alliance for Health Information Technology (NAHIT)
released “Defining Key Health Information Technology Terms.”1 This report to the Office of the
National Coordinator (ONC) for Health Information Technology was an effort to eliminate the
1 http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10741_848133_0_0_18/10_2_hit_terms .
© 2009 Healthcare Information and Management Systems Society (HIMSS). 6
http://www.hhs.gov/healthit/documents/m20080603/10_2_hit_terms
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10741_848133_0_0_18/10_2_hit_terms
ambiguity of meaning and to create a shared understanding of key terms. According to NAHIT, the
three network terms are HIE, HIO and RHIO and are defined as:
HIE: The electronic movement of health-related information among organizations according
to nationally recognized standards.
HIO: An organization that oversees and governs the exchange of health-related information
among organizations according to recognized standards.
RHIO: An HIO that brings together healthcare stakeholders within a defined geographic area
and governs health information exchange among them for the purpose of improving health and
care in that community.
The following defines key terms related to HIE:
EHR: An electronic record of health-related information on an individual that conforms to
nationally recognized interoperability standards and that can be created, managed and consulted
by authorized clinicians and staff across more than one healthcare organization.
EMR: An electronic record of health-related information on an individual that can be created,
gathered, managed and consulted by authorized clinicians and staff within one healthcare
organization.
PHR: An electronic record of health-related information on an individual that conforms to
nationally recognized interoperability standards and that can be drawn from multiple sources
while being managed, shared and controlled by the individual or the health consumer.
NHIN: A goal of the United States government is to “…digitize patients’ health records and
medical files and create a national network to place the information in.”2 The nationwide health
information network (NHIN)—currently in its developmental stage—will ultimately provide a
secure, nationwide, interoperable health information infrastructure that will connect providers,
consumers and other stakeholders. The ONC refers to NHIN as a “network of networks”
(hhs.gov) which connects all healthcare information providers, including HIEs, health plans,
providers, federal agencies and many more through a national health exchange.”3
The National Perspective
Congress has recognized the importance of moving the country toward adoption of EHRs and HIEs.
In 2004, President George W. Bush provided leadership for the development and implementation of a
national health IT program to improve healthcare quality and efficiency.4 His executive order created
the Office of the National Coordinator for Health Information Technology (then called ONCHIT, now
ONC) whose mission is to provide leadership for developing and promoting health IT as a means to
improve the quality and efficiency of healthcare in the United States. The American Recovery and
2 World Privacy Forum Web site. Available at: www.worldprivacyforum.org.
3 NHS Connecting for Health Web site. Available at: www.connectingforhealth.nhs.uk.
4 The White House Office of the Press Secretary. Executive Order: Incentives for the Use of Health Information
Technology and Establishing the Position of the National Health Information Technology Coordinator. Washington, DC.
April 27, 2009.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 7
http://www.worldprivacyforum.org/
http://www.connectingforhealth.nhs.uk/
Reinvestment Act of 2009 (ARRA) requires a minimum of $300 million to support efforts to build
HIEs which promote the usage of EHRs. Grants will be available for states that can demonstrate
readiness to develop HIEs. To qualify, each state must establish or facilitate the establishment of
governance structures, technical infrastructure, and privacy and security measures. A state-designated
entity could be a state governance structure or a separate nonprofit entity.5 As more information
becomes available regarding ARRA and the definition of meaningful use, HIE resources and tools will
require updating.
HIE Commonly Offered Services
An HIE is a complex set of technologies which enables the aggregation of health-related information
for an individual, as well as offering a number of specialized services for the community it serves.
Usually, HIE capabilities are described as a set of electronic “services” that allow the HIE to interact
with participating systems in a consistent, reliable way. The illustration below highlights an
architectural view of the different services that one can expect from an HIE.6 From a clinical or
business perspective, access channels contain types of services such as physician Web portals, PHRs,
clinical messaging, clinical interoperability and exchange of data from electronic medical records, as
well as the common administration of security services necessary to ensure that data is used
appropriately.
Figure 2. HIE Implementation Architectural View
5 Advisory Board Daily Briefing, 2-17-2009.
6 Fairchild Consulting, Greater Rochester IPA Architecture Briefing, 2008.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 8
A
cc
es
s
C
h
an
n
el
s
B
u
si
n
es
s
L
ay
er
A
cc
es
s
L
ay
er
D
at
a
L
ay
er
D
at
a
P
ro
vi
d
er
s
&
R
ec
ei
ve
rs
In
te
g
ra
tio
n
L
ay
er
Secured Gateway / Web Portal (VPN, Secured Web Services)
Protocol
Adaptors
HIE Application
Adaptors
Message
Routing/Maping
Services
Queuing Services Orchestration
Services
Audit Logs
Clinical Protocols
& Guidelines
Business
Rules
Record Locator
Information
Patient
Demographics &
Registry
Patient Clinical
Health Records
Clinician
Information &
Registry
Security
Policy
Privacy Services
Anonymization
Patient Consent
Patient Access
Security Services
Credentialing
Identity Mgmt
(Authentication)
Vocabulary
Services
EMPI
Services
Record Locator
Services
Longitudinal
Record Services
Assembly of Records
Reporting
Services
Operational
Decision Support
Bio-Surveillance
HIPAA
Shared Message
Services
General
Services
Auditing
Logging
Error Handling
Physician Practices Patient’s PHR
Hospital Clinicians
Pharmacies Reference Labs
Imaging Centers
Ambulatory
EMR Systems
Hospitals
Lab Order Entry
Systems
Practice Management
Systems
Public Health
Reporting
Connected
Communities
Communication BusInfrastructure Services HIE Services
Patient Consent
Rules
Connected
Communities
Message Bus – Data Transport – HIE Gateways
SMSAmbulatory
EMR Systems
Work Flow
Services
Vocabulary
Services
Vocabulary
Secured Health
Messages
To provide these services, HIEs are designed to use one to two forms of data sharing methods, called
“push” and “pull” technologies. Understanding the difference between how clinical data is obtained in
an HIE is important because it will dictate the method in which information is shared. “Portals are a
pull (query) technology, requiring physicians to search for the data they need. Push technology, on the
other hand, automatically delivers clinical data to the user in the desired format: paper, fax,
electronically to a viewer or electronically to an EMR of the physician’s choice. Best-in-class push
technologies also allow for tailoring of various types of results and data delivery.”7 In addition, “a
good HIE solution should provide a push technology, delivering the vast majority of hospital and other
results, while also providing a query solution for the few use cases where there doesn’t yet exist a
patient-physician relationship that would enable push delivery.”8 HIE’s must provide access to
information regardless of the technology in use or not in use. There are still a large percentage of
physician offices that do not have access to electronic medical records. Understanding this technology
is important for determining which methods are most appropriate for obtaining and viewing patient
data.
The following information describes the vast number of stakeholders facing (access channels) services
that may be rendered from an HIE. Not all HIE’s provide all of these services.
7 Massengill S. Can portals deliver? ADVANCE for Healthcare Information Executives. March 2009;(2).
8 Massengill S. Can portals deliver for hospitals and integrated delivery networks? HIMSS News. March 2009.
http://www.himss.org/ASP/ContentRedirector.asp?ContentID=68755
© 2009 Healthcare Information and Management Systems Society (HIMSS). 9
Patient Portals: Healthcare patient portals were initially created and deployed early by hospitals
“…for affiliated or employed physicians as a single place where they could remotely access various
hospital-based applications… Single sign-on tools were developed to enable one login event to be used
by multiple applications, and context management tools were built to enable patient context to be
maintained as the user switched applications.”9 As a leading example, the physician-driven Ann Arbor
Area Health Information Exchange “…started with four group practices that use the same EHR system
and access data from two hospitals. Now, the HIE is testing a Web portal to enable other physicians,
including those without EHRs, to participate.”10
The Western North Carolina Health Network is another example, with 16 independent hospital systems
jointly providing geographically dispersed clinicians with timely and comprehensive patient
information.11
The next section will describe the different types of storage infrastructures for healthcare portals.
Some require a centralized data repository where those who seek the information go to one location to
search for patient data. Others do not use a centralized data repository but rely on a record locator
service to identify the sources of data on the patient. This approach requires all data sources to be
available at all times due to its’ real-time secure layer that sits between the requesting provider and the
sources of information. Whatever form of storage is used, Web portals are a way to centrally search for
patient information. Using a portal as a single source to search and access patient information is much
more efficient than obtaining patient-related health records manually or establish individual access
from numerous healthcare systems. As more physicians have access to electronic medical records, the
portal technology will evolve to make use of automated workflow so that the physician can access his
or her own system to retrieve information on patients.
Clinical Messaging: Clinical messaging, which can utilize either push or pull technology, has become
a key service in a successful model of an HIE. Early HIEs saw this method of sharing information as a
way of providing early benefits to the health community. “A clinical message service provides a
secure, electronic infrastructure to automate the delivery of health data to any site where clinical
patient care decisions are made. For example, a clinical message service can automate result reporting
from a laboratory to a clinic (i.e., replace a fax or other printed results with an electronic file). A
clinical message service can also enable secure electronic forwarding of reports between clinicians to
facilitate patient care.”12 A thriving southern Indiana information exchange recognized the importance
of having clinical messaging as a primary method for patient data sharing and has utilized this service
as a method for delivering clinical results. This effort “…enhanced the value of hospital repositories
by mobilizing the data to EMR and non-EMR physician practices.”13 In the Indiana HIE, clinical
messaging is also used as an alternative to a Web portal. “With Clinical Messaging, hospitals have
less need to support complex single sign-on (SSO) portals, which are getting more difficult to maintain
as ambulatory care EMR adoption improves. Besides being isolated from physicians’ IT systems, the
principal limitation with portals is that physicians are not notified when new data becomes available.
These silos of information are merely storehouses for physicians to access.”9 Deciding to use clinical
9 Massengill S. From portals to HIE: can portals deliver for hospitals and health systems? Advance for Health Information
Executives. March 11, 2009. Available at: http://health-care-it.advanceweb.com/editorial/content/editorial.aspx?cc=195508.
10 Goedert J. Lessons from the HIE front. Health Data Management. February 1, 2009. Available at:
http://www.healthdatamanagement.com/issues/2009_61/27632-1.html
11 WNC Health Network Web site. Available at: http://www.wnchn.org/..
12 Redwood Med Net Web site. Available at: http://www.redwoodmednet.org/projects/hie/index.html.
13 Rowland T. HealthLINC: lessons learned from first generation of operational HIEs. HIMSS News [online]. February 4,
2009. Available at: http://www.himss.org/ASP/ContentRedirector.asp?ContentID=68905.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 10
http://health-care-it.advanceweb.com/editorial/content/editorial.aspx?cc=195508
http://www.redwoodmednet.org/projects/hie/index.html
http://www.himss.org/ASP/ContentRedirector.asp?ContentID=68905
messaging, healthcare portals or a combination of both, is a vital choice that each healthcare
organization must make. HIEs use clinical messaging to improve the timeliness of communication and
reduce the cost of communication. Without an HIE with clinical messaging, communication is labor
intensive and costly if built with proprietary linkages.
Clinical Interoperability: Many healthcare organizations throughout the United States have already
invested heavily in existing healthcare information systems. The key to a successful HIE is the ability
to promote interoperability with disparate systems to ensure that healthcare providers can
electronically exchange patient data residing in several different foreign systems. Today, access to
important clinical data resides in the silos of electronic medical records. It is impossible to gather all
of the necessary information without clinical interoperability. “Health Information Exchange (HIE) is a
long-term vision that results in interoperability that will improve healthcare processes with respect to
safety, quality, cost, and other indicators. Progress is being made through planning, pilot programs,
standards adoption and implementing HIE technologies of varying degrees of sophistication. A number
of voluntary industry efforts show promise; however, we are still a long way from realizing the goal.
The fact is, building a truly interoperable national HIE is not easy, either culturally or technically. The
key to reaching the clinical interoperability goal is to capitalize on necessary tools, standards and
resources that meet current practical (funded) objectives in such a way that incrementally creates an
HIE infrastructure. Then, organizations can add capacity and functionality in order to accommodate
complex, bandwidth-intensive clinical information and connectivity, interoperability and security
mechanisms.”14
Electronic Health Record (EHR): In order to successfully participate in providing patient data to an
HIE, healthcare providers must face the challenge of implementing a longitudinal EHR. Such
challenges have traditionally been tied to the difficulties relating to institutional adoption and
investment commitments required to achieve clinical interoperability with other organizations. One
step towards creating an electronic health record requires that individual organizations first implement
their own electronic medical records. With ARRA, hospitals and physicians will receive incentives to
automate their patient records. Hospital incentives start at $2 million annually, with an additional
reimbursement amount tied to annual Medicare discharge volume, and decrease for each subsequent
year during the five-year incentive period. Non-hospital-based physicians and physician groups can
expect to receive funding if they have qualifying EHR systems in place by 2011.15 Several other
qualifying criteria must be met in order to receive the funding and further clarification is needed on
various definitions. Details from the federal government will be forthcoming on the definitions of
qualifying criteria and certification standards as outlined in ARRA.
Personal Health Record (PHR): The PHR is a tool that individual health consumers can use to
collect, track and share past and current information about their personal health or the health of a
family member. Sometimes this information can save money and the inconvenience of repeating
routine medical tests. Even when routine procedures do need to be repeated, the PHR can give
providers more insight into an individual’s personal health story. When connected to an HIE, the PHR
has the potential of becoming a critical component of the comprehensive, longitudinal health record
that serves individual health consumer, physicians, insurers, employers and other stakeholders.
Components of a PHR may include: important reminders for health maintenance and preventive care
tailored to each patient; journals to track diet, exercise, appointments, past and current providers and
14 Watkins, Larry Making Meaningful Progress Toward HIE. September 9, 2009.
15 Silva C. Practices paperless before 2012 could maximize Medicare bonuses. American Medical News. March 16, 2009.
Available at: http://www.ama-assn.org/amednews/2009/03/16/gvsa0316.htm.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 11
http://www.ama-assn.org/amednews/2009/03/16/gvsa0316.htm
dental and eye records; and links to historical care summaries that provide individuals with a
comprehensive healthcare diary for patients and their families. The PHR must provide for consumer
control and data additions as well as integrate with other clinical and educational data sources.
Record Locating: The HIE maintains the ability to identify individuals and to link them to potential
sources of information through Person Identification (PI) and registry services within a directory
structure. Ensuring accurate identification is a challenge in an HIE, as each participating organization
will have its own medical record number or person identifiers. In the absence of a national unique
identifier for healthcare, a matching process is used for positive person identification when any
participating organization seeks to find information within the HIE for a given person. In addition, a
record locator service (RLS) may be needed. In some HIEs where a decentralized (federated)
architecture is used, the RLS identifies where data may reside for a given person in order to feed that
back to the requesting organization. In a consolidated model, enterprise master patient index (EMPI)
identifies the patient and manages the patient’s related data as the HIE receives demographic and/or
clinical data into the HIE environment.
Once the patient is identified, common data elements such demographic and insurance information,
diagnoses, allergies, health problems, medication and other pertinent clinical data are made available.
Administrative Services: Simplification of administrative services is highly desirable by providers
for accessing claims, authorization, payment systems and data via the HIE network. Administrative
services may also support gathering patient demographic and other non-clinical information. In
addition, HIE can also facilitate the referral process from both an administrative and clinical
standpoint. A comprehensive referral process allows a seamless transfer of information from the
primary care provider, to the specialist with a number of stops and checks with insurers. A technically
mature HIE should have all of the linkages to streamline this process.
Disease Management: Some of the more advanced HIEs include chronic disease management
(CDM) as a service offering. CDM typically requires the coordination of care with one or more
specialists. The average Medicare patient sees approximately six physician specialists annually. The
recent policy efforts to coordinate chronic disease (also called patient medical home, advanced medical
home or patient-centered medical home) recognizes the need for proper information technology tools
and infrastructure to implement this plan. HIEs today provide value to physicians involved with CDM
through the aggregation of data from various sources into patient registries (depending upon the
disease being monitored), allowing quick and efficient retrieval and analysis of pertinent data without
the effort of data re-entry and/or searching many sites. HIEs are an enabler for effective CDM through
the exchange of information across the providers. This allows the HIE to be the enabler for various
caregivers to coordinate care among specialists, the primary care physician and the patient. Eventually,
providers should be able to manage chronic conditions from within their EHR systems with data
provided by the HIE.
HIEs can foster the collection of data elements on various chronic conditions in a computer readable
form for use in chronic disease profiles, charts of levels of key indicators (e.g., hemoglobin A1C for
diabetics), and triggers for recall of patients who have undetected loss of control. Tracking of chronic
disease indicators is not yet universal, thus it is important to add these chronic disease measures to the
list of data to be exchanged.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 12
The next evolution of HIE is looking to integrate disease management systems with community public
and private research programs. The Louisville Health Information Exchange is looking to provide the
service based on a consumer consenting to participate in the research programs.16
Community and Public Health: New, more complex ways of sharing data are also arising with the
advent of the HIE. These collaborative organizations focus on health data exchange in a community,
county or state-wide basis. They have a wide and varied set of participants (providers, labs, hospitals,
health plans, public health agencies, pharmacies and patients/citizens). HIEs may involve public
health as a key player in their formation and operation. While the emphasis is typically on exchanging
clinical data to support patient care, some health data exchanges focus on health services data instead
of—or in addition to—their clinical needs. As HIEs develop and are deployed, and both public health
and private healthcare systems continue to evolve and develop, system integration within public health
will no longer be enough. Public health systems will need to become interoperable with other systems
inside and—especially—outside the agency.
For public health agencies developing integrated health information systems, new risks and benefits
are emerging rapidly on the horizon. The ways in which public health is increasingly exchanging
information with healthcare providers, hospitals, government, insurers and families demand a closer
look at the networked information environment. A public health registry is defined as “…an organized
system for the collection, storage, retrieval, analysis, and dissemination of information on individual
persons who have either a particular disease, a condition (e.g., a risk factor) that predisposes to the
occurrence of a health-related event, or prior exposure to substances (or circumstances) known or
suspected to cause adverse health effects.”17 As systems become more integrated—especially across
the public-private boundary—the role of registries will change. In some cases, their very existence may
be called into question.
Information is one commodity that gains value the more it is used. Public health stands to benefit from
a landscape of increasing opportunity to exchange information with more sources and users. One area
is the growth of HIEs in which public health runs the risk of being excluded. Public health can become
an integral player in the HIE scenario by embracing and promoting standards, opening access to its
program-based database information, and organizing focus groups of stakeholders to make sure that
everyone—including public health stakeholders—has a place at the table.
Value-Added Services: In the creation of a sustainable financial model, HIEs are starting to offer
additional value-added services. These value-added services may come in the form of additional Web-
based products or services that an individual can choose to use. Typically, these services are charged
separately based on the perceived value to the individual. Examples of value-added service may be the
receipt of educational notices from the community gardening club, providing access to electronic
medical record systems for physicians or access to a diet counter service. They are services that one
can choose to use or not use, and individuals will generally pay a subscription fee to use the services
they value.
16 LouHIE Business Plan. Louisville Health Information Exchange Inc. May 20, 2008.
17 California HealthCare Foundation. Chronic Disease Registries: A Product Review. May 2004. Available at:
http://www.chcf.org/topics/chronicdisease/index.cfm?itemID=102741.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 13
HIE Content Examples
HIEs are implemented to support specific functional needs of their stakeholders. In information
technology parlance these are often referred to as “use cases” or “use narratives.” Over the past several
years a common set of use cases have been examined, and HIEs have developed to support them
through the services they offer. In addition to the information below, the appendix also includes a set
of case studies which provide additional details related to services that a few HIEs in the nation are
providing.
Testing and Results: When physicians cannot readily find a lab or x-ray, they will typically reorder
the study in order to expedite the clinical process. This is a tremendous waste of resources and has a
cost ripple effect throughout the entire continuum of care. Once the HIE has implemented
interfaces/access to all diagnostic sources, physicians can view orders and results for labs, radiology
and other clinical values online as part of a streamlined HIE workflow process. Through a common
user interface, providers can get a complete view of all current and historical diagnostic studies,
reports, as well as images (e.g., x-ray, EKG, etc.), thus be able to provide better care through an
expedited diagnostic process by giving physicians the capability to locate critical clinical information
anytime, anywhere. By providing ubiquitous access to past orders and results, HIEs can foster a
marked reduction in redundant testing and improve care.
Other Clinical Documentation: Other pertinent clinical information can be made available on the
HIE. Medications, allergies, problem lists and other documentation are just some examples of data
providers need to access for each patient visit. For example, on an HIE, active allergies and
medications can be codified and stored for each patient. These profiles are then shared so providers can
view the entire medication record for drugs that have been prescribed by any/all participating
physicians for a particular patient. This can improve patient safety by preventing drug/allergy
interactions. In addition, this feature will reduce the amount of time a community physician or
specialist will need to spend reviewing medication lists, thus providing more available time for
discussion and examination of patients.
Active problem lists are also an important clinical data need for HIEs. Specified medical problems
related to each particular patient, with specific dates for the onset of a given problem, as well as a date
that it was resolved, are key data elements that can be shared on an HIE. Having this data readily
available, physicians can provide a more accurate and timely diagnosis by viewing all problems that
have been documented by caregivers on the HIE. Thus, therapeutic actions are more efficient and
targeted for active and focused problem resolution. Specialists spend less time diagnosing known
problems and can target efforts toward more pressing issues.
Finally, other documents, such as histories, physicals and progress notes, can be stored on the HIE,
streamlining the documentation process for more accuracy and speed of inter-practice-provider
communication. The sharing of clinical documents promotes better, faster and more efficient
physician/staff/patient communication. And because there is less time spent on paper-based
administrative tasks, there is more time for direct patient care.
Section 3 – Different Health Information Exchange (HIE) Models
There are various conceptual models of HIEs; each presents issues of interoperability, development
and sustainability, and privacy and security concerns for health environments, clinical providers and
© 2009 Healthcare Information and Management Systems Society (HIMSS). 14
patients. HIMSS outlines three clinical data exchange models: centralized, federated and hybrid18. In
addition there are other models, variations on a theme such as the health record banking model. This
section introduces several of the HIE models and briefly presents various business models that they
may operate under in general terms.
For healthcare organizations considering joining an HIE, there are many hurdles to overcome as well
as benefits to consider. These hurdles include cooperation with potential competitors, development and
agreement on technical standards and system functions, infrastructure development, and financing and
sharing the ongoing costs to sustain the activity. Consumers and their providers may also have issues
in the area of control and privacy and security.
