It’s Not Just a Dream: A common format and secure transmission for electronic health records

One of the reasons I really enjoy giving presentations to medical professionals is that it allows me an opportunity to hear about the role of electronic documentation from different perspectives. As a small business owner with a fairly niche market, I understand the diversity of needs and concerns when it comes to electronic records and file sharing in healthcare.

At a presentation last week on Consolidated CDA, an audience member posed an interesting question toward the end of the talk - "Isn't this a simple matter of agreeing on a format for records, consistent with what has been performed in nearly all other industries?" 

The short answer is, "yes.” Sharing medical files securely is simply a matter of agreement on a common format, then agreeing on a safe way to transmit that content.

The short answer, however, has not necessarily been a simple one. It has been a slow process, starting with getting the decision makers in the vast landscape of the medical and IT fields to even begin discussing common formats at a granular level. Unlike large corporations with top-down leadership, healthcare is very segmented with distributed leadership. This was just one of many challenges that needed to be ironed out to inch forward. After many years and immense negotiation among hundreds of volunteers, private and public funding, a common format, Consolidated CDA, finally began to emerge.

While we had a common format, we also needed a secure way to transmit records.   HIPAA requirements restrict the technical ways information can be shared to ensure privacy.  That is a significant limiting factor. Health IT professionals’ nerves get shaky just thinking about the penalties associated with even occasional errors in transmission of protected healthcare information (PHI). I believe that, while we need the simplicity of an email-style transmission, we simply can’t afford to proceed with a solution that includes the problems commonly associated with emails. We’ve all experienced the dreaded accidental click of the “reply all” button at one time or another, but there are even more daily issues, such as spam, incorrect addresses, autofill mistakes and unverified identities. Health Information Exchanges (HIE) are one answer, but they aren’t available in all regions.  Direct messaging, a national project to encrypt and securely exchanging healthcare data via the Internet, is a newer answer.  Health Information Systems Providerss (HISPs) are designed to form trust relationships that will overcome the concerns commonly associated with regular email when Direct Messaging is used.

Some healthcare IT professionals tend to be a bit overstated when they describe the current limitation of HISPs.  In an effort to educate, they often emphasize the challenges of the current status of development and implementation, instead of looking forward.  The challenges we face today are real, but temporary. With consortiums like the Health Story Project and the development of Consolidated CDA, they will be resolved in the near future. I believe we will see these issues resolved as soon as within the next 12 months, leading to a resurgence of transcription for Meaningful Use 2.