The current initiatives coming out of the ARRA and HITECH legislation are a collection of standards, protocols, legal agreements, specifications, and services that enables the secure exchange of health information using the Internet as the pathway and technology. Getting even to the point of talking about a national HIE has grown from a number of starting points.
Back in 1990 the Hartford Foundation offered grants to several states and cities to set up community health management information systems to create central repositories for individual-level demographic, clinical, and eligibility information. Those data were to be used by stakeholders such as local agencies, payers, employers, and researchers for assessment activities. Secondarily, they were to create transaction systems to facilitate billing and patient eligibility information to reduce costs. Hampered by primitive technology, especially to costs for networks and related technology but also discovered that the lack of standards for data integration hampered their efforts. Moreover, they ran into political resistance from some providers who even got a law passed in Iowa to prevent the exchange from succeeding because of privacy and security concerns as well as ultimate control of the data—issues that persist even today. Finally, they never grew beyond the grant-funded approach to become self-sustaining.
Another effort was the community health information networks, CHINs, that were primarily commercial endeavors. The prioritized savings rather than quality assessment objectives. They took a very different approach and emphasized data transfer as their mode of sharing rather than having a centralized repository. Nevertheless, most did not make it out of the 1990s. The transaction costs, when affordable, could not support the system or meet business objectives. The costs needed to be borne by a larger market.
RHIOs were the first effort to start getting notice, and support, by the federal government. Because they offered services across a wider area, many linking communities together, they spread the risk. Nevertheless, they took millions to start and millions more to keep operating—difficult to raise and sustain. Competitive pressures between hospital systems kept the bar of mistrust high and stymied many efforts at data collaboration. Again, the issue of who controls the data tended to limit access and therefore success of the exchanges. Finally, the fear of legal liability from unlawful disclosure added another chilling effect.
In the mix of these efforts was the 1999 NIH report, To Err Is Human, that suggested that as many as 98,000 people die as a result of preventable medical errors—issues that sharing health information should be able to mitigate. In fact, they followed up in 2001 with a supplemental report advocating the sharing of healthcare information in some sort of exchange.
The above initiatives were focused on community and regional collaboration. Why not reverse the direction and focus on the patient? A big boost to the idea of personal health records as the lingua franca of health information exchange was started by the Markle and Robert Woods Johnson foundations in the mid-2000s. (I attended the first couple of meetings they had and felt some of the enthusiasm.) The idea was to empower patients to have their own “personal health record” that contained all information relating to their healthcare. Generally, these efforts were started by individuals who were patients with serious chronic conditions, their family members who needed to care for someone, or they were started by behemoths like Microsoft or Google. The legal issues were potentially eliminated because the patient controls their own data in the first-person, but the approach would not provide societal benefits of aggregating the data for improving clinical outcomes or reducing costs. Finally, there were the persistent technical and logistical issues of providers tapping into the PHRs.
HIEs attempt (through the HITECH Act and Meaningful Use) to provide a set of incentives and penalties for non-compliance in adopting a standards-base EHR as well as strike a balance between personal information security and community information use. Some have called this a utility model similar to past regulated monopolies in electrical power and telephony.
I'll explore the path traveled so far in a future post.