To date there have been many publications indicating the benefits of an EHR and computerized
provider order entry. Since the technology is early in its adoption curve, many of its benefits are just
being realized. These benefits include a reduction in medication errors and eliminating redundant
tests. Many studies confirm the cost savings of an EHR and the value of the completeness of the
medical record for ensuring quality patient care and lives saved.19 Given the potential of connecting
and sharing data across enterprises, the value that HIE provides could be enormous based on current
literature.
The development of a common framework and standard data model has been in process for some time.
There are several common frameworks evolving, including CCHIT criteria for EHR system
functionality and the HL7 Reference Information Model (RIM) for data modeling. Many examples of
the use of these frameworks exist across the nation. Widespread adoption of these frameworks and
standards by vendors has been slowed by the expense of applying them to the established product base
developed using earlier technology. Many groups and organizations are driving toward a common
framework. Partnerships and a reasonable business model are critical to the viability and sustainability
of any HIE. Also paramount is the readiness of a community to support the structure of an HIE and all
it entails.
The models described below ultimately provide for sharing clinical information, medication lists, lab
results, imaging studies and demographic data across multi-stakeholder enterprises and geographical
regions for the benefit of improving patient safety and quality, and decreasing health-related costs.
The Centralized Model
In a centralized model or warehouse, patient health or medical-related data is collected from local
sources, but stored in a central repository. If an entity requests patient data, the transaction is routed
through the central repository. Such architecture permits local entities to maintain autonomy while
cooperating to provide data at a local or regional level.20,21
18 Just BH, Durkin S. Clinical data exchange models: matching HIE goals with IT foundations. JAHIMA; February
2008:(79)2.
19 The Leapfrog Group. The Leapfrog Group fact sheet. Available at: http://www.leapfroggroup.org/about_us/leapfrog-
factsheet.
20 http://www.cap.org/apps/docs/snomed/documents/health_info_exchange
21 Allison MA, Matull M. A review of current & emerging HIE architecture models. CalRhio Summer Summit. June 21,
2007.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 15
http://www.leapfroggroup.org/about_us/leapfrog-factsheet
http://www.leapfroggroup.org/about_us/leapfrog-factsheet
Figure 3. HIE Centralized Repository Model 22
A typical centralized architecture is implemented as a logical, single, large database that aggregates
similar data from numerous sources in one location. Because all data exists in a single warehouse, it is
very easy and fast to perform queries against it.
In the centralized model, all providers send their data to a central repository, usually on a daily basis.
There are many benefits to a centralized model:
• The querying system’s response to a data request is quicker than other models because the data
is centrally maintained and consolidated.
• Less real-time dependence on other participating systems for the same reason.
• Facilitates community-wide data analysis since data is available centrally.
• Economies of scale are introduced through the use of large-scale central resources as long as
appropriate investments are made.
• Better expertise in managing central resources due to their scale and class of products used.
• Able to support existing systems well as data needs only to be extracted and sent to the central
repository.23
22 Cox B. State of New York Department of Health Architectural. Discussion; 2006.
23 Arzt NH. Development and adoption of a national health information network. RFI response. Office of the National
Coordinator for Health Information Technology. HLN Consulting LLC. January 18, 2005.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 16
This model also has a number of limitations:
• Strong central coordination is required. The central database cluster needs to be carefully
managed and maintained for this system to work.
• Dependence on large central database for inter-system queries.
• Timeliness. Data submissions from participating systems may lag, resulting in inaccurate
consolidated records at query time.
• May require a large effort to keep demographic and clinical records free from duplication since
these records will be collected from numerous disparate sources.
• Harder to implement incrementally. A large, up-front investment in central resources is
required.
• Likely fairly expensive option to implement, not only technically but organizationally.23
One of the fundamental challenges of all models is data matching. It is required that there be accurate
matching of patient data between the local system and the central repository or other systems. In the
absence of shared identifiers, other algorithms or strategies must be employed. If the patient is new to
the centralized system there is a significant burden to match records on the repository side. There is
risk that data may be linked to the wrong person. If sensitive clinical data is present this may present
privacy issues when errors occur.
Finally there is the challenge of database congruency issues from providers where data collection
standards, messaging formats and field naming conventions are inconsistent.
The centralized model requires the most planning, coordination and development to be successful.
From a technology perspective the centralized model requires a heavy investment in a single vendor
and system integrator to build a logical central repository that makes it functional for all stakeholder
organizations.24
The Decentralized or Federated Model
The decentralized or federated model provides organizational control of the healthcare record and
provides the framework for data-sharing capability to enterprises, perhaps widely distributed across
regions or even nationally. The local entity owns their data and the Record Locator Services manages
the pointers to the information.
24 Thielst CB, Jones LE. Guide to Establishing a Regional Health Information Organization. Chicago, IL: HIMSS; 2007.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 17
Figure 4. HIE Decentralized (Federated) Model 22
In the decentralized or federated model, updates and access to healthcare records are only provided
when needed. The decentralized or federated model allows the initiator of a health record, such as a
provider, to maintain ownership and control over the record while providing access to the record to
authorized personnel. In this model, providers form a single administrative entity or governing body at
the regional level, with each retaining control of its own internal business activity.
As with other HIE models—similar to a large healthcare system of multiple entities—providers,
medical groups, labs, imaging services organizations and other healthcare groups form a cohesive
group organized in a framework to support the exchange of health information. This information may
include medical history, medical exams and lab results, diagnostic images and demographic
information about the patient.20
The setup of decentralized or federated model systems is complex, expensive and costly to maintain.
The consumer may also have concerns with data distributed far and wide in an interconnected set of
frameworks. There are also many potential points of failure both in data maintenance, confidentiality
and security.
Some advantages of the decentralized or federated model include:
• Data is stored locally at the point of service and accessed only when needed for exchange.
There is no conflict of who owns the data except for the ownership rights of the consumer.
• Data is always current.
• Failure of a single system doesn’t cripple the whole model or others in the exchange, but it may
make some patient data unavailable at the time of a query.
• Any EHR system can be connected to any other, but assumes common interface standards.
• More repositories or compartmentalization means a smaller amount of data is available to
potential hackers with single-system penetration, though this is arguable as penetration of an
© 2009 Healthcare Information and Management Systems Society (HIMSS). 18
RLS could provide access to the same quantity of patient data. The data would just have to be
retrieved to collect it in a central file–the function of an RLS.23
Disadvantages of a federated model:
• Need to ensure authorized and legitimate access to third-party systems.
• Need to capture consumer consent to opt in and opt out of the decentralized network thus
ensuring legitimacy for data usage.
• Data control and availability is not guaranteed, thereby limiting the value that can be achieved
by providers.
• Standards and profiles are still being defined.25
The Hybrid Model
The hybrid model is a cross between centralized and decentralized architecture. A hybrid model
provides the interface engine for which organizational entities in the HIE communicate. “For example,
the eHealth Volunteer Initiative in Tennessee uses a system where the data is physically stored and
managed in a central location, but the data is logically separated into “vaults” controlled by each
organization that contributes data.” 28
Figure 5. HIE Hybrid Model 22
25 Gantenbien R. A lightweight approach to federated health information exchange. University of Wyoming presentation.
PowerPoint presentation; January 2008.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 19
The hybrid model stores key record identifiers and requests for the information that is distributed
across the network. The record locator key is used to gather and transfer medical information to the
requesting healthcare provider. Algorithms exist within the applications in the network to ensure
positive probability of gathering candidate patient records.21
In hybrid architecture only some of the actual data is replicated to the central data repository. The
hybrid model may also include elements where data is produced locally and the original is stored
centrally, but the centralized repository and locator registry are dependent on federated EHR adapters
for production of links to the original patient information. In addition to the required data to identify
the patient, the central database may store a minimum of clinical data. This is commonly referred to as
a “minimum clinical data set” and may include such information as current medications, current
diagnoses and allergies. In addition to these few elements, there are also pointers to where additional
data is housed.
The Health Record Banking Model
The health record banking model endeavors to provide control to the consumer regarding who can
access their record housed in a central system repository. There is a belief among proponents that by
placing health records under the control of the consumer that many of the HIPAA/privacy issues
disappear since the consumer can authorize access to personal medical information freely even under
the most restrictive state law.26 Medical information would be transferred like a financial transaction
to a requester given access by the consumer.
Health record banking (HRB) is a conceptual model where a system is designed and setup to maintain
the lifetime healthcare record of the consumer who can direct, control and provide access to the
electronic record stored in central repository, like a financial deposit into a bank. There is increasing
interest in this type of model. Communities such as Louisville, KY, and the states of Washington,
Kansas and Tennessee are each exploring the model. Vendors, like Cerner and ICW, are developing a
systemic framework to support such a model.27
The HRB is a secure, centralized information repository to house patient data records. Like a bank,
consumers control their own data, can monitor it and grant access to it electronically. During a clinical
encounter the consumer authorizes access to their health record via the Internet or a compatible
electronic record from a connected system. Once authorized the information is transferred to the
provider. After the encounter, data may be transferred back to the system repository to close the loop
by adding to the electronic medical record. Transfer of information based on the financial services
analogy provided could be a fee-based service or philanthropy driven service such as with the
Louisville Health Information Exchange (LouHIE).16 With a fee-based service, a provider ensures
there is payment for the effort, a potential method for offsetting their cost to participate.
International Models
Canada Health Infoway is a nationwide initiative to interconnect systems across every province and
territory. Canada Health Infoway is an independent, federally-funded, not-for-profit organization that
26 Deloitte Center for Health Solutions. Health Information Exchange (HIE) Business Models: The Path to Sustainable
Financial Success; 2006;(5).
27 Thornewill J, Esterhay RJ. Capitalizing the NHIN: a strategy for funding an integrated nationwide network of community
HIEs. JHIM. 2007;21(3):18-24.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 20
is accelerating the development of electronic health records across Canada. As a strategic investor,
they work with Canadian provinces and territories with a goal to have an EHR for 50 percent of
Canadians by 2010. Infoway’s members are Canada’s 14 federal, provincial and territorial Deputy
Ministers of Health.28
Infoway was created in 2000 through consensus between Canada’s federal, provincial and territorial
governments. Canada has invested in provincial EHR systems infrastructure and in doing so has made
the Infoway initiative a catalyst for developing a consistent EHR vision and collaborative vehicle for
standards across Canada. The mission of the Canada Health Infoway is to foster and accelerate the
development and adoption of electronic health information systems with compatible standards and
communications technologies on a pan-Canadian basis.
In building this international model concept, Canada set standards of interoperability up front and set
the expectation that all electronic health systems installed must comply with the interoperability
standards. Canada promotes the idea that EHRs are a significant opportunity for ongoing international
collaboration. Canada has developed liaisons with most of the major standards development
organizations, to ensure that at some point in the future data sharing could ostensibly be accomplished
across borders.28, 29
In Finland, The Hospital District of Helsinki and Uusimaa (HUS) is composed of 24 hospitals in the
province of Uusimaa, which includes the capital of Helsinki. As a joint authority it was founded in
2000 to provide health services for over a million residents in its 31 member municipalities. Named
Navitas, this federated model HIE is at its core a record locator service. It is a service which maintains
a regional directory of links pointing to patient and treatment information located in any of the
connected healthcare information repository systems in the region. Each participating organization has
its own patient information system in addition to stand-alone patient information systems in HUS.
Provider access is by Web browsers and includes both inpatient and outpatient clinical and
demographic information. All data is sorted according to Social Security coding, which is standard
procedure in Finland. The data transfer is encrypted and data is transferred via private dedicated
networks. Viewing of the patient data through the links requires the patient’s informed consent.
The Navitas locator service is available today for all healthcare professionals in the Hospital District.
The directory contains information from 1.4 million citizens. Currently there are more than 40 million
links in the database. The number of links has been minimized to make it easier for the professional to
get a holistic view on the patient’s medical history.30
The 2009 HIMSS International HIE white paper provides additional information on health
information exchange activities occurring in other countries.
State-Led vs. Community-Based Models
28 Mendelson DS. IHE presentation: achieving interoperability and adoption of the electronic health record. January 2008.
29 Gardner N. Electronic health record (EHR) strategy: a Canadian view on the importance of interoperability. IHE North
American Conference. January 29, 2008.
30 Harno K. Shared healthcare in a regional eHealth network. In: Handbook of research on information technology
management and clinical data administration in healthcare. Ed. A. Dwivedi, IGI Global USA, UK. 2009;383-397.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 21
http://www.himss.org/content/files/Natl_Internatl_White_Paper051309
State-led HIE models promote information exchange for the common good and encourage, promote
and facilitate the creation of regional information data exchange. Thus, they are in a better position to
take on many of the tasks necessary for implementation.31
Most important is the setting of standards of interoperability until national standards are defined. States
share in the responsibility for ensuring the privacy and security of personal information. They may also
be better sources of funding to develop the infrastructure necessary to support a regional network.
Are community-based models better suited to the specific needs of the community? Potential HIEs at
the local level are not bound by standards unless mandated by state law. Requiring states to use
nationally recognized standards, such as those selected by the Health Information Technology
Standards Panel (HITSP), could facilitate rapid development of data sharing between entities.32
The role of the state in HIEs is not yet clearly established. Each state is making its own decisions
about the role it chooses to serve. Whether it is an “operator” of an HIE or a facilitator of many local
HIEs directly or through a state-designated entity has yet to be determined.
Industry Drivers
One such facilitator is a collaborative called Integrating the Healthcare Enterprise (IHE). IHE is an
initiative by healthcare professionals and industry to improve the way computer systems in healthcare
share information. IHE promotes the coordinated use of established standards such as DICOM and
HL7 to address specific clinical needs in support of optimal patient care. Systems developed in
accordance with IHE communicate with one another better, are easier to implement and enable care
providers to use information more effectively.33
Connecting for Health is a public-private collaborative with representatives from more than 100
organizations across the spectrum of healthcare stakeholders. Its purpose is to catalyze the widespread
changes necessary to realize the full benefits of health IT, while protecting patient privacy and the
security of personal health information. Connecting for Health is continuing to tackle the key
challenges to creating a networked health information environment that enables secure and private
information sharing when and where it’s needed to improve health and healthcare.34
The real industry driver is the need to transform healthcare to be affordable for everyone. We all must
work together to insure the transformation is attained in our lifetime.
The Business Models
The Deloitte Center for Health Solutions points to four basic business models in which HIEs operate,
regardless of the practical structural model:35
• Not-for-profit–Usually local, these HIE organization are driven by their nonprofit healthcare
charter within the community for which they operate and provide services. Tax exempt status
31 Deloitte Center for Health Solutions. Health Information Exchange (HIE) Business Models: The Path to Sustainable
Financial Success; 2006
32 Health Information Technology Standards Panel Web site. Available at: http://www.hitsp.org/.
33 Integrating the Healthcare Enterprise Web site. Available at: http://www.ihe.net/.
34 Connecting for Health Web site. Available at: http://www.connectingforhealth.org/aboutus/index.html.
35 Deloitte Center for Health Solutions. Health Information Exchange (HIE) Business Models: The Path to Sustainable
Financial Success; 2006: 5.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 22
http://www.hitsp.org/
http://www.connectingforhealth.org/aboutus/index.html
and potential tax credits or incentives may assist such organizations in mitigating their costs.
An emerging variation to the not for profit model is the ability to use philanthropy to drive the
sustainability of an HIE. This model is similar to how many hospitals operate today as well as
national public radio.
• Public utility–These HIEs are created and maintained with the assistance of federal/state funds
that provide direction by federal/state governments through laws and regulations. This type of
business model has tight fiscal controls and funding sources can be problematic given recent
economic conditions.
• Physician and payor collaborative—Usually local, this mutually benefiting collaborative
organization is created for or by payors and physicians for the strategic benefit within a region.
Medical groups are the better analogy for this type of HIE business model.
• For profit–The for-profit HIE is created with private funding and it has a clear return-on-
investment strategy; they hope to benefit from the medical and technology services they
provide. A healthcare organization acting as local application service provider hopes to benefit
financially from their usually advanced systems by providing hosting services to less
technically feasible groups for systems recordkeeping functions. Transaction-based fees or fee
for services is a common sustainable funding approach for a for-profit organization.
While not-for-profit business models seem to dominate the HIE industry, long-term financial
sustainability and governance continue to be major issues. As with every business, a well thought out
business plan must exist, which includes start-up operational fees as well as sustainable revenue to off-
set continuing operations.
Section 4 – Common Technology Approaches and Data Standards
This section discusses the key technological factors involved with participating in an HIE. The first
part deals with networking requirements and sources of software to facilitate HIE and interfaces used.
The second part describes what we call middleware. Generally, the term middleware is used for
software that functions between computer applications and the operating system. In the HIE model,
middleware is comprised of service modules that perform functions for the HIE applications. The third
part deals with standards that apply to HIE.
Technology Building Blocks
There are two likely models for the exchange of patient-related health information. As mentioned in
the previous section, these models include (1.) a record locator service in which the patient’s medical
information is housed on computers at the various sites of his or her care and this information is
queried and aggregated from these sites at the time of a request; and (2.) a central repository model in
which all known data on the patient is brought together in a single logical database called a repository
and that database is accessed when data is needed.
Network Infrastructure
In each of the two models noted above, transmission of patient information is the key element of the
process. Any sharing of patient information among providers requires that the providers be linked over
a network. While it would be feasible to transmit patient data over a slow network, such as dial-up, the
© 2009 Healthcare Information and Management Systems Society (HIMSS). 23
expectation of the industry is that high-speed, reliable, secure connections be available. Some
physician offices may use DSL (digital subscriber line) connections which have fast download speeds,
typically 1.5 mbps, and slower upload speeds, but most major organizations will have T-1 connections,
typically with 1.5 mbps download and upload speeds. Larger organizations may have even faster
connections. Reasonable response times require these high-speed connections. Slower
communication speeds would present a disincentive to use linked systems, thereby discouraging
providers from attempting to retrieve linked data over the network.
One of the realities of current connectivity is that high-speed networking is readily available in urban
areas, but may not be available in semi-rural and rural areas, which comprises much of the geography
of the United States. In an effort to modernize the networking environment, the Federal
Communications Commission (FCC) and the U.S. Department of Agriculture (USDA) oversee
programs that provide funding for broadband deployment in rural areas. The USDA provides low-
interest loans that may be used to build new and modernize existing telecommunications networks in
rural areas, and the FCC’s Schools and Libraries Universal Service Program and Rural Healthcare
Support Program provide financial support for broadband services to schools, libraries and rural
healthcare providers.36
HIE Applications
The HIE networking infrastructure discussed above facilitates the delivery of various HIE applications
and services which may be procured from a commercial software vendor, developed by a system
integrator or consulting organization, or provided by a potential HIE participant. There are several
emerging Open Source software solutions are emerging and may be considered to be provided as
services over the HIE networking infrastructure. A critical component of the HIE infrastructure that
facilitates the integration of data and services is the middleware, which is discussed in the next section.
Middleware
As noted in the introduction, we use the term “middleware” to mean service modules that facilitate the
integration of data and application software to exchange health data. This section addresses four types
of middleware: integration engine, master patient index (MPI or EMPI), record locator service (RLS)
and national provider identifier (NPI). Briefly defined, an integration engine translates data from one
format to another and adjusts for differences in coding structure in the different data sets. The
integration engine also provides for connectivity to multiple systems to move the data that is translated
from the sending system to the receiving system. The MPI supports patient matching software and
consolidates the results. The RLS identifies the location of existing sources of data and points the HIE
to it. The NPI is provider matching software. One can read a full technical view of the actual steps by
following one of the standard transactions on the HITSP Web site.32
Integration Engine
This element of middleware is used to effectively and efficiently connect multiple computer systems
and applications together. The integration engine is an invention that started in the late 1980s and is
generally accepted as one of the vehicles to achieve interoperability. Interface engines use standard
protocols and transactions sets to improve the way in which these computer systems communicate.
Additionally, the better interface engines have management tools which enable the ability to manage
the connectivity, start, re-start, send and re-send transactions.
36 Federal Communications Commission. Broadband opportunities for rural america [online]. Available at:
http://wireless.fcc.gov/outreach/index.htm?job=broadband_home. Accessed May 2, 2009.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 24
http://www.hitsp.org/
http://wireless.fcc.gov/outreach/index.htm?job=broadband_home
Patient Matching Algorithms and Enterprise Master Patient/Person Index (EMPI)
Need for matching algorithms. HIPAA regulation required the Secretary of the Department of
Health & Human Services to develop a proposed rule for a national set of patient identifiers but these
have been deferred because of public opposition to providing the ability for an entity to track all
healthcare-related information for an individual. The alternative is that many identifiers are used for
an individual and medical records; information must be matched based on information about the
individual—name, gender, date of birth, address, telephone, etc.
Conceptual process. Matching of patient records and data must be performed by considering the
known demographic (and, potentially, some medical data, e.g., blood type) data for the patient. Some
data are more important in matching than other data. For example, last name and date of birth would be
expected to be more important than phone number and address due to the frequency of the number of
times data may change for many people. Substantial effort has been made using common sense and
other methods to develop algorithms for patient matching. Some techniques use carefully-designed
rule sets (referred to often as deterministic matching) while other techniques use more complex
statistical methods (referred to often as probabilistic matching). The resulting aggregation of data by
these algorithms is typically called a master patient (or person) index (MPI) or an enterprise master
patient index (EMPI).
A mapping process divides all possible record pairs into three categories: (1.) matched; (2.) not
matched; and (3.) undetermined. The sensitivity of a matching rule is the probability that the rule
indicates a match when the data, in fact, match. The specificity of a rule is the probability that the rule
indicated a non-match when the data do not match. The goal is to have both measures as high as
possible. False matches and failures to match data both have undesirable consequences which can
impair patient care and undermine the credibility of the system and the using institution.37
Functional process. Matching of the patient data is substantially enhanced if the data are properly
prepared. Best practices include data cleaning (removing punctuation in names and removing non-
alphabetic data), data standardization (remove difference in upper and lower case, map nicknames to
standard names, use the U.S. Postal Service address service to put addresses in standard form), putting
names in phonetic form (Soundex) and other processes. The matching may be required to make some
exact matches among factors (e.g., last name, gender). Once the initial matches are made, a set of
factors may be applied to remaining candidate near-matches to determine the most likely matches.
Manual intervention may be required for those persons not matched by the process.
There are a number of solutions that provide MPI/EMPI capabilities. Those solutions can be
categorized into proprietary enterprise/niche and open-source products.
