Interoperability is a hot topic in the world of Health Information Technology (HIT), and for good reason. More and more companies are creating new HIT software, increasing the number of potential inputs for patients’ health information. It’s exciting for patients and providers alike to have such a variety of technology available, from electronic health records (EHRs) and mobile charge capture apps for providers, to wearable devices and web portals for patients.
With so many HIT services available and so many different options within each service, it’s essential to ask the right questions and select software that can connect with other systems to centralize patients’ health information. As a provider, can I send my patient’s discharge summary to the specialist to which I’m referring him? As a patient, if I get in a skiing accident while on vacation, will the emergency room in another state be able to pull my medical record from my doctor back home? And, even if the answer to these questions is “yes,” how do I know that this medical information is changing hands securely?
Most EHRs used by health care providers and hospital systems aren’t inherently able to communicate with other EHRs. This means that even though your allergist is only a mile down the road from your primary care doctor, she may not be able to view your medical record from her software system. The ramifications of this lack of interoperability can range from mildly annoying, in the case of the allergy patient repeating his past medical history every time he sees a new doctor, to dangerous, in the case of the skier in the ER who can’t remember which pain medications she’s allergic to.
EHRs and other systems require special technology to securely communicate with one another. One way for providers and health care systems to communicate with one another is using the Direct standard, most simply described as a secure, encrypted email between two health care entities. A Direct address looks similar to an email address but has a Health Endpoint name in addition to a domain name (ex., firstname.lastname@example.org). You can’t sign up for a Direct address as easily as a Gmail or Yahoo email address; Direct addresses are issued by a Health Information Service Provider (HISP).
In addition to issuing Direct addresses and security certificates, a HISP organization manages the technology that allows providers to securely transmit patient health information via the Direct standard. A HISP provides specialized network services that connect an EHR to other EHRs that also use the Direct standard. The types of organizations that function as HISPs can vary, from EHR vendors to independent services to a large hospital system acting as its own HISP. Thanks to HISP technology, Direct messages and any attachments to those messages are secure, encrypted, and HIPAA-compliant.
Sending health information electronically is more secure and more efficient than previous methods of communication, such as fax, mail, or email. Information sent via Direct message or attachment can flow directly into the recipient’s EHR software, eliminating an unsecure third party or the potential for interception.
What does this look like for the two patients we met earlier? When our first patient goes to the allergist for an initial visit, the doctor can have his medical record pulled up on the computer before the patient even enters the exam room, plus any other notes his primary care provider included. When our skier on vacation arrives in the ER, the emergency staff can contact her doctor back home and receive her electronic medical record instantly. The staff at the ER now has data, including her allergies, medications, and medical history, required to treat the patient. Once the skier’s treatment is complete, the emergency doctor can send a treatment summary back to her doctor at home, completing the loop and maintaining continuity of care.
The possibilities in HIT today are seemingly endless, but it’s important to remember that not all software is created equally in terms of interoperability. Patients don’t receive health care in a vacuum, and their electronic information shouldn’t exist in one, either. In order to provide the highest level of patient care, health care software needs to have the ability to connect and communicate across platforms.