Health Records Firm Epic and About 60 Client Hospitals Object to Data Sharing Rules Supported by Apple

[MacRumors]

Health records firm Epic Systems and some 60 client hospitals are objecting to a proposed U.S. government policy that would make it easier for patients to share medical records data with apps, an initiative supported by Apple and other tech companies (via CNBC).

Proposed by the Department of Health and Human Services (HHS) in 2019, the modified data sharing rules would allow patients to share private clinical data from their healthcare providers and make it more accessible to health apps via APIs.

Currently, patients often have difficulty trying to obtain their information, with clinical data stored on physical media and processed through medical record software marketed to hospitals by the likes of Epic. According to one report, an Epic installation can cost upwards of $1 billion for a major health system to implement.

Yet in a letter to the HHS Secretary Alex Azar, Epic and signatories argue that the pending initiative on interoperability will be "overly burdensome on our health system and will endanger patient privacy."

Instead, Epic's letter recommends changes to the proposed rules, including extra clarity around health information related to family members and a longer timeline for the "development of new technology required by the rule," up from 1 year to 3 years.

"While we support HHS' goal of empowering patients with their health data and reducing costs through the 21st Century Cures Act, we are concerned that ONC's Proposed Rule on interoperability will be overly burdensome on our health system and will endanger patient privacy. Specifically, the scope of regulated data, the timeline for compliance, and the significant costs and penalties will make it extraordinarily difficult for us to comply."

A spokesperson for HHS told CNBC that it had received the letter. "We appreciate all stakeholder feedback as we continue to finalize the rules," they said. "Our ultimate goal is to ensure that patients are able to easily access their electronic medical records."

Some health IT experts told the news outlet that the letter has not been signed by some of the largest health systems in the Epic ecosystem, and called their absence "significant."

"Their absence represents a thundering silence," said David Brailer, the first National Health Information Technology Coordinator, appointed by George W. Bush. "Many health systems are quietly discussing how the data access and data fluidity actually benefits them in the long-run."

Apple, Microsoft and Google recently joined a call with non-profit Carin Alliance to discuss ways to get the rule finalized. As noted by CNBC, the tech firms favor the rules, partly because greater interoperability between systems that store medical records could help them move into the $3.5 trillion health care sector.

Apple has progressively worked to break into the health industry in recent years. At the beginning of 2018, the company launched a Health Records service to increase the portability of health records and make them available across participating hospitals and clinics. The idea was to allow patients to download their health records to iOS devices and then easily share them with other practitioners.

By August of the same year, Apple's Health Records feature allowed iOS users to access their medical records from more than 75 different hospitals and medical providers in the United States.

Article Link: Health Records Firm Epic and About 60 Client Hospitals Object to Data Sharing Rules Supported by Apple

 

[Frign]

The medical industry is scared of losing "customers". You can't make money with medication and surgeries to remedy long-term illnesses (which makes up the majority of their income) when many issues are detected early.

 

[Crowbot]

Data is a jewel in the patient data industry. And the data companies don't want to share the wealth. Not for free, that is. Most large hospital systems (including the ones using EPIC, the largest company, I believe) have a means of giving the patient a data package in PDF format. This sounds like economic resistance to me.

 

[SoundJudgment]

Epic! Sit down! Shut up!! Nobody likes you!

 

[gumbyjunior1]

For crying out loud...This screams against all things HIPPA stood for!
Especially when data breaches are still common place.
Its no wonder these companies resist.

 

[redbill2]

According to one report, an Epic installation can cost upwards of $1 billion for a major health system to implement.

Your "source" is trapped behind a pay-wall. And is also one of the largest multi-hospital Health Care organizations in the country.

 

[PickUrPoison]

The medical industry is scared of losing "customers". You can't make money with medication and surgeries to remedy long-term illnesses (which makes up the majority of their income) when many issues are detected early.

What are you talking about? It doesn’t sound like you read the article at all, it has nothing to do with your conspiracy theory.

 

[QuarterSwede]

For crying out loud...This screams against all things HIPPA stood for!
Especially when data breaches are still common place.
Its no wonder these companies resist.

This has nothing to do with HIPPA. The patient can share whatever medical history of theirs they want.

 

[ibphd]

For crying out loud...This screams against all things HIPPA stood for!
Especially when data breaches are still common place.
Its no wonder these companies resist.

As a user of the various systems I can say that sharing data is a good thing. I fear data breaches, but I have a greater fear what these companies are doing. They will not allow data to be shared as it makes it easier for doctors to move to other systems. I recently tried to move systems (I use Practice Fusion) and it was close to impossible for me to do so.

 

[PickUrPoison]

Your "source" is trapped behind a pay-wall. And is also one of the largest multi-hospital Health Care organizations in the country.

Not sure why you put source in quotes, but whatever. The first paragraph is pretty interesting, and sounds like an “Epic” fail:

Partners HealthCare spent $1.2 billion installing electronic record system Epic, a system revered for its potential to streamline care, and better manage billing. But one thing the system can’t do is handle daylight saving time.

 

[japanime]

Epic et al.: "All your health data are belong to us."

Patients:

 

[JosephAW]

As a self pay, I always request a copy of my results from tests before leaving a facility.

 

[Mojohanna32]

For crying out loud...This screams against all things HIPPA stood for!
Especially when data breaches are still common place.
Its no wonder these companies resist.

Not really. HIPPA protects what others can do with your data. You have every right to your personal data and if you want to keep it stored locally or have it easily accessible, you have the right to do so. This is purely a money play and control play by Epic. If patients hold and maintain their own medical info, they are less reliant on doctors to pull it and send it to them. Trust me, this is a painful process. Consider a snowbird. They need their medical records easily accessible in two separate areas, most likely with health systems that are not connected. Waivers aside (which should not be required as you can share PHI between two Covered Entities without a contract for treatment, payment and healthcare operations), it should not take an act of congress to have one doctor share your health records with another.