Proprietary Products
Enterprise systems. There are a number of patient matching algorithms used by various proprietary
systems. Some of the larger vendors and organizations have gone through a substantial development
process to produce effective EMPI modules. In the national category, several vendor EMPIs have
been ranked best by KLAS as presented in Web articles by those receiving the top ranking. (Actual
KLAS data was not available). Examples include the following for the years indicated:
37 Duval S, et al. An Open Source Record Locator Service Built with CDE Code. California HealthCare Foundation.
August 3, 2007. Available at: https://openhie.projects.openhealthtools.org/files/documents/42/73/chcf_os-
cde_20070620n .
© 2009 Healthcare Information and Management Systems Society (HIMSS). 25
https://openhie.projects.openhealthtools.org/files/documents/42/73/chcf_os-cde_20070620n
https://openhie.projects.openhealthtools.org/files/documents/42/73/chcf_os-cde_20070620n
Table 1. Sample KLAS Top Ranking EMPI Products
Vendor Product Year
Initiate Systems Initiate Patient (formerly Initiate
Identity Hub)
2008
QuadraMed Corp. QuadraMed MPI 2007
Madison Information Technology Enterprise Master Patient Index 2003
Madison Information Technology Enterprise Master Patient Index 2002
The cost of these MPIs can be expected to be greater than $100,000.
Niche systems. The California HealthCare Foundation published a report in August 2004 entitled
Patient Data Matching Software: A Buyer’s Guide for the Budget Conscious. This report focused on
MPI systems with the total cost of ownership of less than $50,000. Each of the four MPI systems was
evaluated with a data test, and three of the four were recommended. These are:
Table 2. 2004 CA HealthCare Foundation Niche MPI Product Evaluation
Vendor Product Score
Intercon Systems DataSet V Suite 4.1
LinkageWiz Software Linkage Wiz 3.6
DQ Global SureMatch 3.3
Neither of the above lists is meant to be a basis for selection but to be a starting point for investigating
MPIs.
Open Source Products
There are several known open source systems with examples below:
Table 3. Sample Open Source Products
Vendor Product
Browsersoft OpenHRE
Medsphere Master Patient Index
WebReach, Inc. Mirth
These open source systems are available at no cost other than possible support from the vendor or
other resource familiar with the code.
Record Locator Service
© 2009 Healthcare Information and Management Systems Society (HIMSS). 26
In an HIE, a record locator service is the part of the system that determines what records exist for a
member and where the source data is located. The original model for a record locator service was
documented by the Markle Foundation Connecting for Health Common Framework, using the design
for Massachusetts SHARE, though some systems were in operation prior to that date. The key concept
behind having a record locator service is that information sharing will develop as internetworked
regional and local health information networks. The decision was made because the expert panel
thought that providers consider themselves as owners of the records and would want records to remain
under local control, rather than being included in a larger central repository (e.g., super-regional or
national database). The Common Framework and the U.S. Nationwide Health Information Network
effort are both based on this federated approach. However, in recent past, the value of centralized
databases has emerged as organizations have sought to achieve greater value from the data that is
shared.
The record locator service includes these distinct functions:
• Manage participating provider identities.
• Maintain and publish a patient index.
• Match patients using an algorithm.
• Look up patient record locations (but not the records themselves).
• Communicate securely and maintain an audit log.
• Manage patient consent to record sharing (under state laws and ARRA).
Note that the exchange of the identified patient records is part of the clinical data exchange and not of
the record locator service.
The conceptual view of the record locater service (RLS) is shown below (from the Connecting for
Health Common Framework).
Figure 6. Conceptual View of the Record Locater Service
© 2009 Healthcare Information and Management Systems Society (HIMSS). 27
This model is used for record locator services that supports a federated HIE model.
Provider Matching
Several years ago, the situation with provider matching would have been similar to patient matching.
In the latter half of 2008, a National Provider Identifier (NPI) system was implemented under
Medicare (and within a few months for some state Medicaid programs). While there have been some
issues in the implementation, most of those have been navigated and there is a single NPI for most
providers in the United States.
From the point of view of systems, each organization should have developed its own cross-reference
mapping of prior provider identification numbers to the new NPIs and be able to navigate to records
using whatever designator is indicated for pre-NPI files.
Applicable Standards
Types of standards. There are three types of standards involved in health data exchange. The first
two are widely recognized and the third becomes apparent when one implements the first two. The
types are (1.) transactions standards–what data fields are transmitted and how they are organized for
transmission; (2.) semantic standards–the taxonomy of each code used in a data field, e.g., the ICD9
coding system; and (3.) process standards–in what order do the transmissions fit into the workflow of
the organization. Each of these is discussed below, following a clarification of what standards are.
About Standards
It is useful to understand how standards organizations work because the process explains why the
standards have become so generalized and complex in an attempt to satisfy all comers. There is one
overarching standards guidance organization, the American National Standards Institute (ANSI). All
standards development organizations (SDO) in the United States and many overseas are members of
and governed by the rules of ANSI. ANSI requires member SDOs to adhere to a consensus process,
involving all interested parties. The normal lay definition of a standard is “something established
by authority, custom, or general consent as a model or example.”38 In fact, the “standards” developed
by SDOs under ANSI are not standards in the normal lay sense of the term, but rather are aggregations
of all commonly used data elements agreed to by the volunteers that staff SDOs.
An SDO that has had a fair amount of success in the health industry is Health-Level Seven (HL7).
HL7 emerged in the late 1980s and is still involved in establishing the various standards that are being
used today or considered for use in the future.
Core Standards
These are basic standards that are used in exchanges of all information on the Internet.39
Table 4. Core Standards
Standard Meaning Comment
38 http://www.merriam-webster.com/dictionary/standard
39 Vermont Health Information Technology Plan: Strategies for Developing a Health Information Exchange Network. July
1, 2007:(45-48).
© 2009 Healthcare Information and Management Systems Society (HIMSS). 28
Standard Meaning Comment
TCP/IP Transmission Control
Protocol/Internet Protocol
General standard for the Internet
and most internal networks.
HTTP Hypertext Transfer Protocol Basic language of Web pages.
May also include Java, Javascript,
Active Server Pages and other
languages.
LDAP Lightweight Directory Access
Protocol
Application protocol for querying
and modifying directory services
running over TCP/IP. May be
used to access the person
directory of a record locater
system.40
SSL or TLS Secure Sockets Layer (or, more
recently Transport Layer
Securit
y)
Cryptographic protocols that
provide security and data
integrity for communications
over TCP/IP networks such as the
Internet.41
3DES Triple Data Encryption Standard This is three-time successive
application of DES designed to
overcome the limitation of a 56-
bit key without changing the
encryption algorithm.42
URL Uniform Resource Locator Specifies where an identified
resource is available and the
mechanism for retrieving it.
Translates to a Web address of
the form nnn.nnn.nnn.nnn.
Standards for Transactions
There are many standards development organizations and standards applicable to health systems and
health data transactions. A few examples of the more important ones related to HIEs are listed in the
two tables below. Note that many of these are “standards families,” not particular standards.
Table 5. Transactional Standards
Standard Meaning Comment
Message Formats
HL7 Health-Level Seven A family of standards used in
many aspects of health data
exchange.
X12 (or ANSI ASC X12) Official designation of the U.S.
national standards body for the
development and maintenance of
Electronic Data Interchange
(EDI) standards43
Includes many XML standards
for healthcare and insurance.
NCPDP National Council for Prescription
Drug Programs
A family of pharmacy data
standards.
40 http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
41 http://en.wikipedia.org/wiki/Transport_Layer_Security
42 http://en.wikipedia.org/wiki/Triple_DES
43 http://en.wikipedia.org/wiki/X12
© 2009 Healthcare Information and Management Systems Society (HIMSS). 29
http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
http://en.wikipedia.org/wiki/Transport_Layer_Security
http://en.wikipedia.org/wiki/Triple_DES
http://en.wikipedia.org/wiki/X12
Standard Meaning Comment
DICOM Digital Imaging and
Communication in Medicine
Standard for handling, storing,
printing, and transmitting
information in medical imaging.
Both a transaction and a semantic
standard.
IHE Integration Profiles Integrating the Healthcare
Enterprise Integration Profiles
IHE developed a family of
interoperability profiles by
utilizing HL7 standards for
specific purposes.
HITSP Interoperability
Specifications
Health Information Technology
Standard Panel
HITSP has developed a whole
system of specifications including
creating processes to harmonize
standards, certify EHR
applications, develop nationwide
health information network
prototypes and recommend
necessary changes to standardize
diverse security and privacy
policies.
CDA Clinical Document Architecture XML-based “standard” intended
to specify the encoding, structure
and semantics of clinical
documents for exchange.
CCR Continuity of Care Record Patient health summary standard
developed by ASTM, several
medical societies and a number of
vendors.
CCD Continuity of Care Document XML-based markup “standard”
intended to specify the encoding,
structure and semantics of a
patient summary clinical
document for exchange. The
CCD specification is a constraint
on the HL7 CDA (further limits
it). HITSP has selected the CCD
(not the CCR).
Message Transport
SOAP Simple Object Access Protocol Protocol specification for
exchanging structured
information in the
implementation of Web Services
in computer networks. Used with
XML.
XML Extensible Markup Language Data exchange language using
tags to designate variables.
Simple and powerful.
Semantic Standards
Semantic or data standards define the range of values that descriptive variables may have, including
the meaning of each value. When bringing data together from disparate systems, the standards used
will vary, therefore normalizing the data is very important to the provider when treating the patient.
The standards listed below are particularly important to HIEs if the HIE is to provide the utmost value
to the provider.
Table 6. Semantic Standards
© 2009 Healthcare Information and Management Systems Society (HIMSS). 30
http://en.wikipedia.org/wiki/Web_Service
http://en.wikipedia.org/wiki/Web_Service
Standard Meaning Comment
ICD International Classification of
Diseases
Published by the World Health
Organization
CPT Current Procedural Terminology Describes medical, surgical and
diagnostic services. Maintained
by the American Medical
Association.
HCPCS Healthcare Common Procedure
Coding System
Based on CPT and designed to
provide a standardized coding
system for describing the specific
items and services provided in the
delivery of healthcare. Used for
reporting to Medicare, Medicaid
and other payors.
LOINC Logical Observation Identifiers
Names and Codes
Database and universal standard
for identifying medical laboratory
observations developed by
Regenstrief Institute.
SNOMED Systematized Nomenclature of
Medicine
A multiaxial, hierarchical
classification system where 11
axes represent classification
features.
RxNorm Standardized nomenclature for
clinical drugs
Produced by the U.S. National
Library of Medicine.
NDC National Drug Code Universal product identifier for
human drugs.
Process Standards
Processes that are communicated in standard transactions and data standards often follow different
workflows in different settings. If the workflow is different, the sequence of construction of a standard
transaction with standard data may logically follow in one setting but not the next because some
essential information is not available as the transaction is constructed. There is little systematic
reporting of process standard needs, but those who implement standards deal with these issues and
realize the need is real.
The closest the industry has to process standards are the use cases that have been developed. The
HITSP HIE use cases are examples of recent HIE use case information.
Section 5 – Evaluating a Potential HIE Opportunity
Based on the last data set provided on the HIMSS Analytics Web-based State Dashboard, there are at
least 475 HIE-type projects and RHIOs located around the nation, and many other initiatives around
the world.44 This resource is no longer available. Most of these HIEs are driving the application of
technology to help providers:
• Improve patient safety by reducing medication and medical errors;
• increase efficiency by eliminating unnecessary paperwork and handling;
• provide caregivers with clinical decision support tools for more effective care and treatment;
• eliminate redundant or unnecessary testing;
• improve public health reporting and monitoring;
• engage healthcare consumers regarding their own personal health information;
44 http://www.himss.org/StateDashboard/
© 2009 Healthcare Information and Management Systems Society (HIMSS). 31
http://www.himss.org/StateDashboard/
• improve healthcare quality and outcomes; and
• reduce health related costs.
As these HIE efforts mature and grow, more and more providers are faced with the question of whether
they should join a HIE effort or an existing RHIO. The recent federal stimulus package, which sets
HIE as a priority, will only spur this growth as providers make use of the funding to adopt electronic
health records and share data with other providers.
This section, along with the HIE Evaluation Checklist in Appendix A, will help organizations define
and understand their value proposition, or perceived benefit, from participating in a HIE and guide
them through the decision-making process. It will guide readers as they identify the synergy between
their organization and other participants by outlining questions that should be asked before deciding to
participate and allocate resources. The objective of any evaluation is to ensure a shared vision and
better prepare both organizations for transition process.
Understanding the Goals and Philosophy of the HIE
The initial questions asked should be aimed at determining whether there is a cultural fit between the
ultimate goals and vision of both organizations. In the early stage of evaluating the HIE opportunity, it
is important to identify common or shared elements between your organization’s and the HIE’s
mission, goals, priorities and resources.
• Ask to review organizational documents (i.e., the charter, business plan, organization chart)
that describe the mission, vision and/or philosophy of the HIE, as well as, any goals and
objectives that may have already been established. Also review other documents, such as
technology specifications, presentations, proposals and papers that describe how the HIE
expects to reach its goals and objectives. The latter are sometimes developed after the
organizational documents and often reflect more refined strategies or changes in approach or
tactics.
• Determine whether the needs of patients, physicians and others providers have been addressed
and the priorities balanced against the identified needs. Determine whether this HIE initiative
will serve the entire population, or only specific groups, before expanding across the
community.
• If the HIE has already adopted a model or approach (as described in Section 3) to address
interoperability, does it fit with the expectations of your organizational objectives? If one
hasn’t been selected, how will your organization participate in this decision-making process?
How will you uncover the value proposition that the HIE’s model will offer to your
organization, other stakeholders and the community as a whole?
The HIE vision is to readily share clinical information electronically between providers, capture and
analyze clinical information for improved decision support and public health reporting, and support
health and wellness information for use by consumers. However, at this early stage the scope and
complexity of each HIE will vary and new participants will need to understand whether the HIE will
work towards incremental improvements by focusing on one or two initiatives at a time or using a “big
bang” approach to push for a radical or massive transformation. If it is the latter, is your organization
ready to make a big jump, too?
• Talk to the HIE’s current members and representatives from organizations planning to join.
These will be your business partners going forward, so it is important to know diverse
© 2009 Healthcare Information and Management Systems Society (HIMSS). 32
perspectives are represented and stakeholder representatives are prepared for cooperation and
collaboration. Also identify those key stakeholder organizations that haven’t yet joined or
have refused. It is important to explore the reasons why and identify potential barriers or
issues that may arise for your organization.
Widespread HIE will require a public-private collaborative approach. It is important to evaluate the
potential competitive barriers that may exist for your organization with these business partners. If
barriers do exist, work with these business partners and your organization to overcome these for the
important work that lies ahead.
More and more we can expect to see multiple HIE initiatives operating in a community as the national
health information infrastructure is built out.45 If there are multiple efforts, determine whether they
will compete with or compliment the work of the other(s).
• Based upon your review of information provided by the HIE and conversations with
stakeholders and others, is there alignment between the goals and philosophy of the HIE and
those of your organization? If so, you now need to turn your attention to whether your
organization has the resources and is prepared to participate in an HIE.
Understanding to What Your Organization will need to Commit by Participating in an HIE
Participation in an HIE is a serious undertaking. It is important to determine whether your governing
body is ready for a significant commitment of resources. This may include participation or
subscription membership fees, upgrade(s) to IT systems and infrastructure and access to capital. It may
involve time commitment of several key positions/departments such as the CFO, CEO, CIO, CMO,
compliance officer, information technology, finance staff, compliance staff , health information
management staff, medical staff, as well as other clinical departments. It may also result in some lost
revenue and productivity due to changes in workflow processes and during training and
implementation periods.
Participation in an HIE requires written formal agreements between partner organizations (business
associates), data users and data providers. These agreements describe the sharing of clinically relevant
information with the HIE, requirements, terms and the responsibilities of each party.
• Your organization will need to be prepared to enter into an agreement that fits with your
function in the HIE.
• If the HIE doesn’t already have business associate, data provider and/or data user agreements,
they should have one developed before the first patient data is ever exchanged.
Understanding the Prevalence of Nationally-Accepted Standards
An effective HIE will be based upon use of established standards and certification which helps
facilitate this migration process and establish trust in all stakeholders. HITSP has selected
interoperability standards to support a specific set of use cases, and is working to generalize those
selections for additional use. The Certification Commission for Healthcare Information Technology
(CCHIT) has defined a process confirming that a system or component complies with its specified
45 The National Committee on Vital and Health Statistics. Information for health: a strategy for building a national health
information infrastructure. November 15, 2001. Available at:
http://aspe.hhs.gov/sp/NHII/Documents/NHIIReport2001/default.htm.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 33
http://aspe.hhs.gov/sp/NHII/Documents/NHIIReport2001/default.htm
requirements and is acceptable for operational use.46 CCHIT certification has been divided into two
separate processes, the development of certification requirements and the practical certification by an
authorized organization using previously developed certification requirements.
The HIE and its participant organizations will need to establish and fulfill regulatory, functional,
technical and other mandatory requirements. The EHR systems connected to the HIE will need to
possess the same level of functionality, security and privacy protection.
The reliability and validity of the data is important to ensuring improved patient care and minimizing
the risk of errors. Review the HIE’s policy on matching demographic data and determine the number
of data points used to produce positive matches.
Understanding the Value for Users of the HIE Information and Data
As research indicates, most HIE participants are looking for secure IT systems that offer complete
documentation and charting capabilities, computerized practitioner order entry, digital images,
medication administration and ePrescribing, decision support and a single sign-on. Assess the HIE’s
ability to incorporate consumer, provider and other stakeholder interests into the development of their
business plan. Without having direct knowledge of specific interests, the HIE may be evolving into a
community solution that will not be widely used.
The existence of the technology and data exchange capabilities will not automatically generate actual
value and user satisfaction. For example, a Finland study at three hospital districts looked at usability
and benefits.47 The federated information system consists of a record locator service as a central
reference database containing links to patient data stored in their legacy systems. Provider access was
through Web browsers and patient information included visits, critical data laboratory results, images
and reports and referral and discharge reports.
Results from this study demonstrate the importance of user testing and training. More active users
reported definite advantages and tended to be more satisfied than less active users, however, 41 percent
of the physicians had difficulty logging in and 62 percent had difficulty using links of the locator
service or finding patient information from the legacy systems.
• Ask the HIE leaders and physicians about the usability of the system and usefulness of the
information and/or data provided, if it is already being tested or has been fully implemented. It
should be fairly easy to log on, navigate through the system and find data and information.
Users should also test the quality of the data to ensure it is accurate, timely, and complete.
Your organization should also confirm that the same data/information is not already and more
easily available elsewhere for less cost.
• Identify the interface capabilities and whether there are limitations with legacy systems, which
are older systems that may have difficulty communicating with newer ones. Determined if
your organization or other participating organizations have legacy systems required to interface
with the HIE and whether there are plans for upgrades to enable the sharing of clinical
information.
• Identify the data sources that are not currently available to the HIE, such as independent
laboratory or pharmacy, and plans for adding this information in the future.
46 http://www.cchit.org/about
47 Harno K. Healthcare information exchange in regional eHealth networks: implications for initiatives in advancing shared
care. Presented at eTelemed 2009; Cancun 1,-7.2.; In press.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 34
http://www.cchit.org/about
Understanding the Economics and Financial Sustainability of the HIE
Identify the specific benefits of the HIE and to whom they accrue. Misalignment of incentives,
especially with payment and competition, will threaten the long term stability of the effort. For
example, one of the most widely accepted key benefits of an HIE is the reduction in duplicate or
redundant ancillary testing, but this usually results in a reduction in revenue for the hospital and some
clinics. While the reduction may be beneficial for some facilities who are working to reduce test
volume due to staff and facility limitations, others will see the real benefit (cost savings) accrue only to
the payors, unless steps have been taken to ensure savings are shared by all participants and/or
investments are proportional.
Australia recognized that the largest component of the costs associated with implementation is most
often absorbed by providers with a fairly even split between the replacement costs of their existing
electronic medical records and the costs of building interfaces.48
• Determine whether your organization’s participation in the HIE requires a return on investment
(financial or otherwise) or if participation is viewed as a cost of doing business or in support of
the public good. Understand the accrual of benefits, to whom they accrue and in what
proportion. If some stakeholders accrue a significant proportion of the benefits, ask if they
share proportionately in responsibility for the costs.
• Identify past and future funding streams, such as grants, transaction fees, service fees,
subscription fees, licensing/maintenance fees, member dues, etc. What is the estimated cost to
your organization and is there an expected financial benefit to your organization? Is your
organization prepared to make the necessary commitment of internal resources, such as
upgrading IT systems and infrastructure?
• Determine the needs that are being addressed or services provided to the community, both
currently and planned for the next six to 12 months. Does the HIE bring information to the
point of care? If it doesn’t, determine whether there is an anticipated or planned timeline to do
so or how the technology adds value to the HIE and for which stakeholders.
Some benefits are difficult to quantify and value, but they are equally, if not more important, to the
economic and sustainability of the HIE:
• Improved quality outcomes.
• Increased patient safety and satisfaction.
• Improved staffing efficiency and productivity.
• Reduced liability.
• Disaster recovery capabilities.
• Enhanced reputation in the community and increased goodwill.
The important question here is does your organization buy into the stated benefits and expect to realize
value by participating in this HIE? If so, is your organization willing to pay their fair share to support
this effort.
48 Sprivulis P., et al. The economic benefits of health information exchange interoperability for Australia. Australian Health
Review. November 2007;31(4):531.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 35
Understanding Risks
The Australian study also recognized that the greatest risk was not achieving value from
interoperability, but whether or not rigorous standards are developed and implemented.
• Review participation, data user/sharing and/or business associate agreements to determine the
assignment of liability and the potential impact upon your organization. Consideration should
be made to who the other HIE participants will be and whether there is a downside to joining or
not.
• Determine if your organization is joining as a participant or will have a seat on the governing
body. If the latter, your organization will need to be especially cognizant of the fiduciary
responsibilities.
• Determine whether the HIE has defined how success and/or failure will be defined and
measured. Understand existing or potential threats to success and look for any signs of
weakness, such as, lack or waning of interest by other participants, misalignment of incentives,
decreasing focus on identifying and addressing participant or stakeholder needs, etc.
The cost of participation in an HIE will most likely cause some amount of competition for internal
resources (capacity, skills, funding, etc) and may impact other initiatives.
• Determine whether your participation in the HIE will result in delays, re-work or
discontinuation of other projects and identify those that might be adversely impacted or
threatened.
Understanding Applicable Regulations
The exchange of private health information—whether on paper or electronically—is a delicate matter
and closely regulated. The speed of the Internet increases concerns about the potential of unintended
disclosures and misuse. As a result, a careful analysis of the HIE’s efforts to comply with regulations,
including HIPAA, ARRA and state laws is needed prior to your organization becoming a member of
the HIE. While the current HIPAA regulations do not adequately govern HIEs, new regulations and
revisions are expected to be released.
