Why Secure Data Sharing Is Critical for Healthcare Institutions
One of the greatest benefits of the Information Technology Era is interoperability, or the ability of computers to easily share information. In addition to having one primary physician, it’s not at all uncommon for people with certain health conditions to have several health specialists. A single example demonstrates the importance of data sharing in healthcare.
For example, even a fairly healthy person may need to visit their primary care physician for their overall health, a cardiologist for a minor heart murmur, a podiatrist for a minor foot problem, an optometrist for eyeglasses, and a dentist for dental care. Basic information, such as vital signs, as collected by the primary care physician is important to all of the other specialists. The other physicians would also want to be aware of medications as prescribed by the cardiologist. Other health problems or symptoms could be caused by or related to other conditions with the feet, eyes, or oral health. By sharing health information between health providers, a health information exchange would be extremely beneficial to the physicians and the patient.
The downside is that with every opportunity to share health information comes the risk of violating one or more patient’s personal health information (PHI) or having it be stolen by an unscrupulous hacker. With so many sophisticated hackers looming over cyberspace, the security of health information is at serious risk wherever it is stored and wherever it gets transferred. Many questions remain about what health information should be shared, whom it should be shared with, and how to share it securely.
Researchers are still looking for ways to develop such a system to enhance patient care while keeping data secure and complying with HIPAA mandates.
Benefits to Sharing Healthcare Data
There are a host of potential benefits for patients’ health and well-being when providers can share healthcare data. It could reduce doctor visits, emergency room visits, and hospital admissions. Shared health and medical information could avoid medication errors and decreases the possibility of duplicate testing.
HIPAA Allows More Sharing than Some Healthcare Providers Are Aware Of
When it comes to the question of sharing healthcare information, HIPAA automatically becomes the primary reason for turning down the request for most healthcare providers. On the contrary, HIPAA was intended to facilitate safe and secure sharing of information.
History has shown us how tracking contagious diseases can prevent serious, life-threatening diseases on a global scale. At the current time, health providers across the world are sharing information about the coronavirus to prevent the spread of the disease and to research the potential for a cure to wipe it out completely. Healthcare agencies encourage collaboration around other health conditions such as participating in cancer registries and sharing information about lead poisoning.
When we look at the grander scale, collaboration and secure information sharing could substantially improve healthcare for the longer term. Consider the benefits of information sharing for the following fields:
- Genetic studies
- Chronic disease registries
- Substance abuse
- Population health management
- Larger scale analytics
- Epidemiology/disease tracking
As the industry explores plans on how best to share information securely, the final plan will need to consider how to share it with numerous stakeholders including physicians, nurses, payers, hospitals, specialists, pharmacies, public health organizations, researchers, and the patients.
Sharing Information Related to Cybersecurity Efforts
Beyond the need to share information between health providers, there’s a need to ensure the security of that information. In just the first half of 2019, 27 hospitals and other health systems were victims of data breaches. There will be less potential for cyberattacks within the healthcare industry if providers can find a way to share what happened to cause a breach, how it was discovered, the severity of the loss, and what damage ultimately resulted from it.
Collaboration around cybersecurity can possibly prevent further incidents from occurring and give other organizations a defensive heads-up.
Data Sharing Concerns Related to HIPAA
Health providers cite HIPAA as the reason for not sharing information more than they do. The reality is that HIPAA permits disclosure of PHI for the provider that collected it or created it for its own treatment, payment, or other activities. In addition, HIPAA also permits the provider to disclose it to another provider for treatment, payment, and health care operations. Healthcare providers claim that the barriers in sharing PHI place regulatory burdens on them, making them hesitant to share it even when they’re allowed to.
Why Secure Data Sharing Is Critical for Healthcare Institutions
The lack of ability to share information has affected all stakeholders including a patient’s ability to get information on themselves.
Under former president, Obama, the 21st Century Cures Act calls for enhanced requirements for IT interoperability and more precise language around information blocking within the healthcare industry. This act provides for financial penalties for healthcare providers and vendors who don’t meet certain interoperability thresholds. Providers agree that the task the federal government should be focusing on is education on what HIPAA permits and requires, rather than punishing providers that make mistakes or that are subject to complex interoperability and HIPAA implementations decisions.
Industry stakeholders have called for improvements in regulations and the provision for a highly secure exchange of information. The need for standardization and non-discrimination in data sharing is a high priority. All agree that a useful exchange will include a framework and common agreement about connections across information exchange networks, rules, laws, HIPAA, and intellectual property rights. Industry leaders also insist upon a path that ensures a trusted, secure exchange of health information between networks across multiple jurisdictions.
Ultimately, patient care can only benefit when all stakeholders agree on a platform for how to move healthcare information from one provider to another in ways that are easy and efficient without compromising security. The conformity of HIPAA technical safeguards will require collaboration and cooperation between federal legislators, health providers, health administrators, and IT professionals. As important as it is for stakeholders in the healthcare industry to share data, it’s just as important to ensure that it’s secure en route and while being stored.