 

[Digital Skunk]

For crying out loud...This screams against all things HIPPA stood for!
Especially when data breaches are still commonplace.
It's no wonder these companies resist.

It's not against HIPPA, but the data breach part I agree with. I'd add that I do agree with extending the time needed to develop new tech. It may sound like a bad thing, but the last thing the country needs is our health data being held hostage or the system being breached.

This has nothing to do with HIPPA. The patient can share whatever medical history of theirs they want.

Exactly. What I'd like to see is easier and more access to health information from the patient/caretaker side. Secure access.

 

[V_Man]

Hence Apple is now finding out the wonders of our healthcare system. A red tape disaster.

 

[bbednarz]

Your "source" is trapped behind a pay-wall. And is also one of the largest multi-hospital Health Care organizations in the country.

I work at a hospital that just implemented Epic this week. The $1 billion number is probably somewhere close to accurate. Could see it being even higher for some bigger hospitals.

 

[redbill2]

Not sure why you put source in quotes, but whatever. The first paragraph is pretty interesting, and sounds like an “Epic” fail:

Daylight Saving is not Epic fail. Its a "your 24-hour watch can't display 25 hours in a single day" fail. I can't read the article, but I'm sure that's what they're complaining about, which is unsolvable given the clock on our computers. Epic, and almost all medical software, stores time as seconds and/or days since 1/1/1860. The database knows which time it is, in relation to the fall switch back to Daylight Standard, but there is no way to present that to a user with a 24-hour clock.

 

[furqan8421]

The situation is a bit more nuanced than being described in my opinion

If two different hospital systems both use Epic for example then it’s usually fairly simple to see info from the other hospital as a health care provider

patients typically do have access to their own results (at least on epic)

what becomes difficult is if one system uses epic and another uses a different medical record system. It’s then harder to see records unless it’s faxed over.

I truly don’t know how secure fax is but to this point it’s what most places use as it’s still fairly fast and likely secure enough

Having a standardized system would be more convenient but epic for example I’m sure doesn’t want that, as places have slightly less incentive to use epic if any medical record system could be used to access patient info

on top of that any system regardless of who is behind it needs to be extremely secure for obvious reasons

 

[redbill2]

I work at a hospital that just implemented Epic this week. The $1 billion number is probably somewhere close to accurate. Could see it being even higher for some bigger hospitals.

Partners is HUGE, and has very specialized practices. I would guess it is one of the 3 largest implementation of Epic in the US.

 

[namenotfound]

Health Insurance Portability and Accountability Act of 1996 (HIPAA). It will soon be 24 years since HIPAA was passed. Everyone knows about the Privacy provisions but the Portability portion has been forgotten. It's time to do a true implementation of that. There is no reason for the same test, xray, etc be done just because you have moved to another provider. Why move? Often because your insurance does not cover your needs at the provider you started with. Think heart attack on vacation, car accident while visiting your mother, etc. The EMR folks don't have a common data template I am sure. I gather that will take longer than a year or 3. Probably 10 years at a minimum.

 

[redbill2]

Exactly. What I'd like to see is easier and more access to health information from the patient/caretaker side. Secure access.

This would have been a great thing for congress to focus on during Health Care Reform, instead of the insurance shell-game we got. Patients don't often know what tests have been run on them, they go to a different Dr. and don't have access to their records, they get the same stuff run again and again $$$$$

 

[PickUrPoison]

Daylight Saving is not Epic fail. Its a "your 24-hour watch can't display 25 hours in a single day" fail. I can't read the article, but I'm sure that's what they're complaining about, which is unsolvable given the clock on our computers. Epic, and almost all medical software, stores time as seconds and/or days since 1/1/1860. The database knows which time it is, in relation to the fall switch back to Daylight Standard, but there is no way to present that to a user with a 24-hour clock.

Epic should feel free to append daylight time or standard time when necessary. Sounds like your programmers had a tough time with it.

 

[alphaswift]

Let's all be super clear about this: Those companies want to keep your health data within their own systems because (1) It costs money to create and maintain an interoperable system (2) They make more money by tying customer health data to only their systems. Sharing data means potentially losing customer dollars.

These companies want to make money and are willing to make you unhealthy or kill you to do it.

 

[namenotfound]

The situation is a bit more nuanced than being described in my opinion

If two different hospital systems both use Epic for example then it’s usually fairly simple to see info from the other hospital as a health care provider

patients typically do have access to their own results (at least on epic)

what becomes difficult is if one system uses epic and another uses a different medical record system. It’s then harder to see records unless it’s faxed over.

I truly don’t know how secure fax is but to this point it’s what most places use as it’s still fairly fast and likely secure enough

Having a standardized system would be more convenient but epic for example I’m sure doesn’t want that, as places have slightly less incentive to use epic if any medical record system could be used to access patient info

on top of that any system regardless of who is behind it needs to be extremely secure for obvious reasons

Faxing your bloodwork can be done. It still has to be received and then inputed by hand into the receiving system. The image of the fax can easily be uploaded but it will be an image, not the actual content (ie results that can be charted). Secure Fax has not been implemented everywhere and probably won't be. It will be faster to reorder the test on site. And faxing an MRI or CT Scan is not happening.

 

[mariusignorello]

Oh please. Epic knows exactly what they’re doing. They’ve gotten a number of clients to switch over from Cerner’s PowerChart and they’ll be damned if they let anyone out of their system.

CareAnywhere and CareEverywhere (Epic’s interoperability system) is meh at best and useless at worst.