• Involve your compliance and privacy officer and/or legal counsel early in the evaluation phase.
Identify the safeguards that are in place to ensure privacy and security and understand the
process used for reconciling and reporting breaches.
This white paper does not include a detail discussion around the privacy rules and regulations.
Understanding Leadership and Governance
As a collective group, the governing body is responsible for accountability, authority and oversight of
the entity.49 Many HIEs start with a project steering committee and later identify the need to establish
a formal organizational and governance structure, a RHIO, as the number of partners increase, clinical
and technology plans are brought into focus and implementation nears. The strength of the HIE’s
leadership and organizational structure is an important indicator of success. As a result, leaders should
49 Thielst, et al. Guide to Establishing a Regional Health Information Organization. (HIMSS) 2007; p.5.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 36
have a shared vision and represent various disciplines, cultures and perspectives to avoid narrow
views. The leadership, and/or governing body members, should have balanced representation and
strengths (clinical, technical, administrative, financial, management, legal). They should be effective
leaders and champions who can build trust, facilitate the creation of shared vision and goals, engage
stakeholders, communicate and most importantly be accountable to the community as a whole and not
to their individual interests.
As the HIE progresses, it should begin to function more like a business and less like a collaborative
project.
• Review the flow of control and decision making and ask for a written board profile, job
descriptions, and organizational chart to determine whether the structure seems appropriate.
• If your organization has a seat on the governing body, be prepared to actively participate and
accept fiduciary responsibility for establishing policy and oversight.
• If your organization joins as a member or participant of the HIE, understand the process(es) for
communicating the needs of your organization and influencing policy and oversight.
Understanding the HIE’s Maturity
The maturity of the HIE may play a significant role in the decision making of how your organization
may wish to participate. Your organization may want to be in the front end formation and invest fairly
substantially in terms of resources to form, guide and build the HIE, or your organization may want to
wait until the HIE is already formed and operational before they decide to invest in it. Regardless of
the organizational goals, one must understand the typical stages that most HIEs are going through from
concept stage to a fully functional, self-sustaining operation.
The stages can be divided into finer classifications but typically they include:
• Concept. In this stage there is a recognition that an HIE can help improve the quality of care
and reduce healthcare costs for its community (local, state, region, etc). Generally, a group of
stakeholders identify this need and embark on research to determine the validity of its
hypothesis. Once the hypothesis is viewed as credible, they are ready to move into the next
stage.
• Formation. At this stage the stakeholders who developed the concept move toward getting
organized. They expand the membership, develop a structured committee complete with a
defined charter, they ask for membership participation, and then they move to create a business
plan which should include: what the HIE business will be, what services to be offered, the
funding mechanism, the technologies required to support the business, the marketing program
and the governance and organization structure. Once a solid business plan exists, the HIE is
ready to move into the next stage.
• Fundraising. By this stage an agreed upon business plan exists and funds are raised to run the
operation of the HIE. There are many models across the country being used to raise capital to
start these operations including: grants, membership fees and donations. Once the initial
capital has been raised, the HIE is ready to move into the next phase.
• Start-up. In this stage the initial team to run the operation is put into place and the technology
secured, marketing is started and the operations can begin. The more successful business
models include running the operations as if it were a true business operation and not an
© 2009 Healthcare Information and Management Systems Society (HIMSS). 37
outgrowth of a development project. Once the start-up operations has benefits accruing,
revenue flowing, and new members are involved beyond the initial stakeholder set of
members, the HIE is ready to move into the next stage.
• Growth. At this point the marketing efforts of the HIE are fixed on growing the business. The
goals of the HIE to improve quality of care and reduce healthcare costs are achieved when the
majority of the stakeholders in the community are part of the HIE. At this point, depending on
the business plan revenue stream (i.e., subscription, transaction, grants, donations), the HIE
should be able to run the operations successfully.
• Sustainability. The operation is able to sustain the growth, expand its technical capabilities and
services and add value into the community. Once this stage is reached, the community should
be able to see the tangible results of the HIE operations. The goal of any HIE should be to
reach this stage.
As the HIE gathers the information focused on these areas, an understanding can be developed as to
where the HIE fits along the continuum and what work is left before the initiative is fully implemented.
Ultimately, the HIE initiative should mature into a formal business venture with strong oversight. If
the initiative is not progressing through the typical stages of maturity, it may be a sign that the viability
of the business plan is in jeopardy.
At this point, it can clearly be seen how close the HIE is to reaching the ultimate goal of connecting
with the National Health Information Infrastructure (NHII) later called Nationwide Health Information
Network (NHIN), which is:50
• An initiative set forth to improve the effectiveness, efficiency and overall quality of health and
healthcare in the United States.
• A comprehensive knowledge-based network of interoperable systems of clinical, public health,
and personal health information that would improve decision-making by making health
information available when and where it is needed.
• The set of technologies, standards, applications, systems, values and laws that support all facets
of individual health, healthcare and public health.
• Voluntary.
The NHIN is not a centralized database of medical records or a government regulation, but rather a
way of connecting an HIE in a community. It is needed to:
• Improve patient safety (alert for medication errors, drug allergies, etc).
• Improve healthcare quality (includes the availability of complete medical records, test results
and x-rays at the point of care, integrating health information from multiple sources and
providers, incorporating the use of decision-support tools with guidelines and research results,
etc.).
• For bioterrorism detection (NHIN will enable real-time aggregation of health data to detect
patterns).
• Better inform and empower healthcare consumers regarding their own personal health
information.
• Better understand healthcare costs.
50 U.S. Department of Health & Human Services. FAQs about NHII. Available at: http://aspe.hhs.gov/sp/NHII/FAQ.html.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 38
http://aspe.hhs.gov/sp/NHII/FAQ.html
© 2009 Healthcare Information and Management Systems Society (HIMSS). 39
Local, regional and state-wide HIE efforts wishing to connect to the NHIN must adopt technologies
that meet established standards and coordinate efforts to exchange information within and outside of
their network. The ultimate goal is to move away from silos of information (whether in paper or
electronic) and toward portable health information that is available at the point and time of care each
and every time.
Section 6 – Conclusion – Making Your Decision
It’s not a matter of whether to join an HIE, it’s a matter of when to join. This paper was designed to
facilitate an organization understanding of HIEs and assist in evaluating their assessment with
engaging in an HIE. It described the different models being implemented across the nation and the
various standards that must be considered. Having the background information supports using Section
5 which is a guide or list of questions to consider when assessing to join an HIE. Participating in an
HIE is a business venture that must be given careful thought. After all, it takes an entire community
(all stakeholders) to make a difference in trying to help transform healthcare and achieve the many
benefits.
Appendix A – HIE Evaluation Checklist
Here is a link to a Microsoft Excel version of this document.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 40
http://www.himss.org/content/files/HIEEvaluationChecklist.xls
© 2009 Healthcare Information and Management Systems Society (HIMSS). 41
© 2009 Healthcare Information and Management Systems Society (HIMSS). 42
© 2009 Healthcare Information and Management Systems Society (HIMSS). 43
© 2009 Healthcare Information and Management Systems Society (HIMSS). 44
© 2009 Healthcare Information and Management Systems Society (HIMSS). 45
Appendix B – Understanding Applicable Regulations
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the Congress in
1996. Title II of HIPAA, known as the Administrative Simplification provisions, addresses, among
other things, the privacy and security of individuals’ health information by establishing a federal
standard for the use and disclosure of health information. This federal standard generally preempts
state privacy laws except for those that establish stronger protections.
The use and disclosure provisions of HIPAA apply to “covered entities” which include health plans
(and employer-sponsored plans), healthcare clearinghouses such as billing services, and healthcare
providers that transmit healthcare data in a way that is regulated by HIPAA.51 Pursuant to the
requirements of Title II, HHS promulgated five rules regarding Administrative Simplification. Two
are of interest here: the Privacy Rule and the Security Rule.
Privacy Rule
The HIPAA Privacy Rule regulates the use and disclosure of certain information held by covered
entities. It establishes regulations for the use and disclosure of protected health information (PHI).
PHI is any information held by a covered entity which concerns health status, provision of healthcare,
or payment for healthcare that can be linked to an individual.52 This is interpreted to include an
individual’s medical record and payment history.
A covered entity may disclose PHI to facilitate treatment, payment or healthcare operations53 or if the
covered entity has obtained authorization from the individual.54 When a covered entity discloses PHI,
it must make a reasonable effort to disclose only the minimum necessary information required to
achieve its purpose.55
Other provisions of the Privacy Rule require that covered entities provide copies of PHI to the
individual within 30 days of requesting it56, give individuals the right to request corrections of
inaccurate PHI57, and require covered entities to keep track of disclosures of PHI.58 Other provisions
require that a covered entity designate a privacy officer59, establish privacy and disclosure policies to
comply with HIPAA60, train employees with respect to privacy policies61, establish sanctions for
employees who violate privacy policies, accept requests not to disclose PHI for certain purposes, issue
a privacy notice to patients concerning the use and disclosure of their protected health information, and
establish administrative systems to respond to complaints.
51 45 C.F.R. 160.103.
52 45 C.F.R. 164.501.
5345 C.F.R. 164.524(a)(1)(ii)
54 45 C.F.R. 164.502(a)(1)(iv)
55 45 C.F.R. 164.502(b)
56 45 C.F.R. 164.524(b)
57 45 C.F.R. 164.526
58 45 C.F.R. 164.528
59 45 C.F.R. 164.530(a)
60 45 C.F.R. 164.528
61 45 C.F.R. 164.530(b)
© 2009 Healthcare Information and Management Systems Society (HIMSS). 46
Security Rule
The HIPAA Security Rule specifically focuses on the safeguarding of electronic protected health
information (ePHI).62 Three types of security safeguards are required for compliance: administrative,
physical and technical.63 For each of these types, the Rule identifies various security standards, and
for each standard, it names both required (must have) and addressable (at discretion of covered entit
implementation specifications.
y)
Administrative safeguards include written procedures and a security officer, clearly identified
employees or classes of employees who have access to ePHI, employee training program regarding
handling of PHI, vendor PHI policies for vendors providing outsourced services, disaster recovery
procedures, provision for periodic internal security audits, and procedures for addressing and
responding to security breeches.64
Physical safeguards deal with controlling physical access to protect against inappropriate access to
PHI. Physical safeguards include control of introduction and removal of hardware and software from
the network to assure that PHI is not compromised; control of access to equipment containing PHI;
controlling access to hardware and software used with PHI; facility security (including security plans,
maintenance records, visitor sign-in and escorts, workstations not in high-traffic areas and monitor
screens not viewable and similar provisions) and training required of subcontractors.65
Technical safeguards deal with controlling access to computer networks and to ensuring that only the
intended recipient receives a communication. Information sent over an open network must be
encrypted. Each covered entity is responsible for assuring that PHC under its control is not
inappropriately altered or deleted. Covered entities must authenticate other covered entities it
communicates with using one of various methodologies. Risk analysis and risk management programs
must be documented.66
American Recovery and Reinvestment Act67
The American Recovery and Reinvestment Act of 2009 (ARRA) adds a number of provisions to
HIPAA. These HIPAA provisions are contained in the portion of ARRA called the Health Information
Technology for Economic and Clinical Health (HITECH) Act. These modifications and additions
pertain to the status of business associates, marketing and sales of PHI, electronic health records,
disclosures of the limited or minimum necessary data set, privacy and security breaches, education
programs, changes in enforcement and penalties for violations of privacy.
Business Associates
Under ARRA, HIPAA standards apply directly to business associates.68 New entities that were not
contemplated when HIPAA was passed such as personal health record vendors, regional health
information organizations and health information exchanges are required to have business associate
agreements and, thus, are subject to the privacy and security rules of covered entities.69
62 45 C.F.R. 164.105.
63 45 C.F.R. 164.306(c).
64 45 C.F.R. 164.308.
65 45 C.F.R. 164.310.
66 45 C.F.R 164.312.
67 Privacy and Security Implications Webinar, Feb 23, 2009; http://www.himss.org/EconomicStimulus/webinars.htm
68 American Recovery and Reinvestment Act of 2009 (ARRA), §13404.
69 ARRA, §13408.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 47
http://www.himss.org/EconomicStimulus/webinars.htm
Marketing/Sale of PHI
ARRA provides new restrictions which prohibit the sale of PHI for various health-related purposes.
Marketing communications are not considered healthcare operations. ARRA prohibits a covered entity
or business associate from receiving payment for PHI without authorization from the individual.70
Electronic Health Records
If an individual’s PHI is maintained in an electronic health record, ARRA provides an individual the
right to receive an electronic copy of his/her PHI or have it transmitted to a third party.71 Such an
individual may request an accounting of disclosures of his/her PHI made in the three years prior to the
request. The Secretary may take into account the usefulness of the information and the cost burden for
such disclosure accounting.72
Disclosures
A covered entity should limit disclosures to the limited data set or to the minimum necessary data (to
be described by the Secretary of HHS within 18 months) to fulfill the needs of the disclosure.73
Breach Notification
ARRA establishes a federal security breach notification requirement in the event of a breach of PHI.
This requires that each individual be notified if his/her unsecured PHI is accessed, acquired or
disclosed as a result of the breach. The covered entity is required to notify the Secretary of HHS and
prominent media outlets if data from more than 500 individuals is involved. The Secretary shall make
public such breaches on a Web site.74
Education Programs
The Office of Civil Rights will develop and maintain a national education initiative regarding the uses
of PHI, including programs to educate individuals about the potential uses of their PHI, the effects of
such uses, and the rights of individuals with respect to such uses. Such programs shall be conducted
frequently and in a variety of languages.75
Enforcement/Penalties
ARRA allows for criminal penalties to apply to individuals who disclose PHI without authorization.76
The act provides a system of higher civil monetary penalties and provides a system for distribution of
the penalties collected. ARRA institutes periodic audits of covered entities and business associates and
allows state attorneys general to bring civil actions on behalf of residents of the state.77
State Laws
HIPAA rules take precedence over state laws unless state laws are more restrictive than HIPAA.
Many state laws that impose additional (or different) privacy requirements address health diagnoses
involving a high degree of personal sensitivity or social stigmatization (e.g., HIV, AIDS, substance
abuse, behavioral/mental health and genetic testing). Such state laws often require covered entities to
obtain some form of legal permission before they are authorized to disclose the health information for
70 ARRA, §13405-13406.
71 ARRA, §13405(e).
72 ARRA, §13405(c).
73 ARRA, §13405(b).
74 ARRA, §13402.
75 ARRA, §13403.
76 ARRA, §13409.
77 ARRA, §13410.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 48
purposes other than those expressly identified in the state law. This can have two impacts. If the
information is collected electronically, the covered entity may need to obtain permission before
transferring it. But, the information may not be collected and stored with other information so users of
the patient data may simply have an incomplete picture of the patient’s health. Certain drugs that
would indicate the sensitive conditions may not be in the electronic files so another treating physician
may not know all the patient’s medications.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 49
Appendix C – SandlotConnect® Case Study
Prepared by: Melissa Brooks, 817-810-5210
Organizational Contacts: Telly Shackelford, 817-810-5219
Background
Regional Business Environment & Demographics
Sandlot, LLC, was developed by North Texas Specialty Physicians, a 600-doctor IPA in Fort Worth, to
build SandlotConnect®. SandlotConnect® currently serves the residents and physicians of Tarrant
County. There are approximately 1.7 million citizens living in Tarrant County, with over 1.1 million
unique patients participating in SandlotConnect®. Sandlot looks to expand its products and services
into additional geographic locations to better serve physicians and patients outside Tarrant County.
Sandlot growth and development will also likely include additional interoperable EMRs and a patient
health record with patient access.
Tarrant County is one of the fastest growing urban counties in the United States. Tarrant County is
home to Texas Health Resources, one of the largest non-profit healthcare delivery systems in the
United States. Texas Health Resources currently operates seven hospitals that are connected to and
feed clinical information into SandlotConnect®. Also connected to SandlotConnect® are 350 Tarrant
County physicians who are utilizing or are in the process of implementing electronic medical record
systems. Clinical data from these physicians feed into SandlotConnect®, providing the remaining
physicians who are not on an EMR with access to this data. There are also two national laboratories
and one radiology group connected to SandlotConnect®.
Factors Aligning and Driving Local Stakeholders
North Texas Specialty Physicians (NTSP) understood that quality patient care relies on advanced
technology that provides clinical information at the point of care. There was not currently a system
available to physicians in North Texas that connected doctors on disparate EMR products, as well as
physicians without an EMR product. Creating a system that would allow EMRs and physicians to
communicate is a revolutionary way of improving the clinical services that a patient receives. NTSP
physicians wanted to be able to communicate quickly and seamlessly, and transfer patient clinical
information in a HIPAA compliant manner, no matter what particular EMR system they are on, if any.
NTSP founded Sandlot LLC, in 2006 as a wholly owned subsidiary to build and operate an
interoperable health information exchange, called SandlotConnect®. SandlotConnect® went live in
December 2008, with a current count of more than 700 users, which includes physicians and their staff.
Operations
Vision, Mission and Guiding Principles
EMRs as a way to improve quality of care are receiving considerable national attention. The Centers
for Medicare and Medicaid Services (CMS) has stated that EMR implementation will be criteria for
determining various pay-for-performance incentives. In addition, several state governments have
established EMR funding initiatives. Finally, payors have stated their support for EMR
implementation as a differentiating point within their contracted networks.
In stark contrast to these priorities, nationally, less than 15 percent of all physicians are presently on an
EMR system. In addition, these physicians are on EMR systems that are limited to communicating
© 2009 Healthcare Information and Management Systems Society (HIMSS). 50
mailto:mbrooks@ntsp.com
mailto:tshackelford@sandlotmd.com
information within the provider’s practice. At best, the provider is part of a physician/hospital EMR
system which allows for the transmission of information between the physician and his/her hospital
system. Although much discussion has occurred around the concept of regional health information
organizations (RHIO), only a few communities across the country have made significant progress in
establishing a system which allows the sharing of patient information from disparate EMRs either at
the hospital or physician level.
Creating a system of EMRs that can talk to each other was thought to be a revolutionary way of
improving the clinical services patients will receive. They will improve quality of care and cut
duplication and inefficiencies from the system. Previous EMR efforts have resulted in limited silos of
information. However, Sandlot’s effort will not only expand the number of providers on EMR
systems, but will connect these systems to each other along with the information contained in each via
an HIE.
The value that will be gained from this project is an improvement in patient care by connecting
physicians with information from disparate systems at the time that information is required. Therefore,
Sandlot’s mission includes:
• The development of application systems to enhance the efficiency, quality, availability and
accessibility of patient information among providers and their patients.
• The development of a health information exchange system for the sharing of patient data
• The implementation of electronic medical record capabilities.
• An operational system for providing support related to the above services.
In order for Sandlot to complete its mission, specific goals associated with SandlotConnect® were
determined. Those goals include:
• Improved quality of care through the effective use of technology.
• Facilitate physician-to-physician communication using advanced technology.
• Accelerate adoption of EMR at the practice level.
• Develop an infrastructure that will support data integration from other healthcare entities and
disparate systems in the future.
• Enable physicians to view the entire patient record across providers.
• Create a central repository for patient information accessible via the Internet.
• Offer different EMR systems to increase the rate of adoption.
• Offer a competitive differentiator with employers, payors and patients.
Governance and Management Structure
Sandlot, a wholly owned subsidiary of NTSP and as such Sandlot’s Board will be nominated by the
NTSP Board. Sandlot will receive its initial funding and capitalization from NTSP.
Sandlot will enter into a contractual agreement with various vendors who will provide services to
Sandlot for the establishment of the health information exchange and EMR capabilities.
Sandlot will also enter into contractual data exchange services agreements with providers and data
source providers interested in participating in the EHR service.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 51
Service Offerings
Sandlot delivers a health information exchange that includes the following capabilities:
• HIE interoperability platform
• Shared record patient data repository
• EPR–Person identity resolution via initiate hub
• Clinician desktop with results viewer and secure messaging
• Referral management application
• Hospital connectivity
• Allscripts, NextGen and other EMR licenses, hosting and maintenance services
• EMR interoperability (Allscripts, NextGen and other CCHIT certified EMRs) to HIE
• Two connected national reference lab (orders and results)
• EMR training services and in-office workflow support
• Pharmacy interfaces
• Payor interfaces
Technical Architecture
The technical architecture includes a central repository for SandlotConnect® and the use of HL7
interfaces and clinical documents including continuity of care records (CCR) to transfer clinical
information between data sources and EMR systems.
Unique Operational Considerations
The amount and types of services Sandlot offers and the manner in which Sandlot completed the EMR
interoperability with SandlotConnect® makes Sandlot unique and a differentiator in the marketplace.
Sustainability
Business Model Summary
Sandlot offers business services such as EMR implementation and training, HIE access, and e-
prescribing usability to better facilitate patient care, physician communication, and increase office
efficiencies. Sandlot’s business model caters to all of those contributing factors which must live
harmoniously in order to operate a successful healthcare system. This system functions through various
revenue streams from data source providers, which includes hospitals, laboratories and radiology
services, and physician groups.
These connected sources cluster into three main service types and act as a subscription model.
1. Contributors. Data sources such as laboratory providers that supply clinical data, but do not to
retrieve data.
2. Consumers. Sources like physician offices that retrieve clinical data but are unable contribute
data into the exchange.
3. Amalgams. Sources such as EMR users who are able to consume as well as contribute clinical
data.
Sandlot also markets and demonstrates its products to congressional delegations and healthcare leaders
to pursue federal grants which will help further the interest of information technology and allows
Sandlot to grow its services in other communities.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 52
Realized Benefits
Currently Sandlot has achieved a majority of its original goals and has realized benefits in several areas
though the key benefit has been improved quality of patient care by providing clinical information at
the point of care at the right time. Previously treating providers had to request and then wait for
information from other practices or hospital systems.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 53
Appendix D – Indiana HIE Case Study
Prepared by: Kevin Lemire, 408-218-9217; John Kansky, 317-644-1723.
Organizational Contacts: Tom Penno (COO); Jenny Siminski (PR); Lori Leroy (PR)
Background
Regional Business Environment and Demographics
The Indiana Health Information Exchange (IHIE) is based in the Indianapolis healthcare market. The
Indianapolis medical service area is comprised of nine counties with a population of about 1.7 million
citizens. In addition to the Indianapolis market, IHIE is expanding to serve several other Indiana
population centers. Once fully implemented, IHIE will serve half the state’s population or just over 3
million people.
Indianapolis is a competitive, urban and suburban healthcare market with five major health systems
and several smaller systems in outlying areas. About 35 hospitals operate in the nine-county area.
