Venmo For Health Data? What You Need To Know About PHI Portability

by Luis Castillo on Jul 31, 2019

patient dataHealth data belongs to the patient.

That message has been made abundantly clear by the current administration. The Centers for Medicare and Medicaid Services (CMS) and Administrator Seema Verma have set out to reclaim patient data from hospitals, payers, software vendors and anyone else who might otherwise come across patient data in the course of providing care or doing business.

But what does it really mean for a patient to control their own data? Although it sounds relatively simple, this is actually a radical rethink of the current environment.

For years, patients have relied on health care systems to keep careful track of the critical information about their wellbeing and ongoing provision of care. But while one could assume the advent of electronic health records and assorted other technologies would have simplified this process, I've found that the opposite has actually been true.

As health care IT evolved from its infancy, disparate health systems often chose different vendors to store patient records, and so not all of these vendors actually played nice with one another from the start. That’s changing slightly with the ongoing evolution of FHIR standards and the adoption of APIs that allow providers to integrate separate systems. As hospitals and software companies work to coordinate patient information, I'm seeing progress in terms of data sharing.

The problem is that so much of this data may still be incomplete. A doctor simply doesn’t know what they don’t know. As The Health Care Cost Institute found office visits to primary care providers decreased between 2012 and 2016 while spending on specialists has increased and consumers are more capable of shopping around based on price or what their insurance will cover, a patient’s overarching medical record can look more and more like a patchwork of different parts.

Think of it this way: A patient’s record used to be a single blanket of information, but now it’s more like a quilt. Different pieces have been stitched together to create the totality of that patient’s health picture. The issue, however, is that a physician may only see one square of that quilt.

That’s problematic, yet it’s patients themselves who hold the answer, as CMS has hinted. But what does that future actually look like? What does it mean for the patient to be the one in charge of that data, and how will it change the face of health care IT?

Health Care In A Flash (Drive)

In its simplest form, the keys to health data may look a lot like an updated version of an old-fashioned flash drive.

Imagine that at the end of every patient encounter, regardless of setting, that outcomes, test results and care plans are uploaded to a flash drive that the patient holds. With the patient’s permission, the hospital and even the payer can access that information, but it’s the patient who acts as the true north for that data.

I use "flash drive" somewhat metaphorically, as it’s more likely that the information would be stored on a phone or an app. Think about something like Apple Pay or other mobile-based credit cards to give you an idea of how it will work. In these systems, a debit card of sorts is stored on your mobile device and each transaction creates a record that interacts directly with your bank account someplace offsite.Medical Record On TabletI imagine the future of health care provision will look somewhat similar. The patient’s data would be stored in their own account, just like a bank, and that information would live somewhere in the cloud so that the patient can always access it. The patient would need to sign in to an app or the mobile web to access it to prevent tampering. But on their smart device, there would be an avatar of sorts for that account that's similar to a debit card. Rather than create a financial transaction, however, this avatar could be used to generate the necessary health data, interact with the provider’s own electronic health record (EHR), and send any updated information back to the cloud account.

On the other end of this “transaction,” you could have a provider who connects their EHR system to that patient’s card to pull up the necessary details of their health record. In this way, the patient would hold and safeguard their health information, but the physician could gain access to it during that particular point of care. No information goes missing, as they’d know they have the most up-to-date version of that person’s health status.

This is the only way I can see health care data becoming truly portable. Without someone acting as the repository of the patient’s full health care experience, there will likely always be data that gets lost in translation when two providers try to communicate with one another. When the patient gets to be that repository, we could get closer to interoperability.

Now, there are drawbacks to such a system. One is the risk that the patient holds back certain information during a transaction with a provider. And security is another issue we must carefully consider. Due to HIPAA compliance, the patient’s health record will need to be as secure in their own portable system as it is within the walls of the hospital (although, quite frankly, I've found that the cloud is far more secure and thus could provide a safer alternative).

Portability of health care data will take some time to come to fruition, but with CMS pushing for patients to own their own data, the solution to interoperability and data-driven health care plans could be right in front of us. Let’s hope it arrives sooner rather than later.

Originally posted on Forbes Technology Council (view original).

Subscribe to Receive Updates!

Meet the Author

Luis Castillo has more than 30 years of experience in healthcare information technology. Prior to joining Ensocare, Castillo served as senior vice president at Siemens Healthcare, where he was in charge of IT sales, service and marketing. He was responsible for developing alternate markets, sales strategies and sales channels in order to grow the healthcare information technology business. Luis’ broad and deep experience has served to hone his leadership skills and business acumen, and he is a sought-after participant in strategic initiatives and global partnership efforts. He earned his Bachelor of Science degree in political science from Haverford College in Haverford, Penn.