On February 12, HIMSS submitted a letter to the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) on their recent Request for Information on Modifying HIPAA Rules To Improve Coordinated Care that sought to identify provisions in HIPAA and identify barriers to the transformation to value-based healthcare. HIMSS holds firm behind the value component of healthcare transformation, and seeks to eliminate any potential regulatory barriers as a means to improve care coordination and interoperability. Any changes to HIPAA must ensure that the patient’s data remains protected through the privacy and security of protected health information (PHI).
HIMSS notes that it is critical that the 21st Century Cures Act must coincide with any potential HIPAA regulations. The rapid pace of healthcare must keep up with the coordinated care efforts to harmonize the balance of interoperability. HIPAA will not grant complete health information security, nor promote greater data sharing, therefore HIMSS encourages HHS to ensure that information blocking rules required under 21st Century Cures enhance the effects of data protection.
HIMSS aims to align these efforts with the patients in mind, and prioritizing them as a key component to the success of healthcare transformation is critical. Patient centered frameworks give the patient control of their data and ease of access when they need it. HIMSS goes on to recommend a synchronized system of HIPAA privacy principles that fit within the current electronic landscape and the strategic requirements of creating a learning healthcare system through better use and sharing of individuals’ healthcare data. More emphasis from OCR on a community-wide HIPAA education protocol will play a significant role in educating the public and providers about the scope and reach of HIPAA.
HIMSS continues to respond to a number of the questions included in the RFI, and offers guidance that HHS must deliver clear guidance that encourages the safe portability of data through information blocking rules, HIPAA, and other regulatory frameworks.
HIMSS is hopeful OCR can engage with the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare & Medicaid Services (CMS) to further define the minimum necessary requirements to promote the shift to value-based care. This includes aligning the Trusted Exchange Framework and Common Agreement, (TEFCA) and the accompanying US Core Data for Interoperability (USCDI), as resources in this shift.