Indianapolis is also home to several significant healthcare organizations including Eli Lilly, WellPoint,
Roche Diagnostics, and the Regenstrief Institute. The Regenstrief Institute is an internationally known
independent healthcare informatics research institute. The technology on which IHIE is based was
developed and proved by Regenstrief.
Factors Aligning and Driving Local Stakeholders
IHIE was founded as a supporting not-for-profit organization in February of 2004 by a broad group of
stakeholders including the five major health systems and other healthcare leaders in the Indianapolis
market. The organizations driving the creation of IHIE included the Regenstrief Institute,
BioCrossroads (an Indianapolis-based healthcare and life sciences business catalyst organization), and
iCareConnect (ICC). ICC was a grass-roots group of physicians and other healthcare leaders bent on
improving the quality and efficiency of healthcare in Indiana. ICC eventually settled on community-
wide clinical messaging as their focus. This project led to the creation of IHIE and ICC was dissolved
when IHIE was created.
It is helpful to note that the creation of IHIE occurred in 2004 in a market where the Regenstrief
Institute created the first electronic medical record in 1972 and the first large-scale community wide
health information exchange system (called the Indiana Network for Patient Care) in 1994. IHIE was
not founded in a “normal” healthcare market.
Operations
Vision, Mission and Guiding Principles
The Indiana Health Information Exchange (IHIE) is a non-profit venture backed by a unique
collaboration of Indiana healthcare institutions. Our vision is to use information technology and
shared clinical information to:
• Improve the quality, safety and efficiency of healthcare in the state of Indiana,
• Create unparalleled research capabilities for health researchers,
• Establish a model of health information exchange for the rest of the country.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 54
mailto:Kevin.Lemire@HealthiaConsulting.com
mailto:jkansky@ihie.com
mailto:tom.penno@ihie.com
mailto:jsiminski@ihie.com
mailto:lleroy@biocrossroads.com
Governance and Management Structure
To a great extent, each of IHIE’s service offerings (described below) has its own governance. The
oldest and most sophisticated governance body is called the Indiana Network for Patient Care
Management Committee (see INPC below). The INPC management committee is made up of
representatives from all organizations that are members of the network–those that provide and access
data from the INPC. The group sets policy and direction for the INPC and meets quarterly.
Representatives on the committee are typically CIOs, CMOs, and/or CMIOs at their respective
organizations.
Service Offerings
IHIE, with its technology partner, the Regenstrief Institute, have several service offerings. They
include:
• DOCS4DOCS® Clinical Messaging Service: Electronic delivery of clinical results from their
source (e.g. hospital or lab) to the physicians that require the result for patient care
• Indiana Network for Patient Care (INPC): INPC is a community-wide clinical data
repository, with “push” and “pull” mechanisms, that provides relevant clinical information from
a patient’s aggregated community healthcare record to clinicians at the point of care.
• Public Health Emergency Surveillance System (PHESS): PHESS is a statewide bio-
surveillance system that monitors, in real-time, the primary complaint of patients entering
emergency departments in 75 hospitals across the state.
• Quality Health First® program (QHF): QHF is a clinical quality and value-based
reimbursement service. The program provides doctors with patient-specific actionable alerts
and reminders based on best-practice healthcare measures. It also provides participating health
plans with an analysis and administration service supporting their value-based reimbursement
programs.
Technical Architecture
The technical architecture underlying the various service offerings varies as is warranted by the needs
and demands of each service. However, it is a key success factor that multiple service offering re-use
and rely upon a common core infrastructure. The core of the INPC is a centrally-managed federated
model. Each participating member organization has its own data repository – logically separated from
other participant’s data. However the data reside within and is managed within a common data center.
This is optimal for system performance, efficiency of maintenance, and consistent levels of security.
Each data source organization continues to “own” its own data and control how the data can be used
through its endorsement of specific data use agreements. There are now more than 50 organizations
participating in the INPC.
Sustainability
Business Model Summary
IHIE views health information exchange as a business, and like any businesses, it develops and offers
services for which there is a need in the marketplace and which can be offered at a cost that is below
their value to customers. Each service offering described above has its own sustainable “service
model.” Service models are derived from the answers to the questions:
• To whom in the healthcare supply chain does value accrue?
• How much value does a given customer accrue?
© 2009 Healthcare Information and Management Systems Society (HIMSS). 55
• Is that customer willing to pay a cost less than that value, but greater than the cost of providing
the service?
IHIE offers services to both healthcare providers and health plans. Having multiple services aimed at
various participants across the healthcare supply chain is conducive, and perhaps, absolutely necessary,
for a sustainable HIE business. Since HIE services frequently deliver value, in varying degrees, across
multiple organization types in the chain, having multiple service with various service models enables
an exchange to generate revenue from both provider and payor organizations–avoiding the perception
of inequality.
Realized Benefits
Consistent with our mission, IHIE’s services deliver benefits aimed at improving the quality, safety,
and efficiency of healthcare. While there are many “soft” benefits, our paying customers fully expect a
concrete return on their investment. IHIE’s services have been shown to reduce hospital operating
costs and reduce the overall cost of caring for patients in specific clinical settings, like the emergency
department. Other quantitative studies of the value of HIE services also are underway.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 56
Appendix E – Louisville Health Information Exchange, Inc. (LouHIE) Case Study
Prepared by: Barry Pope, 813-844-4728; Barb Cox, 440-247-2718
Organizational Contacts: Sheila Anderson, 502-473-4750, (ED);
Judah Thornewill, past Executive Director
Background
Regional Business Environment & Demographics
In March 2006, the Louisville Health Information Exchange Inc. (LouHIE), a nonprofit organization,
was formed to support development of a community wide health information exchange to improve
quality and contain rising costs of healthcare. A governance structure developed by researchers at
University of Louisville was used to obtain balanced input and ongoing participation from all
interested parties in the community. Starting in January, 2007, LouHIE raised funds and hired an
outside firm to conduct an independent, comprehensive market research study as a basis for developing
a business plan.
LouHIE is focused on the Greater Louisville metropolitan area, which includes 10 counties containing
the city of Louisville (and surrounding suburbs—including those in Indiana), with a total population of
more than 1.2 million. Counties included at the launch were: Clark, Floyd, Jefferson, Bullitt, Hardin,
Spencer, Shelby, Oldham, Henry and Trimble.
Factors Aligning & Driving Local Stakeholders
The business plan was developed based on market wants/needs identified through the research
program, conducted August – November, 2007 and included over 1200 responses. The results of the
research are available in The Greater Louisville e-Health Research 2007 Report.
At a national level, the Department of Health & Human Services has recently taken a major step
forward with developing the NHIN through the trial implementations of interoperability between HIEs.
A major vendor recently offered “free of charge” a global personal health record that is available to all.
The solution offered may not meet all the stakeholder needs but will drive other vendor solutions in the
marketplace to become more interoperable. At a state level, initiatives that have been underway for
some time boast nearly 100 percent penetration to households and businesses by providing broadband
network access to the state of Missouri. This state-wide infrastructure initiative is enabling care
providers in both rural and metropolitan areas with access to a state-wide broadband network, and that
communications infrastructure is in place to facilitate health information exchange across multiple
communities throughout the state. Additionally partnership efforts have been working to bring
together major healthcare organizations in Missouri to develop a common Web portal for provider-
payor communications enabling secure access to clinical information and simplified and standardized
administrative tasks.
Analysis within the regional marketplace provided the following information:
• More than 75 personal health record systems and over 300 electronic health record/electronic
medical record systems.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 57
mailto:bpope@tgh.org
mailto:bcox@gapconsultinginc.com
mailto:sheilaandersen@insightbb.com
http://www.louhie.org/Research%20Reports.htm
• Less than ¼ of physician practices use an electronic health record (EHR) system. 78 As a
consequence, ¾ of physicians do not have the technical capability to capture and share
electronic health records with a personal health bank record system.
• Pharmacy retailers could get higher reimbursements through Medication Therapy Management
authorized under Medicare Part D and would need a simplified documentation procedure.
• Medical Products suppliers need to integrate their systems with LouHIE.
• From a consumer perspective, the revealed sentiment includes deep concern over the privacy
and security protection for their consumer health records.
In response to these forces, LouHIE fills a valid need as a trusted nonprofit service offering the
consumer health record bank account maintaining the interest of consumers and protecting data, while
offering unrestricted, “free” access to all consumers, beginning with medications and medication
reconciliation.
Operations
Vision, Mission, and Guiding Principles
The vision and mission can be summarized in the points identified below:
• Access for life.
• Everyone has a seat at the table.
• Commitment to consumer consent.
• Integration with workflow.
• Integration with state and national networks.
• Encouraging a vibrant marketplace for eHealth vendors.
• Transparency.
• Contribution funding system.
• Investment of excess contributions to benefit those most in need.
• Supporting cutting edge research.
Governance and Management Structure
LouHIE Inc. will operate as a Missouri-based A 501(c) (3) nonprofit organization; this structure was
chosen based on research from consumers and other stakeholders which openly discussed concern with
a for-profit entity in managing the interests of the community. The concern indicated that a
community-based not-for-profit entity would be most trusted to provide these services to the
community. LouHIE’s organizational model includes:
• The board of directors is “multi-stakeholder” including representation from all key participants
in the healthcare ecosystem for the Greater LouHIE area. It is believed that this board structure
has contributed to the development of the community’s social capital as LouHIE’s plans have
developed since 2006.
• A temporary management team has been developed using executives drawn from University of
Louisville and major healthcare organizations in the community.
• The permanent management team will include an executive director, chief financial officer,
chief information officer, chief medical officer, chief development officer, compliance officer,
benefits realization manager and administrative support.
78 FierceHealthIT. EHR adoption held back by multiple issues. Jan. 28, 2007, Available at:
http://www.fiercehealthit.com/story/study-ehr-adoption-held-back-by-multiple-issues/2007-01-29.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 58
• The core-services vendor subcontracted by LouHIE to provide technology services to the HIE’s
customers.
Service Offerings
LouHIE has created the Health Record Bank of Greater Louisville, offering free health record banking
services for all (1.2 million) citizens in the greater Louisville area, including Southern Indiana.
LouHIE will launch the services focused on medications, medication reconciliation and patient
demographics, and will include the following currently offered or planned services:
Service Definition
Core Health Record
Banking Service
For consumers,
employers, government,
physicians and
providers
LouHIE’s core health record banking service to consumers, benefits purchasers, providers and
payors will include:
1. Health record bank account: A permanent, longitudinal record of the consumer’s health
information–beginning with medications, demographics and allergies.
2. Integrated enrollment system: Supports enrollment through payor networks, at point of care,
Web, cell-phone, or, over time, kiosks.
3. Deposit window: Supports deposits of health information from physicians, pharmacies,
consumers and other authorized health information sources.
4. Withdrawal window: Supports transfer of consumer’s health information to providers or others
with consumer authorization.
5. Individual controls: Consumer ability to control access to the record at different levels of
granularity, including suppressing specific information such as a medication.
6. Organization views: Authorized organizations are able to access/view information through
windows tailored to their needs. For example, a physician summary page will be provided
according to physician requirements.
7. Integrated registration, eligibility and contribution processing services.
8. Integrated research capabilities.
Research Services With consumer consent, LouHIE provides researchers access to data for research purposes.
Consumers control what kind of data is available, and whether it is de-identified or identifiable.
Special controls are put into place to insure only authorized researchers access data. Researchers
pay LouHIE a fee for data-access.
Non-core Vendor
Services
LouHIE provides health information product and services vendors with the ability to link their
services to LouHIE’s health record bank, thereby enhancing their product/service value, while
opening new markets. Vendors are asked to contribute administrative and/or volume fees to be
linked to LouHIE. Types of vendors who may be interested in LouHIE’s vendor services include
providers of EMR, eRX, Health Risk Assessment, wellness programs, smartcards, daily diaries,
payor eligibility and claims submission, product recall services and etc.
Personalized
Messaging and
Content Services
Personalized messaging services may include automated reminders such as an “appointment
reminder” or “prescription refill reminder” on a cell-phone. Personalized content services may
include personalized recommendations for books, articles and other healthcare information.
Future Services Future services may be developed based on customer interest. Examples of additional services
include:
1. Lists of providers.
2. Environmental data.
3. Standardized state reporting.
4. Consumer surveys.
5. Job recruiting.
6. Dictionaries of terms.
7. Educational content.
8. Comparison shopping.
9. Formulary lists by payor plan.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 59
Technical Architecture
Data for LouHIE comes from a variety of sources:
• Provided directly from users.
• Documented by healthcare provider activities and outcomes.
• Contributed via claims based information sources.
• Submitted by ancillary service providers (i.e., labs) regarding services they have rendered.
LouHIE has developed a well-defined strategy and structure to receive, process, store and manage
these streams of data. LouHIE is not a supplier of technology infrastructure services. Instead, it
manages purchases services from one or more core services vendor(s) (CSV). The CSV are expected
to deliver necessary hardware and networking infrastructure, software development and deployment
capabilities, operational procedures and processes, and to be able to help manage the complex
relationship between itself, LouHIE and the various participating individuals and organizations that
make up the LouHIE user and consumer community, and has included the standards of the Health
Record Banking Alliance (HRBA) in defining their organization and the associated functional
requirements. These standards also have significant implications for the technical architecture.
The major privacy and security principle related to LouHIE is simply this:
• Individuals maintain ownership of their own healthcare information.
However, LouHIE’s defined limits in the context of data ownership are as follows:
• Owners may NOT delete or request deletion of data selectively–they grant permission for
LouHIE to collect data or not.
• Owners may NOT alter the content of data. Any challenges with the contents or the accuracy of
data would need to be discussed with the originator of that data, and changes would need to be
initiated from that originator before it would be updated in the LouHIE environment.
• Owners do have the ability to select what person or organizations may access their data, either
selectively or in total (i.e., access to certain data may be restricted to only select accessors, other
data may be available to all accessors). NO access is possible without prior authorization from
owners.
• Owners will have the ability to know what accesses of their identifiable information have
occurred, and by whom.
• Owners will have the ability to designate someone other than themselves to manage their health
data.
The specific capabilities required to accomplish these principles include the following:
• Filtered inbound data streams designed to allow processing and storage of only those records
where authorization has been received from the individual involved.
• Dynamic access to establish, maintain and revoke LouHIE’s authorization to collect and
distribute data.
• Specificity in the management of data access, and data type and user access; including delegate
user management for consumers of health information.
• Complete auditing of person-identifiable information needs to be available to the owner for their
review.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 60
The LouHIE plan for data management is a centralized model, chosen due to the benefits that facilitate
management of the exchange. Participants in a centralized model will still have to arrange agreements
with LouHIE that meet their individual privacy needs, but once such agreements are in place, LouHIE
will be able to operate according to the one standard set of privacy rules – providing for greater
transparency and ease of administration. A sample of the logical rule/messaging flow control diagram
is as follows:
The primary technical challenge for LouHIE will be accepting data from disparate sources in varying
formats and translating that data (in content and format) into a single data model for storage in the
LouHIE repositories. In order to minimize the effort required of data providers (and therefore to
maximize their likelihood of contributing data to LouHIE), the data feeds will be accepted in any
structured, definable, electronic form. LouHIE has assumed the responsibility of defining the data
mapping (assisted by the contributing organization) and executes the reformatting/translation of the
data from the source-format exchange format. The architecture for LouHIE envisions the storage of
data in two separate repositories – one for operational purposes, one for research purposes. The
objectives of establishing two repositories are several, including:
• Separating high-frequency-access data (operational) from low-frequency-access data (research).
• Enabling more thorough de-identification of data in the research repository.
• Allowing for the likelihood that the two repositories may utilize different data models.
• Supporting the possibility that separate vendors will maintain the two repositories.
In the architecture diagram, the repositories are further separated into sub-repositories for demographic
data, de-identified clinical data (non-image or document-based), and document or image-based data.
The goal of further separating the data is primarily increased security and privacy by limiting
inappropriate access to the demographic or clinical data sections. Note that it is not possible to de-
© 2009 Healthcare Information and Management Systems Society (HIMSS). 61
identify the image/document-based information, as personal information is likely a part of the
documents and images that would be stored. LouHIE has also assumed responsibility for managing
the data filtering process, allowing data sources to transmit complete data files containing information
on all relevant persons making LouHIE responsible as well for selecting and processing data only for
those who have given their consent to participate in the exchange. All other data is discarded,
consistent with the privacy and security procedures of LouHIE and the data provider. Only after
filtering and formatting is data applied to the repositories. The LouHIE architecture requires the
creation and maintenance of a Master Person Index (MPI). Establishment of the MPI requires inputs
from inbound data processing (to identify potential matches of new persons with established entries in
the MPI) as well as manual validation (where the identified new matches are not exact). The other
functions of the MPI include storing data access authorizations associated with the person, tracking
sponsorship/underwriting information (i.e, name of the sponsoring organization), and tracking
identified interests/concerns to be used to tailor customized content.
The portal infrastructure will be the primary means for the consumer and provider LouHIE users to
access their information as well as the associated administrative functions. The consumer portal is a
presentation framework that consists of several components and capabilities:
• Registration: To support the initial establishment of the consumer and provider (user) as a
registered user of the LouHIE solution. It enables the user to give permission to the system to
receive and process data for both operational and research data stores, and to modify that
permission as required by the user. It also allows for deregistration of users who chose to end
their participation in LouHIE.
• Access management: To allow the user to establish, manage and suspend access to the various
types of data by user type (physician, hospital, emergency room, researcher) and by data type.
• Clinical data viewer: To allow the user to see the contents of data stored in the operational data
store. The user can review the data for purposes of validating it, tracking it over time, initiating
a request to correct it, recording it for use in interacting with caregivers, etc.
• Targeted content provider: To store of information provided by LouHIE partner organizations
that will be presented to the users based on 1.) rules identifying appropriate content based on
user attributes; and 2.) level of contribution of the user (higher levels of contribution equate to
more focused and less frequent content being presented).
• Notifications and alerts.
• Cell-phone access.
• Providers would have access to linked systems and services such as e-prescribing and EMR:
LouHIE intends to provide access to an EMR capability to physicians who are active in
participants and who do not currently have such a capability of their own.
• Consumers may also be accessible through linked portal services such as payor portals or
external PHR portals.
• Employers and health plans receive special interfaces and services to gain access to information
for which they are authorized. For example, employers may wish to have access to special
“group” reports through their payor network.
LouHIE anticipates being able to provide data in support of approved research activities in a number of
formats, including research-specific data stores, data extracts, and reports.
There are no easy answers to the problem of identifying the standards that should or should not be
included in the development of LouHIE technical capabilities. While some are recommended (or
required) as a means to meet external requirements (NHIN, for example), others will be entirely up to
© 2009 Healthcare Information and Management Systems Society (HIMSS). 62
LouHIE and the CSV to determine. LouHIE has adopted flexible standards and is able capable of
adjusting as needed as standards evolve and change. LouHIE supports interactions with many partners
who have adopted a variety of standards (or none at all) in their own internal operation. LouHIE seeks
to consistently apply standards within their own organization, and to provide a consistent means of
mapping, storing and presenting information. LouHIE does NOT mandate their partners to adhere to
exchange-supported standards as a condition of participation.
Sustainability
Business Model Summary
As a nonprofit, LouHIE relies on donations, contributions, grants and sponsorships. Start-up costs are
funded through major gifts and grants, plus a community fund-raising campaign. Ongoing services are
funded through consumer contributions, employer and health-plan contributions, government and non-
government grants and contracts and revenues from special services.
The first two years of operation were primarily funded by start-up contributions, including donations,
gifts and grants. Subsequent years were increasingly funded by services contributions as more people
and organizations contribute based on the value of the service.
Marketing Plan
People enroll through their doctor, hospital, pharmacist, employer, insurance plan, or other healthcare
provider, or online. Once enrolled, people have the option of receiving special “Health Record Bank
of Greater LouHIE” access cards. Community wide all-channels marketing effort will occur to enable
area consumers and organizations to access and use the Health Record Bank of Greater LouHIE. The
objective of the LouHIE marketing activities is to present a compelling vision of those goals and
benefits to the public in such a way that they will actively seek to participate. Only through this
participation can the exchange gain sufficient “critical mass” to deliver the benefits that LouHIE
envisions, and remain financially strong enough to support the financial projections for the exchange.
The critical factors to developing a sense of engagement among the desired participants in LouHIE
have been identified as follows:
• Begin with clear, simple, value-adding service.
• Explain the benefits to attract participation.
• Establish and sustain participant growth within reasonable timeframes.
• Quickly gain traction and credibility as an ongoing entity.
• Educate key participants and groups on cultural and procedural changes that will enable
LouHIE to deliver the expected community benefits.
Marketing LouHIE to the community is a multi-channel effort, requiring different activities for various
market segments. The marketing plan encourages and sustains the interest of potential participants in
using, and contributing financially to, the new electronic capabilities to coordinate, collaborate and
utilize the new electronic data gathering and sharing capabilities to get the right information to the
right person at the right time and enhance their ability to manage patient care and improve outcomes.
These participants include physicians, hospital groups, employers, health plans, laboratories,
pharmacies, governmental agencies and other entities such as safety net providers, research institutions
and civic organizations.
LouHIE’s customers are the ~1.2 million consumers living in the greater Louisville area and the 12
types of organizations working to deliver quality healthcare services to them. Since organizations and
© 2009 Healthcare Information and Management Systems Society (HIMSS). 63
individuals may approach LouHIE through multiple channels for multiple purposes, a “many to many”
marketing strategy is appropriate. Several channels are defined, each of which may help market to
others. This strategy is appropriate for Internet-based services like LouHIE, which require different
marketing efforts than traditional retail operations. The sections below describe different customer
segments and channels and the marketing approaches to be used.
LouHIE’s focus on the general consumer presents the opportunity to generate revenue from a number
of new or expanded sources. In their research, consumers found value in the services that LouHIE
proposes to offer, and a significant percentage of those consumers felt that the services were worth
paying for.
In marketing to individual consumers (actually the households that contain one or more individual
participating consumers), the focus is on the set of services and capabilities that will better enable
consumers to:
• track their own health information–initially focused on medications and allergies;
• enable multiple providers to access consumer information to better collaborate care;
• reduce the number of appointments necessary to replicate missing or misplaced results;
• receive access to tailored and relevant health information;
• have limits placed on the presentation of less-tailored health information; and
• eventually reduce costs to the consumers through overall reduction in healthcare costs in the
community.
Two approaches will be used to reach individual consumers. The first is public relations activities and
marketing focused on general publicity and exposure to LouHIE services, capabilities and results.
Through this approach, consumers will become familiarized with the LouHIE concept, and early
adopters will be able to go online, register for the free service and begin using it. However, this
approach is not initially expected to generate large numbers of contributing users of LouHIE services
directly. The second approach to consumers is through the various organizations which serve them,
especially their physicians and hospitals, but also through benefits sponsors, payors, technology
providers and research organizations.
Healthcare services organizations and their providers have been offered free basic exchange services—
including a provider portal—with a standardized patient clinical summary that initially includes
medications history and demographics. Enrolled providers are able to offer all incoming patients free
access to the service. Providers serve as a key distribution channel to consumers, by making
enrollment in the HIE a part of their patient registration process.
Employer sponsors would most likely present LouHIE services as a component of a benefit package to
their members or employees. As a benefit, the costs could be absorbed by the sponsoring entity, or
passed through to the members or employees through increases in the total cost of benefits.
Payors stand to benefit from services directly, and in terms of increased satisfaction by their members
and clients. LouHIE will benefit payors with options that include the ability to offer LouHIE service to
payor members and providers (through their unique portal), to integrate identity services, to integrate
identity and enrollment services. These options produce significant potential for financial savings.
Payors will be contacted directly by LouHIE, and will be encouraged by employer sponsors to support
LouHIE.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 64
LouHIE is committed to creating a vibrant market of health information product and service vendors
who can link their services to the Health Record Bank of Greater LouHIE. Vendors may offer
products like EMRs, e-prescribing, medical devices, monitoring devices, smartcards, and much more,
all of which could have added value by being linked to LouHIE. LouHIE will approach these vendors
as potential clients, seeking to help them develop new markets, test products and increase their sales.
In some cases, LouHIE will create an “oligopoly” market, offering two to three winning vendors an
opportunity to be integrated with LouHIE, and have a favored position in the LouHIE area marketplace
for a period of time. Some of these vendors are likely to seek LouHIE out; in other cases, LouHIE
will seek out national vendors and offer them opportunities to come to LouHIE. As the LouHIE
vendor segment develops new markets in the LouHIE area, they will also be helping to “market”
LouHIE to the consumers, providers and other organizations which they serve. Once linked, these
vendors will promote LouHIE services when they promote their own.
Integrated research activities will be developed to add increasing value to the various other consumer
and organizational customers of LouHIE. Research will help increase awareness of the value of
LouHIE, and increase the perceived value of LouHIE’s services.
LouHIE will develop an active program for applying for grants and contracts to support e-health
related initiatives with potential to benefit the community. Both “development” and “services” grants
will be sought.
As a community nonprofit, LouHIE will be able to draw significantly on the use of public relations
tools, community events, and word-of-mouth to spread the word about LouHIE. LouHIE will maintain
an active public relations presence with support from professional public relations firms and marketers
as required. Community events such as town meetings, TV and Radio shows, and other forums will be
an active part of LouHIE’s development approach. LouHIE’s chief marketing officer and other team
members will set-up meetings with employers, payors and government entities, to set-up consumer
sponsorships. In addition, meetings will be held to set-up hospitals and physicians as free distribution
points for the service.
LouHIE branded Health Record Bank of Greater LouHIE Access Cards may be developed and offered
through sponsoring organizations. Several versions of these cards may be made available–ranging
from simple cards with a bar code and mag-strip, to future “smart cards” with chips.
By using a multi-channel approach to reach the community, it becomes easy for consumers to access
the service when and where they need it, while facilitating rapid adoption by consumers, providers,
employers, health plans, government and other entities.
Risk Management
For any new endeavor, it is important to identify potential risks that could effect business planning,
and to develop appropriate strategies to manage and mitigate against those risks. LouHIE’s plan
considers and addresses five key risks:
1. Fragmentation risk.
2. Community trust risk.
3. Political risk.
4. Economic risk.
5. Implementation risk.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 65
Fragmentation Risk
Given the movement into the personal health record market of several large national companies
(Microsoft, Google, Dossia, etc.), there is a risk that if the LouHIE community moves too slowly in
launching this service, that there could be consumer and employer fragmentation across multiple PHR
services. These services make it more difficult to effectively integrate PHR systems with hospital and
physician systems in the community.
Response: LouHIE will develop its technologies so that the health record bank can “link” to
external PHR services, allowing consumers to use an external PHR, while also allowing
LouHIE to share accurate information on a ubiquitous basis with area providers.
Community Trust Risk
Consumers expressed deep concerns about the risks to them and their families if their personal health
information is accessed and used by unauthorized parties. To succeed, LouHIE must have architecture
that all parties can trust as trustworthy to protect all parties from these kinds of liabilities and risks.
Response:
A. LouHIE Positioning as a neutral community-based nonprofit
By positioning itself as a nonprofit, neutral community-based organization, committed to
meeting the needs of all consumers and all organizations which serve them, including
employers, government, payors, hospitals, pharmacies, public health, physicians and others,
LouHIE seeks to earn the trust of all parties and to place the interests of the community above
any individual stakeholder.
B. The Health Record Banking Alliance Framework
In order to provide a trusted and trustworthy service for all parties, LouHIE developed its
operations in accordance with the privacy and security principles of the Health Record Banking
Alliance (HRBA). These have been carefully developed by a group of over 100 experts from
across the country, and are designed to comply with the most stringent consumer and
healthcare laws at federal and state levels, in order to assure the highest level of trust and
trustworthiness for health record banks.
In addition to this, the HRBA principles require use of a highly secure and robust physical and
logical security to protect the data from hacking or unauthorized access, a robust identity
management system to ensure people are who they say they are, and have proved it; and an
auditing trail that clearly identifies any party who accesses any part of consumer health record
bank account for any reason.
C. Risk Management Methodologies
However, even with clear policies and procedures, best-in-class technologies, and consumer
and physician review of information in the account, problems or misunderstandings may still
occur. A number of methods will be used to protect LouHIE and those it serves from risks of
these kinds. Some of the types of privacy/security risks which will be identified and managed
by the LouHIE Inc. management team, addressed in the legal framework and covered by
insurance policies include:
Disclaimers Liabilities
© 2009 Healthcare Information and Management Systems Society (HIMSS). 66
Privacy/ Confidentiality (HIPAA
and HRBA)
Personal information is collected, used, retained, and disclosed in
conformity with the LouHIE’s privacy notice
Security Entities that can verify and secure the site must be in place in order to
adhere to trust and privacy warranties.
Availability/Business interruption
or failure to perform
Availability of information is operational and maintained to limit
disruptions in service
Accessibility Access to information through different sources Internet, smartcard, etc.
Defamation, libel, slander LouHIE will monitor system and may need to take action to maintain
compliance with its defined policies.
Unauthorized access or use Measures in place to prevent or maintain breech of information
Damage to data or systems related
to hackers or viruses
Information is protected physically and logically
System Integrity System processing is complete, accurate, timely, and authorized.
Direct or indirect punitive
damages using information
LouHIE will monitor system and may need to take action to maintain
compliance with its defined policies.
Utilization of information Information should be utilized for information purposes only and should
not be deemed as medical advice or diagnosis.
Partners and access to other sites Information and products provided by partners is provided solely for
consumer convenience and does not reflect LouHIE
Political Risks
Political risks relate to changes in Federal, state and local political leadership, which could create
potential changes in policy or regulation. For example, certain types of state or Federal legislation
could create undue burdens on an organization like LouHIE, or, even, render a LouHIE obsolete.
RESPONSE: LouHIE will manage this risk by 1.) staying flexible as new political agendas
and directions are better understood; 2.) actively working with the Missouri e-Health Network
board and e-health leadership to build and maintain alignment with the state; 3.) working
closely with the Health Record Banking Alliance and other national organizations to monitor
and help shape legislation and approaches which favor the health record banking approach; 4.)
working with other communities and states across the country to build and maintain a national
presence in Washington; and 5.) putting a stake in the ground as soon as possible.
Economic Risks
There is increasing concern in the news about the ongoing recession in 2009-2010, which in turn
means that consumers, businesses and government entities have fewer funds available to contribute for
LouHIE thus harming the ability for LouHIE and its Core Services Vendors to operate a financially
viable business.
RESPONSE: LouHIE’s conservative plan option is designed to allow it to weather the storm,
if indeed purse-strings tighten so much that LouHIE cannot build and sustain operations at this
stage.
Implementation Risks
There is a risk that as an early adopter, LouHIE and/or its Core Services Vendor(s) will stumble in the
implementation process, delivering services that end up not satisfying consumers and/or organizations.
RESPONSE: LouHIE will seek a partnership with a Core Services Vendor that can mitigate
this risk. Criteria LouHIE will use in selecting a vendor will include thorough knowledge of
the industry, a track –record of excellence, ability to use proven technologies that work; careful
© 2009 Healthcare Information and Management Systems Society (HIMSS). 67
use of market research and pilot testing prior to roll-outs. In addition, LouHIE and its vendor
will work actively with other health record banking organizations around the country, to share
best-practices and technologies to mitigate these risks. Finally, LouHIE will start simple –
with medication data – and make that work, before trying to get overly complex.
Realized Benefits
Benefits to be gained by providers can include improved ability to care for patients, increased
efficiency in medication reconciliation, and streamlined ability to access current patient data profiles.
LouHIE has potential to provide immediate benefits from making medication data available across the
community. This can benefit hospitals and physicians by streamlining medication reconciliation, help
consumers receive safer, better care in emergencies and office visits and help employers and health
plans reduce avoidable expenses. Studies show that up to 1 percent of all hospitalizations could be
avoided by making more complete medication information available at the point of care.
A community based, interoperable health information infrastructure can help transform the current
situation.79 LouHIE has a unique opportunity to facilitate healthcare improvements by increasing the
quality of care, decreasing the cost of healthcare, and encouraging consumers to take an active role in
their health.
In principle, most healthcare professionals recognize the potential clinical and administrative benefits
which can occur through the implementation and use of electronic health record technologies.
However, they also recognize the challenges of exchanging electronic information across different
platforms. Therefore, it is understood that in order to ensure successful health information exchange,
the interests and benefits for all stakeholders need to be aligned around a common platform for
electronic health information storage and exchange. In September, worked with 26 different focus and
functional groups designed to identify the understanding, interest, benefits and barriers, e.g. perspectives,
for each stakeholder group related to electronic health information in LouHIE.
Every group identified medication data as the most valuable information to gather first. Consumers
saw value in having medication data in a health record bank, accessible by their physician, in the
emergency room, and when they travel. Caretakers of chronically ill children, elderly parents and
relatives saw high value in an online system for keeping track of multiple medications and dosages.
Physicians and hospitals saw high value in having a “medication reconciliation” capability, as part of a
patient clinical summary, to verify which medications a patient is on. Pharmacies would value ability
to reduce administrative costs of verifying medications. Employers and health plans saw benefit in
helping consumers and physicians make better choices about medications, such as encouraging use of
generics and in avoiding duplications and errors. Thus, the first benefit LouHIE will deliver is
medications and medication reconciliation, accessed by providers through the patient clinical
summary and by consumers through their health record bank account or a linked portal.
Hospitals and physicians estimate that medication reconciliation services could save them five to eight
minutes of time per patient. Studies have shown that up to 1 percent of hospitalizations could be
avoided if current, accurate medication information were available. Finally, more accurate medication
records linked to medication management systems and formularies have potential to reduce
prescription costs.
79Gold JD, Ball MJ. The health record banking imperative: a conceptual model, IBM Systems Journal. 2007;46 (1):43-55.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 68
After LouHIE develops the community-wide medication information service, it will focus on bringing
together other types of data for the community, including problem lists, allergies, labs and tests,
immunizations, and other clinical data which can be captured electronically. In addition, LouHIE will
support integration with existing electronic medical record systems, e-prescribing systems, and other
clinical support technologies. Over time, the result of these activities is anticipated to be a community-
wide service that delivers increasingly valuable benefits to all stakeholders: consumers, employers,
government, payors, health IT firms, healthcare educators, researchers, pharmaceuticals, hospitals and
institutions, pharmacies and retailers, public health, physicians and nurses.
To provide ability to measure these longer-range benefits, the following benefits model was developed
by . It reflects potentially achievable benefits identified by the consumers, the twelve stakeholder
groups, and the selected functional groups who provided input during the Greater LouHIE e-Health
Research 2007 project.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 69
Appendix F – Glossary
A
Accredited Standards Committee (ASC) X12
ASC develops electronic data interchange (EDI) standards and related documents for national and
global markets. Includes many XML standards and is used heavily between providers and payors.
American Medical Association (AMA)
A nonprofit professional association of physicians in the United States, including all medical
specialties. Its purpose is to assist its members in providing the highest professional and ethical
medical care to the citizens of the United States and to serve as an advocate for the advancement of the
profession.
American National Standards Institute (ANSI)
Founded in 1918, ANSI is an independent organization of trade associations, technical societies,
professional groups, and consumer organizations. ANSI’s primary goal is to maintain the
enhancement of global competitiveness of U.S. business and the American quality of life by promoting
and facilitating voluntary consensus standards and conformity assessment systems and promoting their
integrity. It is formerly known as the United States of America Standards Institute (USASI or ASI),
and previously as the American Standards Association (ASA). ANSI is the U.S. member body to ISO
and IEC.
American Recovery and Reinvestment Act (ARRA)
Signed in February 2009, it is bill to create jobs, restore economic growth, and strengthen America’s
middle class through measures that modernize the nation’s infrastructure, enhance America’s energy
independence, expand educational opportunities, preserve and improve affordable healthcare, provide
tax relief, and protect those in greatest need, and for other purposes. ARRA includes the HITECH Act
which includes over $20 billion to aid in the development of a robust IT infrastructure for healthcare
and to assist providers and other entities in adopting and using health IT. HIMSS also offers a
summary of ARRA, from a health IT perspective.
ASTM International
Originally known as the American Society for Testing and Materials (ASTM) and formed in 1898,
ASTM International is one of the largest voluntary standards development organizations in the world-a
trusted source for technical standards for materials, products, systems, and services.
C
Centralized HIE
An approach to data sharing and the interchange of electronic information emphasizing full control
over data sharing through a centralized repository. Components in a centralized architecture refer to the
Central Data Repository (CDR) and the requestor. The CDR authenticates the requester through a
technological means, authorizes the transaction, and records it for audit and reporting purposes.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 70
http://www.x12.org/
http://www.ama-assn.org/
http://www.ansi.org/
http://www.opencongress.org/bill/111-s1/show
http://www.himss.org/content/files/HIMSSSummaryOfARRA
http://www.himss.org/content/files/HIMSSSummaryOfARRA
http://www.astm.org/
Certification Commission for Health Information Technology (CCHIT)
The Certification Commission is a private nonprofit organization with the sole public mission of
accelerating the adoption of robust, interoperable health information technology by creating a credible,
efficient certification process.
Chronic Care Model
A model for the care of patients with chronic disease first proposed by EH Wagner in 1998. The
hypothesis of the model is that chronic disease requires an ongoing team approach to provision of care
that involves specially designed delivery systems, supporting clinical information systems, a decision
support system based on clinical and functional data about each patient, and an agreement with the
patient to undertake certain self-management of his/her condition.
Chronic Disease
A disease that is long-lasting or recurrent. The term chronic describes the course of the disease, or its
rate of onset and development. A chronic course is distinguished from a recurrent course; recurrent
diseases relapse repeatedly, with periods of remission in between.
Clinical Data Repository (CDR)
A real-time database that consolidates data from a variety of clinical sources to present a unified view
of a single patient. It is optimized to allow clinicians to retrieve data for a single patient rather than to
identify a population of patients with common characteristics or to facilitate the management of a
specific clinical department. Typical data types which are often found within a CDR include: clinical
laboratory test results, patient demographics, pharmacy information, radiology reports and images,
pathology reports, hospital admission, discharge and transfer dates, ICD-9/ICD-10 codes, discharge
summaries, and progress notes.
Clinical Document Architecture (CDA)
CDA is a document markup standard that specifies the structure and semantics of a clinical document
(such as a discharge summary or progress note) for the purpose of exchange. A CDA document is a
defined and complete information object that can include text, images, sounds, and other multimedia
content. It can be transferred within a message and can exist independently, outside the transferring
message.
Clinical Messaging Systems
Any electronic system that allows the transfer of clinical data such as laboratory tests, radiology
results, transcriptions, prescriptions, and clinical orders quickly from provider to provider.
Computerized Provider Order Entry (CPOE)
A computer application that allows a physician’s orders for diagnostic and treatment services (such as
medications, laboratory, and other tests) to be entered electronically instead of being recorded on order
sheets or prescription pads. The computer compares the order against standards for dosing, checks for
allergies or interactions with other medications, and warns the physician about potential problems.
Connecting for Health
A public-private collaborative with representatives from more than 100 organizations across the
spectrum of healthcare stakeholders. Its purpose is to catalyze the widespread changes necessary to
realize the full benefits of health information technology, while protecting patient privacy and the
security of personal health information.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 71
http://www.cchit.org/
http://www.improvingchroniccare.org/index.php?p=The_Chronic_Care_Model&s=2
http://www.openclinical.org/std_cda.html
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1256&parentname=CommunityPage&parentid=2&mode=2&in_hi_userid=10741&cached=true
http://www.connectingforhealth.org/
Continuity of Care Document (CCD)
An XML-based markup standard intended to specify the encoding, structure and semantics of a patient
summary clinical document for exchange. In February of 2007, HL7 and ASTM announced that CCR
and CDA were integrated to create the CCD. Subsequently, the U.S. Healthcare Information
Technology Standards Panel endorsed the CCD as one of its standards.
Continuity of Care Record (CCR)
A patient health summary standard expressed in XML. It is a way to create flexible documents that
contain the most relevant and timely core clinical information about a patient, and to send these
electronically from one care giver to another or to provide them directly to patients.
Current Procedural Terminology (CPT)
A code set maintained by the American Medical Association through the CPT Editorial Panel. The
CPT code set accurately describes medical, surgical, and diagnostic services and is designed to
communicate uniform information about medical services and procedures among physicians, coders,
patients, accreditation organizations, and payors for administrative, financial, and analytical purposes.
D
Data Repository
An independent platform that stores sanitized data retrieved from legacy, transaction-oriented systems
for display and use in formats conducive to a specific purpose (research, outcomes analysis, etc.).
Department of Health & Human Services
The United States government’s principal agency for protecting the health of all Americans and
providing essential human services, especially for those who are least able to help themselves. ONC
falls under HHS.
Digital Imaging and Communication in Medicine (DICOM)
A standard for handling, storing, printing, and transmitting information in medical imaging. It includes
a file format definition and a network communications protocol. The National Electrical
Manufacturers Association (NEMA) holds the copyright to this standard. It was developed by the
DICOM Standards Committee, whose members are also partly members of NEMA.
E
Electronic Health Record (EHR)
An electronic record of health-related information on an individual that conforms to nationally
recognized interoperability standards and that can be created, managed, and consulted by authorized
clinicians and staff across more than one healthcare organization.
Electronic Health Record System (EHR-S)
An electronic system that holds health-related information on an individual that conforms to nationally
recognized interoperability standards and that can be created, managed, and consulted by authorized
clinicians and staff across more than one healthcare organization.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 72
http://www.hl7.org/documentcenter/public/pressreleases/20070212
http://www.centerforhit.org/online/etc/medialib/chit/documents/proj-ctr/astmccr.Par.0001.File.tmp/chit_ccrnyc
http://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/cpt.shtml
http://www.hhs.gov/
http://medical.nema.org/
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide4.html
http://en.wikipedia.org/wiki/Electronic_health_record
EHR-Lab Interoperability and Connectivity Specification (ELINCS)
Initiated in February 2005, ELINCS was developed by the Oakland, Calif.-based California
HealthCare Foundation, in collaboration with national healthcare information technology
organizations, to facilitate lab results delivery directly from vendors to ambulatory EHRs.
Electronic Medical Record (EMR)
An electronic record of health-related information on an individual that can be created, gathered,
managed, and consulted by authorized clinicians and staff within one healthcare organization.
Enterprise Master Patient Index (EMPI)
A database that contains a unique identifier for every patient in the enterprise. EMPI organizes patient
IDs from external systems, allowing cross-referencing of patient records and access to them using their
medical record numbers from external or legacy systems. Also known as MPI.
Extensible Markup Language (XML)
Introduced in 1998, XML is an open standard data exchange language for describing and defining data
elements on a Web page, business-to-business, clinical (etc.), documents.
F
Federated HIE
A decentralized approach to the coordinated sharing and interchanging of electronic information
emphasizing partial, controlled sharing among autonomous databases.
H
Health Information Exchange (HIE)
The electronic movement of health-related information among organizations according to nationally
recognized standards.
Health Information Organization (HIO)
An organization that oversees and governs the exchange of health-related information among
organizations according to nationally recognized standards.
Health Information Technology Standards Panel (HITSP)
Created by ANSI in 2005 as part of efforts by the Office of the National Coordinator for Health
Information Technology, HITSP is a cooperative partnership between the public and private sectors.
The Panel was formed for the purpose of harmonizing and integrating standards that will meet clinical
and business needs for sharing information among organizations and systems.
Health Insurance Portability and Accountability Act (HIPAA)
Also known as the “Kennedy-Kassebaum Act (1996),” this U.S. law protects employees’ health
insurance coverage when they change or lose their jobs (Title I) and provides standards for patient
health, administrative and financial data interchange (Title II). The latter also governs the privacy and
security of health information records and transactions. HIPAA, developed by the Department of
Health and Human Services, took effect in 2001 with compliance required in phases up to 2004.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 73
http://www.himss.org/Content/files/digital_office_enews/digitaloffice_200606.html
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide4.html
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide6.html
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide6.html
http://www.hitsp.org/
http://www.hhs.gov/ocr/privacy/index.html
Health Level Seven (HL7)
An ANSI-accredited, all-volunteer, not-for-profit organization involved in development of
international healthcare standards. HL7, a Standards Developing Organization, and its members
provide a framework for the exchange, integration, sharing and retrieval of electronic health
information. The standards, which support clinical practice and the management, delivery, and
evaluation of health services, are the most commonly used in the world. Within the standard, the “7”
comes from application layer 7 in the OSI model, which is the highest level where programs talk to
each other.
HL7 Development Framework (HDF)
The Development Framework Methodology Specification is a product of the HL7 Development
Framework (HDF) project. The purpose of an HDF Project is to analyze, design, and document the
processes, policies, and artifacts associated with development of HL7 standards. HDF is a replacement
for and an extension to the HL7 Message Development Framework (MDF). The HDF differs from the
MDF in terms of the following; scope of coverage, use of UML Notation, and Life cycle Management.
HL7 Reference Information Model (RIM)
The Reference Information Model (RIM) is the cornerstone of the HL7 Version 3 development process
and an essential part of the HL7 V3 development methodology. RIM expresses the data content needed
in a specific clinical or administrative context and provides an explicit representation of the semantic
and lexical connections that exist between the information carried in the fields of HL7 messages. The
RIM is essential to increasing precision and reducing implementation costs.
HL7 v2.x
The most widely implemented standard for healthcare information in the world, v2 defines a series of
electronic messages to support administrative, logistical, financial as well as clinical processes. V2
standards that date back to 1987.
HL7 v3.0
V3 uses an object-oriented development methodology and a Reference Information Model (RIM) to
create messages. The messages are also based on an XML encoding syntax. Development of version 3
started around 1995, resulting in an initial standard publication in 2005.
Health Record Bank
Health record banks centrally store copies of consumer’s health records, which providers “deposit”
into the accounts. Consumers control which providers can contribute information and which providers
and individuals can view their records.
Healthcare Common Procedure Coding System (HCPCS)
Commonly pronounced Hicks-Picks and based on the American Medical Association’s CPT codes,
HCPCS provide a standardized coding system for describing the specific items and services provided
in the delivery of healthcare. Used for reporting to Medicare and Medicaid.
Health Information Technology for Economic and Clinical Health Act (HITECH)
The HITECH Act was incorporated into the American Recovery and Reinvestment Act of 2009
budgeting roughly $19 billion. It includes three sets of provisions to promote HIT adoption;
The HITECH Act includes three sets of provisions to promote HIT adoption. First, it would codify the
Office of the National Coordinator for Health Information Technology (ONCHIT) within the
© 2009 Healthcare Information and Management Systems Society (HIMSS). 74
http://www.hl7.org/
http://www.hl7.org/
http://www.hl7.org/
http://www.hl7.org/
http://www.hl7.org/
http://journal.ahima.org/2009/03/30/first-health-record-bank-pilot-launches/#more-272
http://www.cms.hhs.gov/MedHCPCSGeninfo/
http://www.himss.org/content/output/666386BF38BB424AAE093FFCAFE7AA18
Department of Health and Human Services (HHS). Second, the HITECH Act would through a number
of mechanisms provide financial incentives for HIT use among healthcare practitioners.
Finally, the HITECH Act includes a series of privacy and security provisions that would amend and
expand the current HIPAA requirements.
Hybrid HIE
A combination of the Federated and Centralized HIE models. For example, pharmacy transactions
may occur using the federated model while lab data is shared through the centralized model.
I
Integrating the Healthcare Enterprise (IHE)
HE is an initiative by healthcare professionals and industry to improve the way computer systems in
healthcare share information. IHE promotes the coordinated use of established standards such as
DICOM and HL7 to address specific clinical need in support of optimal patient care. Systems
developed in accordance with IHE communicate with one another better, are easier to implement, and
enable care providers to use information more effectively.
IHE Integration Profiles
IHE Integration Profiles organize and leverage the integration capabilities that can be achieved by
coordinated implementation of communication standards. They do not replace conformance to
standards, rather provide a more precise definition of how standards are implemented. They define a
specific implementation of standards that are designed to meet identified clinical needs.
Infection Control Monitoring
The act of using the policies and procedures published to minimize the risk of spreading infections,
especially in hospitals and healthcare facilities.
Insurance Eligibility Checking
The act of verifying if a patient has medical insurance. Older eligibility verification practices relied on
making phone calls to payors or accessing multiple payor-specific Web sites, but many new hospital
information systems have such technology built in.
Integrated Justice Information Systems (IJIS)
Any computer network, system, or architecture that allows justice practitioners and agencies to
electronically access and share information between systems and/or across jurisdictional lines. It also
includes sharing information with traditionally non-justice agencies such as other governmental
agencies, health and human services organizations, treatment service providers, schools and
educational institutions, licensing authorities, and with the public.
Interface
A boundary across which two independent systems meet and act on or communicate with each other.
Interface Engine
Software that enables many dislike systems to pass information back and forth using a set of defined
standards. Interface engines typically perform functions such as; store and forward of messages,
message translation, message routing, management tools, and alerts and monitoring.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 75
http://www.ncsl.org/programs/lis/intjust/report01.htm
International Classification of Diseases (ICD)
Published by the World Health Organization, these diagnostic codes are designed for the classification
of morbidity and mortality information for statistical purposes, for the indexing of hospital records by
disease and operations, and for data storage and retrieval.
Interoperability
The ability of health information systems to work together within and across organizational boundaries
in order to advance the effective delivery of healthcare for individuals and communities.
L
Lightweight Directory Access Protocol (LDAP)
Application protocol for querying and modifying directory services running over TCP/IP.
Logical Observation Identifiers Names and Codes (LOINC)
A database and universal standard for identifying laboratory observations. It was developed and is
maintained by the Regenstrief Institute, Inc., an internationally-recognized non-profit medical research
organization, in 1994. LOINC was created in response to the demand for an electronic database for
clinical care and management and is publicly available at no cost.
M
Master Patient Index (MPI)
See EMPI
Middleware
Software that serves as an intermediary between systems software and an application, allowing them to
exchange data.
N
National Council for Prescription Drug Programs (NCPDP)
Founded in 1977, a not-for-profit, ANSI-accredited, Standards Development Organization with over
1500 members representing virtually every sector of the pharmacy services industry, the NCPDP
creates and promotes the transfer of data related to medications, supplies, and services within the
healthcare system through the development of standards and industry guidance.
National e-Health Collaborative (NeHC)
The National eHealth Collaborative (formerly AHIC Successor, Inc.) is a public-private partnership
driving the development of a secure, interoperable, nationwide health information system. The
National eHealth Collaborative was founded in 2008 to build on the accomplishments of the American
Health Information Community (AHIC), a federal advisory committee initiated by Secretary of Health
and Human Services Mike Leavitt in 2005.
Nationwide Health Information Network (NHIN)
A network of networks, it is a set of harmonized standards-based specifications for the exchange of
health information sharing between Nationwide Health Information Exchanges (NHIEs).
© 2009 Healthcare Information and Management Systems Society (HIMSS). 76
http://www.who.int/classifications/icd/en/
http://www.who.int/classifications/icd/en/
http://www.webopedia.com/TERM/L/LDAP.html
http://loinc.org/
http://www.webopedia.com/TERM/m/middleware.html
http://www.ncpdp.org/
http://www.hhs.gov/healthit/healthnetwork/background/
National Provider Identifier (NPI)
The National Provider Identifier (NPI) is a Health Insurance Portability and Accountability Act
(HIPAA) Administrative Simplification Standard. The NPI is a unique identification number for
covered healthcare providers. Covered healthcare providers and all health plans and healthcare
clearinghouses will use the NPIs in the administrative and financial transactions adopted under
HIPAA. The NPI is a 10-position, intelligence-free numeric identifier (10-digit number).
O
Office of the National Coordinator for Health Information Technology (ONC)
The Office of the National Coordinator for Health Information Technology (ONC) provides counsel to
the Secretary of HHS and Departmental leadership for the development and nationwide
implementation of an interoperable health information technology infrastructure. The ONC also
provides management of and logistical support for the American Health Information Community
(AHIC).
Open source systems
Term coined in March 1998 following the Web browser Mozilla release to describe software
distributed in source under licenses guaranteeing anybody rights to freely use, modify, and redistribute,
the code. The intent was to be able to sell the hackers’ ways of doing software to industry and the
mainstream by avoiding the negative connotations.
P
Patient matching software
Type of middleware that matches patients across independent systems. See EMPI.
Patient Privacy Rights Foundation
Patient Privacy Rights is a 501(c) (3) non-profit organization located in Austin, TX. Founded in 2004
by Dr. Deborah Peel, Patient Privacy Rights is dedicated to ensuring Americans control all access to
their health records.
Personal Health Record (PHR)
An electronic record of health-related information on an individual that conforms to nationally
recognized interoperability standards and that can be drawn from multiple sources while being
managed, shared, and controlled by the individual.
Personal Health Record System (PHR-S)
An electronic system that stores health-related information on an individual that conforms to nationally
recognized interoperability standards and that can be drawn from multiple sources while being
managed, shared, and controlled by the individual.
Physician Web Portals
Middleware that allows a physician working from any location to log into their affiliated EMR.
Provider matching software
Type of middleware that matches providers across independent systems.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 77
http://www.cms.hhs.gov/NationalProvIdentstand/
http://www.hhs.gov/healthit/onc/mission/
http://www.patientprivacyrights.org/site/PageServer
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide4.html
Protected Health Information (PHI)
PHI is any information held by a covered entity which concerns health status, provision of healthcare,
or payment for healthcare that can be linked to an individual. This is interpreted to include an
individual’s medical record and payment history.
R
Record Locator Service (RLS)
A file of the locations of patient records, able to be queried only by authorized participants. In an HIE,
it is a type of middleware that determines what records exist for a member and where they are located.
A RLS will manage participating provider identities, maintain and publish a patient index, match
patients using an algorithm, look up patient record locations (but not the records themselves),
communicate securely and maintain an audit log, and manage patient consent to record sharing (under
state laws and the new American Recovery and Reinvestment Act).
Regional Health Information Exchange (RHIO)
A health information organization that brings together healthcare stakeholders within a defined
geographic area and governs health information exchange among them for the purpose of improving
health and care in that community. A RHIO is a type of HIO.
S
Secure Messaging
Server based approach to protect sensitive data when sent beyond the corporate borders and provides
compliance with industry regulations such as HIPAA, GLBA and SOX.
Secure Sockets Layer (recently, Transport Layer Security) (SSL or TLS)
A protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a
cryptographic system that uses two keys to encrypt data − a public key known to everyone and a
private or secret key known only to the recipient of the message.
Service-oriented Architecture (SOA)
SOA provides methods for systems development and integration where systems package functionality
as interoperable services. A SOA infrastructure allows different applications to exchange data with one
another. Service-orientation aims at a loose coupling of services with operating systems, programming
languages and other technologies that underlie applications. SOA separates functions into distinct
units, or services, which developers make accessible over a network in order that users can combine
and reuse them in the production of applications.
Simple Object Access Protocol (SOAP)
A lightweight XML-based messaging protocol used to encode the information in Web service request
and response messages before sending them over a network. SOAP messages are independent of any
operating system or protocol and may be transported using a variety of Internet protocols, including
SMTP, MIME, and HTTP.
Standardized nomenclature for clinical drugs (RxNorm)
RxNorm provides normalized names for clinical drugs and links its names to many of the drug
vocabularies commonly used in pharmacy management and drug interaction software, including those
of First Databank, Micromedex, MediSpan, Gold Standard Alchemy, and Multum. By providing links
© 2009 Healthcare Information and Management Systems Society (HIMSS). 78
http://www.connectingforhealth.org/resources/collaborative_response/appendices/glossary.php
http://www.hhs.gov/healthit/documents/m20080603/10.1_bell_files/textonly/slide6.html
http://www.webopedia.com/TERM/S/SSL.html
http://en.wikipedia.org/wiki/Service-oriented_architecture
http://www.webopedia.com/TERM/S/SOAP.html
http://www.nlm.nih.gov/research/umls/rxnorm/
between these vocabularies, RxNorm can mediate messages between systems not using the same
software and vocabulary.
Standards Development Organizations (SDO)
Any entity whose primary activities are developing, coordinating, promulgating, revising, amending,
reissuing, interpreting, or otherwise maintaining standards that address the interests of a wide base of
users outside the standards development organization.
State-Led HIE
An HIE model where the state defines the entire HIE including infrastructure, vision, oversight, and its
use.
Systematized Nomenclature of Medicine – Clinical Terms (SNOMED-CT)
A systematically organized computer processable collection of medical terminology covering most
areas of clinical information such as diseases, findings, procedures, microorganisms, pharmaceuticals
etc. It allows a consistent way to index, store, retrieve, and aggregate clinical data across specialties
and sites of care. It also helps organizing the content of medical records, reducing the variability in the
way data is captured, encoded and used for clinical care of patients and research.
T
Triple Data Encryption Standard (3DES)
This is three-time successive application of DES designed to overcome the limitation of a 56-bit key
without changing the encryption algorithm.
U
Uniform Resource Locator (URL)
Uniform resource locator or universal resource locator; an addressing scheme used by World Wide
Web browsers to locate resources on the Internet.
© 2009 Healthcare Information and Management Systems Society (HIMSS). 79
http://en.wikipedia.org/wiki/Standards_organization
http://www.slhie.org/
http://en.wikipedia.org/wiki/SNOMED_CT
http://www.answers.com/Triple%20Data%20Encryption%20Standard
http://www.answers.com/url
Acknowledgments
Special acknowledgment and appreciation is extended to Barbara Cox, Chair of the HIMSS HIE Guide
Work Group, for her time and leadership with the development of this white paper.
Members of the HIMSS 2008 – 2009 HIE Guide Work Group, who spearheaded the development of
this white paper, include:
Noam Arzt, PhD, FHIMSS
President
HLN Consulting LLC
Caron Brennan, RN, BSN, MBA
Senior Associate
Gap Consulting Inc.
Barbara Cox (Chair)
President & CEO
Gap Consulting Inc.
Lyman Dennis, MBA, PhD, CPHIMS, FHIMSS
Principal
El Dorado Health Consulting
Karen Fairchild
CTO & President/CEO
Gap Consulting Inc.
Fairchild Consulting Inc.
Kari Harno, MD, PhD
Chief Physician
Helsinki University
Lori Harrington
Information Services
Wake Med Health & Hospitals
Steve Huffman
Vice President & CIO
Memorial Health System
John Kansky, MSE, MBA, FHIMSS, CPHIMS
Vice President, Business Development
Indiana Health Information Exchange
Laura Kolkman
President
Mosaica Partners, LLC
Richard D. Lang, Ed.D., PMP, FHIMSS
CIO
Doylestown Hospital
Kevin Lemire, CPHIMS
Senior Consultant
Ingenix Consulting
Barry Pope
Applications Manager, HIM
Tampa General Hospital
Dave Rackliffe
Assistant VP, Information Services
Bristol Hospital
Telly Shackelford
CEO
Sandlot, LLC
Daryl Stanbery
Healthcare Consultant
Hitachi Data Systems
Martin Tetloff
Testing Manager
MultiCare Connect Part II, MultiCare Health Sys
Christina Beach Thielst, FACHE
Healthcare Administrator
Janie Tremlett
Sr. VP & Chief Marketing Officer
Concordant, Inc.
Pam Matthews, CPHIMS, FHIMSS
Senior Director, Healthcare Information Systems
HIMSS – Staff Support
© 2009 Healthcare Information and Management Systems Society (HIMSS). 80
mailto:arzt@hln.com
mailto:cbrennan@gapconsultinginc.com
mailto:bcox@gapconsultinginc.com
mailto:Ldennis@eldoradohc.com
mailto:kfairchild@gapconsultinginc.com
mailto:karen@fairchildconsultinginc.com
mailto:kari.harno@hus.fi
mailto:lharrington@wakemed.org
mailto:shuffman@memorialsb.org
mailto:jkansky@ihie.com
mailto:LKolkman@MosaicaPartners.com
mailto:RLang@dh.org
mailto:kevin.lemire@ingenixconsulting.com
mailto:bpope@tgh.org
mailto:dracklif@bristolhospital.org
mailto:tshackelford@sandlotmd.com
mailto:daryl.stanbery@hds.com
mailto:Martin.Tetloff@multicare.org
mailto:cthielst@cox.net
mailto:jtremlett@concordant.com
mailto:pmatthews@himss.org
© 2009 Healthcare Information and Management Systems Society (HIMSS). 81
Holly Gaebel
Coordinator, Healthcare Information Systems
HIMSS – Staff Support
The inclusion of an organization name, product or service in this publication should not be construed
as a HIMSS endorsement of such organization, product or service, nor is the failure to include an
organization name, product or service to be construed as disapproval. The views expressed in this
white paper are those of the authors and do not necessarily reflect the views of HIMSS.
mailto:hgaebel@himss.org
- Section 1 – Introduction
Target Audience(s)
How to Use This Guide
Section 2 – Defining the HIE
What is an HIE?
The National Perspective
HIE Commonly Offered Services
HIE Content Examples
Section 3 – Different Health Information Exchange (HIE) Models
The Centralized Model
The Decentralized or Federated Model
The Hybrid Model
The Health Record Banking Model
International Models
State-Led vs. Community-Based Models
Industry Drivers
The Business Models
Section 4 – Common Technology Approaches and Data Standards
Technology Building Blocks
Network Infrastructure
HIE Applications
Middleware
Integration Engine
Patient Matching Algorithms and Enterprise Master Patient/Person Index (EMPI)
Proprietary Products
Open Source Products
Record Locator Service
Provider Matching
Applicable Standards
About Standards
Core Standards
Standards for Transactions
Semantic Standards
Process Standards
Section 5 – Evaluating a Potential HIE Opportunity
Understanding the Goals and Philosophy of the HIE
Understanding to What Your Organization will need to Commit by Participating in an HIE
Understanding the Prevalence of Nationally-Accepted Standards
Understanding the Value for Users of the HIE Information and Data
Understanding the Economics and Financial Sustainability of the HIE
Understanding Risks
Understanding Applicable Regulations
Understanding Leadership and Governance
Understanding the HIE’s Maturity
Section 6 – Conclusion – Making Your Decision
Appendix A – HIE Evaluation Checklist
Appendix B – Understanding Applicable Regulations
HIPAA
Privacy Rule
Security Rule
American Recovery and Reinvestment Act
Business Associates
Marketing/Sale of PHI
Electronic Health Records
Disclosures
Breach Notification
Education Programs
Enforcement/Penalties
State Laws
Appendix C – SandlotConnect® Case Study
Background
Regional Business Environment & Demographics
Factors Aligning and Driving Local Stakeholders
Operations
Vision, Mission and Guiding Principles
Governance and Management Structure
Service Offerings
Technical Architecture
Unique Operational Considerations
Sustainability
Business Model Summary
Realized Benefits
Appendix D – Indiana HIE Case Study
Background
Regional Business Environment and Demographics
Factors Aligning and Driving Local Stakeholders
Operations
Vision, Mission and Guiding Principles
Governance and Management Structure
Service Offerings
Technical Architecture
Sustainability
Business Model Summary
Realized Benefits
Appendix E – Louisville Health Information Exchange, Inc. (LouHIE) Case Study
Background
Regional Business Environment & Demographics
Factors Aligning & Driving Local Stakeholders
Operations
Vision, Mission, and Guiding Principles
Governance and Management Structure
Service Offerings
Technical Architecture
Sustainability
Business Model Summary
Marketing Plan
Risk Management
Fragmentation Risk
Community Trust Risk
Political Risks
Economic Risks
Implementation Risks
Realized Benefits
Appendix F – Glossary
Acknowledgments
Huamin Research Center, School of Social Work, Rutgers University
China Philanthropy Research Institute, Beijing Normal University
Huamin Philanthropy Brochure Series –
2
September 20
12
SWOT Analysis
Raising Capacity of
Your Organization
Ronald Quincy, Shuang Lu,
and Chien-Chung Huang
WHAT is SWOT ?
SWOT is a strategic planning method used to evaluate the Strengths, Weak-
nesses, Opportunities, and Threats involved in a project, organization, or in a
business venture.
Strengths are aspects or characteristics of the business, or project teams that
give it an advantage over others;
Weaknesses are aspects or characteristics that place the organization at a
disadvantage relative to others;
Opportunities are internal and external prospects that can improve organi-
zation’s performance within the context;
Threats are internal and external influencing factors in the environment that
could cause trouble for the function or project.
SWOT focuses on internal and external factors.
– Internal factors may include: Personnel, finance, fundraising capa-
bilities, and board performance, etc.
– External factors may include: Economic climate, technological
changes, legislation, social culture changes, competitors, etc.
SWOT can be used in business corporations, governmental departments, and
nonprofit organizations.
SWOT can be performed for business planning, strategic planning, competi-
tor evaluation, marketing development, and research reports.
2
WHY Conduct SWOT ?
SWOT analysis…
Helps you focus on your strengths, minimize weaknesses and threats, take the
greatest possible advantage of opportunities, and become outstanding in competi-
tions.
Helps you determine whether the objective is attainable; therefore, set achievable
goals and objectives for the organization, as well as subsequent steps.
Helps you dedicate to your mission, fulfill the vision, adjust to social context,
achieve strategic goals, develop effective action plans, and conduct objective eval-
uations.
Helps you gather meaningful information from your strengths, weaknesses, op-
portunities, and threats), in order to maximize the benefits of your evaluation and
advantage.
Understand Your Organization
Take the Greatest Opportunities Available to You
3
WHEN to Conduct a
SWOT Analysis?
Typical Program Stages for Nonprofits
Stage One: Vision – Imagine and Inspire
Stage Two: Emergence – Found and Frame
Stage Three: Growth and Maturity – Grounding and Growth
Stage Four: Maturity and Sustainability – Produce and Sustain
Stage Five: Renewal – Review and Renew
A SWOT Analysis can be conducted in Any Stage!
During the life cycle, a SWOT Analysis can be used to:
* Fulfill an organization’s mission and vision
* Facilitate an organization’s emergence and growth
* Improve sustainability
* Promote innovation and renewal
In every stage, a SWOT helps us answer different questions:
* Stage One: Can this dream be realized?
* Stage Two: How are we going to pull this off?
* Stage Three: How can we build this to be viable?
* Stage Four: How can we sustain the momentum?
* Stage Five: What do we need to redesign?
4
Conduct a SWOT Analysis
Specific Areas of Analysis
What advantages does your organization have?
What do you do better than others?
What unique or lowest-cost resources can you
draw upon that others cannot?
What is your organization’s unique selling
proposition?
What do people in your market see as your
strengths?
What factors mean that you “get the sale”?
What could you improve?
What should you avoid?
What factors limit your growth?
What are people in your market likely to see
as your weaknesses (challenges)?
What factors may cause you to lose your
sale?
What good opportunities can you spot?
What interesting trends are you aware of?
Who can be your partner?
Who can be your potential donor?
How to keep and develop your key stakehold-
ers’ interests?
What obstacles are you facing?
Are quality standards or specifications for
your job, products or services changing?
Is changing technology challenging your po-
sition?
Are changing policies or social context chal-
lenging your service area?
Do you have bad debt or cash-flow prob-
lems?
Could any of your weaknesses (challenges)
seriously affect your business?
What are your competitors doing?
What are Your Strengths? What are your Weakness
es?
What are your Opportunities? What are Your Threats?
5
Sample Analysis
“X Organization”
As a nationally famous nonprofit organization, “X Organization” works to provide books for
poor children in the US and developing countries. “X Organization” has been existing for more than
50 years at a town in western America. It collects new books provided by book suppliers, and
secondhand books donated by public, and delivers books to poor children in the US and oversea. “X
Organization” accepts national and international applications for these books through its website
and mailing. The applicants may include schools, education agencies, families, or individuals. Its
programs are funded by government grants, public and private donations. “X” operates primarily
through volunteer efforts. It has a 14-member board of trustees, an 8-member advisory board, and 4
fulltime, paid staff, who are mostly female Caucasians.
1. Programs and Services 2. Staffing and Man
agement
Strengths:
Volunteering Pro-
grams
Reputation through-
out the United States
Donations Made Na-
tionally and Interna-
tionally
Advanced Online
Application System
Weaknesses:
Limited Funding
Long Waiting List
Increasing Costs
for
Book Suppliers
Some Programs
are Not Well-
known
Opportunities:
Professional Grant-
Writer
Student Volun
teers
International Book
Donations
Partnering with New
Book Suppliers
Threats:
Loss of Funding
Support
Increase of Appli-
cations
Competitor Organ-
izations
Strengths:
Management Skills
Friendly Working
Atmosphere
Efficient Staff
Committed Volun-
teers
Weaknesses:
Insufficient Staff
with Too Much
Work
Staff Overworked
Opportunities:
Recruit New Vol-
unteers
Establish an Intern-
ship Program
Develop a Staff
Succession Plan
Threats:
Staff Burnout
Loss of Staff and
Volunteers
6
Strengths:
Supportive and Re-
sponsive
Board
Members
Diverse Board
Members regarding
to Age, Sex, Social
Background, etc.
Weaknesses:
Limited Involve-
ment of Advisory
Board Members
Board Members
Only from Local
Area
Insufficient Fund-
raising Activi
ties
Opportunities:
Recruit New Board
Members
Develop an Effec-
tive Advisory
Board
Promote Better Un-
derstanding of
Board’s Fundrais-
ing Responsibilities
Threats:
Commitment of
Becoming a Board
Member
Turnover of Key
Members
3. Board Governance
Strengths:
Well Developed
Website
IT Support
Control of Online
Book Applicant
and Supplier Data-
base
Weaknesses:
Outdated Computer
and Phone Sys
tems
Server Back-Up
Issues
Opportunities:
Upgrade Hardware
and Telephone Sys-
tems
Recruit Profession-
al Website Main-
tainers
Threats:
High Expenditures
Hacking Possibili-
ties
Server Crashing
4. Technology and
Equipment
Sample Analysis
“X Organization”
7
Identify Every Element of
Your Organization
Tick in cells:
Will you consider your program, activities and services as strengths/ weaknesses/
opportunities/ threats?
Do you see your programs, activities and services as both strengths and weakness-
es?
Are there any opportunities as well as threats in your programs, activities and ser-
vices?
Do you have any competitors (external threats) regarding to your programs, activ-
ities, and services?
8
Strengths Weaknesses Opportunities
Internal
Threats
External
Threats
Programs, Activi-
ties and Services
Education, Train-
ing and Work-
shops
General Operation
and Staffing
Technology and
Equipment
Office Location,
Facilities and Ven-
ue
Marketing and
Public Relations
Executive Man-
agement
Leadership and
Governance
Customer Base
9
Conduct Your Own
SWOT Analysis
Analyze Your Organization in Different Aspects
Strengths:
Weaknesses
(Challenges):
Opportunities:
Threats
(Barriers):
1. Programs and Services
Strengths:
Weaknesses
(Challenges):
Opportunities:
Threats
(Barriers):
2. Staffing and Management
10
*Besides the aspects mentioned above, what other areas can
you think of in terms of your own organization?
3. Board Governance 4. Technology and Equipment
Strengths:
Weaknesses
(Challenges):
Opportunities:
Threats
(Barriers):
Strengths:
Weaknesses
(Challenges):
Opportunities:
Threats
(Barriers):
Analyze Your Organization in Different Aspects
11
Final Thoughts
1. How can the organization maximize and take advantage of
its strengths?
2. How can the organization minimize or overcome weakness-
es?
3. How can the organization maximize or take advantage of
opportunities?
4. How can the organization minimize or overcome threats?
12
Key References
Aaker, D. A. (1995). Strategic market management (4th ed.). New York: Wiley.
Armstrong, M. (2006). A handbook of human resource management practice (10th ed.).
London: Kogan Page.
Chandler, A. D. (1962). Strategy and structure: chapters in the history of the industrial
enterprise. Cambridge: M.I.T. Press.
Child, J., & Kieser, A. (1981). The development of organizations over time. The handbook of
organizational design, 1, 28-64
Donald, L., John, P., & Shawn, C. (2003). ORGANIZATIONAL LIFE CYCLE: A FIVE-
STAGE EMPIRICAL SCALE. International Journal of Organizational Analysis, 11
(4), 339-354.
Hill, T. & R. Westbrook (1997). “SWOT Analysis: It’s Time for a Product Recall”. Long
Range Planning 30 (1): 46–52.
Humphrey, Albert (2005). SWOT Analysis for Management Consulting. SRI Alumni News-
letter. Retrieved from SRI International.
Kimberly, J. R., & Miles, R. H. (1981). The organizational life cycle. San Francisco: Jossey-
Bass Publ.
Object Oriented and Multi-Scale Image Analysis: Strengths, Weaknesses, Opportunities and
Threats – A Review. Journal of Computer Science 4 (9): 706-712. Jan 2008.
Pickton, D., & Wright, S. (1998). What’s SWOT in strategic analysis?. Strategic Change, 7
(2), 101-109.
Stacey, R. D. (1993). Strategic management and organizational dynamics. London: Pit-
man.
SWOT Analysis
Raising Capacity of Your Organization
Huamin Philanthropy Brochure Series – 2
Huamin Research Center, School of Social Work, Rutgers University
390 George Street, Room 503, New Brunswick, NJ, 08901, USA
China Philanthropy Research Institute, Beijing Normal University
19 Xin Jie Kou Wai Street, Room 1003A., Haidian District, Beijing, 100875, China
http://www.csun.edu/~dn58412/IS531
Lecture 6
Personal Health Record
(Chapter 16)
Learning Objectives
Personal Health record (PHR) vs. Electronic Health Record (EHR)
Stand-alone, tethered, and networked PHRs.
Common functionality available in the PHR – Benefits and concerns
Impacts of PHRs
Issues in implementation and adoption
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Personal Health Records
A private, secure application (different from an EHR)
Data from an EHR or providers accessible to patients, 24/7 from home
Information from multiple sources entered by the patient
Driven by patients: access, provide, manage, share personal health info
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Personal Health Records
IS 531 : Lecture 6
*
IS 531 : Lecture 6
PHRs
Precursors to Electronic PHRs: notebooks, files, written records.
Standalone systems: not tied to any healthcare system.
Google Health PHR, Microsoft’s Health Vault
Tethered systems: tied into a healthcare system.
My HealtheVet PHR from the VA
Networked systems : access data from multiple locations
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Attributes of an ideal PHR
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Personal Health Records
IS 531 : Lecture 6
*
IS 531 : Lecture 6
PHR Functions . . .
EHR personal heath information
Lab and test results
Medication lists
Appointment
After-visit summaries
Clinical notes
Patient clinical reminders
IS 531 : Lecture 6
*
IS 531 : Lecture 6
. . .PHR Functions
Secure messaging
Self-entered data
Proxy use (delegation)
Administrative and finance
IS 531 : Lecture 6
*
IS 531 : Lecture 6
EHR Personal Health Information
Lab and test results
Medication lists
Appointments
After-visit summaries
Clinical notes
Patient clinical reminders
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Lab and Test results
Display test names, test values, normal ranges (may have some extra info: what for, why, what next)
Benefits:
Reduce patient waiting time
Avoid letters and phone calls
Concerns:
May confuse and worry patients
Display non-sensitive results only
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Lab and Test results
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Medication Management
List past and current prescribed medications (doses, instructions, allergies)
Benefits:
Can check prescriptions for administering
Discussion with physician for clarification
Share info with other providers
Concerns:
Inaccurate and incomplete if medications are from multiple providers
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Appointment Management
Time, date, location for scheduled visits, tests, procedures.
Can request appointments (subjected to provider confirmations)
Benefits:
Keep track upcoming care: reduce missed /cancelled appointments
Patient convenient, less phone scheduling
Concerns:
Institutions can not control open access
Self-selected appointments not match with level/type of care needed
IS 531 : Lecture 6
*
IS 531 : Lecture 6
After-visit Summary
What, advice, vital signs, prescriptions
Benefits:
Help patients recall the discussion during clinical encounter
Reinforce clinical advices
Can share info with caregivers
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Clinical Notes
The actual physician write-up of the visit
Benefits:
Better understand clinician assessments and decisions
Better understand clinician issues and treatment options
Concerns:
Terminologies may confuse patients
Clinicians resist sharing notes or even alter them
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Clinical Reminders
IS 531 : Lecture 6
*
Notices on recommended screening and preventive cares
Benefit:
Increase patients adherence to preventive care
IS 531 : Lecture 6
Secure Messaging
Confidential and secure online communication between patients and their providers
Benefits:
Convenient 24/7 access
Can include available medical record
Concerns:
Fitting in professionals’ workflow: time, responsibility
Reimbursement for time in online service
Patient may unintentional misuse
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Self-Entered Data
May include prior medical history, family history, alternative medications, self-recorded vitals
Benefits
Important data complementary to EHR
Patient can see the trends needing attention
Concerns:
What type of data to enter
Clinical responsibility to view and response to information
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Proxy Users
Permit other persons (parent, caregivers) access to patient PHR (may have different levels of access)
Benefit:
Sharing information and care with givers
Concern:
Release information intended to be private
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Administration and Finance
Ability to view bills, copayments, coverage benefits (may take online payments)
Benefits
Help manage care and finances
Improve knowledge of benefits
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Issues Related to PHRs
Delegation of access to PHR via a proxy user
Access to financial, medical claims
Privacy (who accessing what)
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Impacts of PHR
Patient satisfaction (timely interaction with providers, 24/7 from home)
Provider satisfaction (conflicting perceptions)
Quality of care (subjected to digital divided)
“Participatory Medicine”: patients are responsible for their health
IS 531 : Lecture 6
*
IS 531 : Lecture 6
Issues
Effective utilization from users increase the efficiency of the systems
Change in clinical works: process, responsibility, time
Handle patient data: what data, what format, who is responsible for viewing/ answering
Provider resources and liability
Consumer protection of privacy
IS 531 : Lecture 6
*
IS 531 : Lecture 6
PHR Adoption
Access: connect to Internet by users
Awareness: knowledge about the PHR tools and their values
Usability: easy-of-use
eHealth literacy: computer literacy (how), effective usage of the system (what for)
Meaningful use: favorable user perception
Clinical integration: PHR should be considered as a source of information for healthcare professionals
IS 531 : Lecture 6
*
IS 531 : Lecture 6
A PHR Sample
IS 531 : Lecture 6
*
http://www.myphr.com/Default.aspx
IS 531 : Lecture 6
Closing Notes
IS 531 : Lecture 6
*
Under the EHR Incentive Program, participating providers are required to provide individuals with access to certain information on much faster timeframes (e.g., a discharge summary within 36 hours of discharge, a lab result within 4 business days after the provider has received the results)
(https://www.hhs.gov/hipaa/for-professionals/faq/2051/under-the-ehr-incentive-program-participating-providers/index.html)
IS 531 : Lecture 6
Closing Notes
IS 531 : Lecture 6
*
“Most patients should have access to EHR by 2014 (Executive Order 13335, 2004)”
IS 531 : Lecture 6
http://www.csun.edu/~dn58412/IS531
Lecture 7
Health Information Exchanges
(Chapter 17)
Learning Objectives
Health Information Exchanges (HIE) and Users
Key Factors in HIE
HIE Business Models
Driving Forces for HIE Development
Obstacles to HIE Development
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Health Information Exchange
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Health Information Exchange
Electronic movement of health-related information among organizations,
A process within a state health information organization or a regional health information organization
A bidirectional sharing of patient health-related information among providers and other authorized healthcare professionals
IS 531 : Lecture 7
*
IS 531 : Lecture 7
National Health Information Network
NHIN provides a standardized, secure, and confidential way to link information systems together for authorized users to share reliable health-related information
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Users of Health Information Exchanges
Individual level: enhance personal health outcomes
Professional level: clinical decision making
Agency/organization level : managing operations and quality improvement
Public health and national level: accreditation bodies to evaluate population health, health policy
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Architecture of
Heath Information Exchanges
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Key Issues in
Heath Information Exchanges
Data storage
Master person index (MPI)
Record locator service
Authentication
Authorization
Security policies
Auditing and logging
Standards
Scope of services
Knowledge of workflow
Portals for access
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Data Storage
To enable the aggregation of data from many sources
Infrastructure models
Centralized
Decentralized / federated
Hybrid
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Centralized Data Storage
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Decentralized Data Storage
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Hybrid Data Storage
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Master Person Index (MPI)
To uniquely identify an individual
To match the person’s data from many sources
Could be a complex identifier with multiple identification attributes (name, DOB, address)
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Record Locator Service
A service to search health information that matches the identified individual
Locator can point to a specific types of information / criteria
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Authentication
To identify authentic users to the systems
Valid users: clinical professionals, public health professionals, supporting IT professionals
Will include patients in future
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Authorization
Authorized user matrix: WHO can access WHAT information for WHAT purpose
CRUD Function Matrix in database: Create-Read-Update-Delete
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Authorization: Data-to-Process
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Authorization: Data-to-Location
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Security Policies & Procedures
Agreement among organizations to share patient data (retrieve, reuse)
Track requests for information
(Require patient consent)
Opt in vs. Opt out
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Auditing & Logging
Keep track all accesses to network services
Intentional vs. unintentional
Connection vs. disconnection
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Criteria-based Standards
To assure the interoperability and reuse of information from many sources
Data communication protocols
Data content, format
Technical compatibility among systems
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Scope of Services Provided
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Knowledge of Workflow
Data processing procedure (When, Who, How)
Patient data types (What, Whose)
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Portal for Access
Different portals for different types of information exchanges
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Health Information Exchange Models
Government-led HIE: direct government program
Public utility HIE: with government oversight
Private sector-led HIE: government as a stakeholder for collaboration and advisement
Public authority HIE : a government created nonprofit authority with powers to operate in a business-like manner
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Health Information Exchange Business Models
Business models designed for financial sustainability:
Membership fee model
Transaction fee model
Program and service fee model
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Driving Forces
Reduce data duplication and related costs
Reduce discrepancies among information from may sources and related fixing costs
Provide a uniform holistic picture of the patient’s health to improve care quality
Underlying key success factor: Electronic Health Records (HER) and Electronic Medical Record (EMR) must be first broadly adopted/implemented
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Current Obstacles
Size and scope of the project
Time / Costs
Critical mass of data to be exchange
Collaboration between competitors (providers)
Technical skills / necessary clinical knowledge to use the system
Resistance to change
Composition and structure of governing agency
IS 531 : Lecture 7
*
IS 531 : Lecture 7
Future Directions
Statewide HIE initiatives have started
HIE enabler/readiness (coordinating initiaties)
HIE outsourcing/technical partnership (technology implementation and services)
HIE operator (implementation and management)
A national health information network to be build
IS 531 : Lecture 7
*
IS 531 : Lecture 7
References
http://www.himss.org/library/topics
IS 531 : Lecture 7
*
IS 531 : Lecture 7
http://www.csun.edu/~dn58412/IS531
Lecture 5
Standardized Terminology and Language in Health Care
(Chapter 15)
Learning Objectives
Standardized healthcare terminology and its importance
Languages and Classifications : Billing, Clinical, Nursing
Terminology structures: Classification System vs. Reference Terminology
Benefits of using structured terminologies within electronic healthcare records.
Issues and concerns
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Standardized Terminology
Also called “Controlled Terminology”
Structured and controlled languages developed and approved by an authoritative body
Healthcare terminology standards designed to enable and support interoperability and information sharing
Essential to the widespread implementation of EHRs
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Healthcare Terminology Standards
To represent, communicate, exchange, manage and report data information, and knowledge in healthcare
Ensure accurate, valid data collection among various providers and care settings
Meaningful Use: exchange clinical structured data in an accurate and complete manner to improve cost-efficiency in client care
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Terminology Definitions . . .
Concept: an expression with a single unambiguous meaning
Code: letters/characters/both to represent a concept
Codified concepts
Clinical terminology: describe health conditions and healthcare activities
Ontology: concepts are organized by their meaning describe a definitional structure-relationship
IS 531 : Lecture 5
*
IS 531 : Lecture 5
. . .Terminology Definitions
Reference Terminology: a set of concepts with definitional relationship
To retrieve data across healthcare settings, domains, and specialties
Point-of-care Terminology (interface terminology): reference terminology in familiar term to clinicians
to support the entry of patient-related information into a computer program
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Types of Healthcare Terminologies
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Technology Development Guidelines
IS 531 : Lecture 5
Terminology and Nursing
Different terms indicate the same thing !
Need a standardized nursing language to describe care across clinical settings and specialists
How to document nursing problems, interventions, and outcomes
To support interoperability, sharing comparable data with other healthcare organizations
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Languages and Classifications . . .
Billing Codes
Mandated by Health Insurance Portability and Accountability Act (HIPAA)
International Classification of Disease (ICD) by World Health Organization (WHO):
for diagnosis reimbursement
Current Procedural Terminology (CPT) American Medical Association(AMA):
for billing and reimbursement of outpatient procedures and interventions
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
ICD Examples
IS 531 : Lecture 5
IS 531 : Lecture 5
*
CPT Examples
IS 531 : Lecture 5
Languages and Classifications . . .
Clinical Terminologies
Unified Medical Language Systems (UMLS) by National Library of Medicines (NLM), recognized by American Nurses Association (ANA)
Systematized Nomenclature of Human and Veterinary Medicine Clinical Terms (SNOMED-CT)
Logical Observation Identifiers, Name, and Codes (LOINC)
IS 531 : Lecture 5
*
IS 531 : Lecture 5
SNOMED-CT
Globally recognized terminology (concepts, descriptions, and relationships)
Recognized by ANA
Promotes evidence-based practice
Undergoes review process to keep up to date
SNOMED-CT consists of 19 top-level hierarchies (Cf. p.305)
Using parent-child relationship to build vertical hierarchies
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
SNOMED-CT Example
IS 531 : Lecture 5
LOINC
“Logical Observation Identifiers, Names, and Codes”
Terminologies for laboratory and clinical observations
For recording a single observation, measurement, test result.
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
LOINC Examples
IS 531 : Lecture 5
Languages and Classifications . . .
Nursing Terminologies
Clinical Care Classification (CCC)
International Classification of Nursing Practice (ICN)
North American Nursing Diagnosis Association International (NANDA-I)
Nursing Intervention Classification (NIC)
Nursing Outcome Classification (NOC)
Omaha System
Perioperative Nursing Data Set (PNDS)
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Clinical Care Classification (CCC) System
To facilitate patient care documentation at the point of care
CCC of nursing diagnosis and outcome:
182 diagnosis concepts in categories and sub-categories; 3 outcome qualifiers.
CCC for nursing intervention:
198 concepts in categories and sub-categories to represent interventions, procedures, treatments, and activities.
IS 531 : Lecture 5
*
IS 531 : Lecture 5
International Classification of Nursing Practice (ICNP)
For point-of-care and reference terminology
Contains diagnoses, actions, and outcomes in 7 axes (dimensions)
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
ICNP Examples
IS 531 : Lecture 5
NANDA-I
“North American Nursing Diagnosis International”
Each nursing diagnosis actual or potential health problem has: description, definition, defining characteristics (manifestations, signs, symptoms)
13 domains , 7 axes(dimensions)
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
NANDA Domains
IS 531 : Lecture 5
IS 531 : Lecture 5
*
NANDA-I Examples
IS 531 : Lecture 5
Nursing Interventions Classification (NIC)
Describe interventions used in nursing care
30 classes, 7 domains and 542 interventions
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
NIC Domains
IS 531 : Lecture 5
Nursing Outcomes Classification (NOC)
Describe outcomes related to nursing interventions
31 classes and 7 domains of outcomes
Each outcome has: definition, measurement scale, associated indicators, supporting references
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
NOC Domains
IS 531 : Lecture 5
Omaha System
Research-based taxonomy for integrating and sharing clinical data
Assessment component—Problem Classification Scheme
Intervention component—Intervention Scheme
Outcomes component—Problem Rating Scale for Outcomes
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Omaha Systems
IS 531 : Lecture 5
Perioperative Nursing Data (PNDS) Set
Provide wording and definitions for nursing diagnoses, interventions, and outcomes
Allow collection data in a uniform way for analyses
4 components, 75 diagnoses, 135 interventions, and 27 nurse-sensitive patient care outcomes
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
PNDS Example
IS 531 : Lecture 5
Benefits of Implementation
Client-specific benefits
Decreased costs
Increased quality
Improved outcomes
Improved safety
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Benefits of Implementation
Provider/Nursing Benefits
Complete access to data
Increased efficiency
Increased accuracy
Increased effectiveness
Improvement in client care
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Benefits of Implementation
Organizational Benefits
Decreased costs
Decision support
Outcome measurement
Data mining
IS 531 : Lecture 5
*
IS 531 : Lecture 5
Issues and Concerns
Integrate systems with locally defined concepts, not using standard terminology
Select which terminology(ies) to use
Point-of-care terms and synonyms for clinical tasks must be locally developed: potential problems for other local systems
IS 531 : Lecture 5
*
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Nursing Assessment Examples
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Nursing Diagnosis/Problem Examples
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Nursing Intervention Examples
IS 531 : Lecture 5
IS 531 : Lecture 5
*
Nursing Goal/Potential Outcome Examples
IS 531 : Lecture 5
Top-quality papers guaranteed
100% original papers
We sell only unique pieces of writing completed according to your demands.
Confidential service
We use security encryption to keep your personal data protected.
Money-back guarantee
We can give your money back if something goes wrong with your order.
Enjoy the free features we offer to everyone
-
Title page
Get a free title page formatted according to the specifics of your particular style.
-
Custom formatting
Request us to use APA, MLA, Harvard, Chicago, or any other style for your essay.
-
Bibliography page
Don’t pay extra for a list of references that perfectly fits your academic needs.
-
24/7 support assistance
Ask us a question anytime you need to—we don’t charge extra for supporting you!
Calculate how much your essay costs
What we are popular for
- English 101
- History
- Business Studies
- Management
- Literature
- Composition
- Psychology
- Philosophy
- Marketing
- Economics
