In the middle of eCQM submissions for our EH and EP clients, and Carnival season here in New Orleans, it seems impossible that something would be able to pull us away from our office in the Crescent City. However, HIMSS accomplishes this on an annual basis and we were eager to arrive in Orlando for the 2019 conference last week. ONC had just announced a new proposed rule, including the endorsement and mandatory incorporation of FHIR, and the news was traveling faster than the Boeing 737 we were on. This was quite the way to start off our eighth HIMSS conference. Fortunately, we also frequent FHIR Connectathons and have been, and continue to, prepare for the FHIR-based changes ahead.
The New Proposed Rule
“FHIR” and “API” were two of the hottest acronyms at this year’s HIMSS Conference. This is still a proposed rule that is open for comments but, if finalized, ONC would require EHR vendors to offer a well-documented API that:
- Exposes US Core Data for Interoperability (USCDI v1) data elements
- Uses FHIR to support USCDI data classes and data elements
- Supports the SMART Application Launch Framework Implementation Guide
USDCI expands on the Common Clinical Dataset that was introduced with the 2015 Edition final rule and includes two additional data classes: Clinical Notes and Provenance. Clinical Notes is aptly named and may include notes detailing assessment, a plan of care, patient teaching, and other relevant data points. While defining Provenance is not as straightforward, the objective is using metadata that defines the creator and owner of an element to deepen trust in and alleviate audit pains with that dataset as it is passed between systems and APIs.
We were also gifted an abbreviated version of “API Resource Collection in Healthcare” as the proposed rule introduced us to the acronym ARCH. ARCH is aligned with the proposed USCDI and references 15 FHIR resources that certified vendors would be required to support. To help achieve this goal, ONC has created an open source (and still under development) tool for testing if patients can access their health data as expected. Fans of Dante, Dan Brown, and Tom Hanks are delighted with the naming of the new tool and “Inferno” is available at: https://inferno.healthit.gov/inferno/.
More details on the testing suite can also be found here: https://www.healthit.gov/buzz-blog/interoperability/onc-is-fhird-up-unwrapping-the-new-inferno-testing-suite. Additionally, the proposed rule would require adoption of SMART (Substitutable Medical Applications, Reusable Technologies) which uses OAuth2 to provide a layer of security for FHIR interfaces. OAuth2 is a widely used industry standard that, coupled with OpenID Connect, provides a level of authentication and authorization that is outside of FHIR’s scope. It also describes a process by which an EHR application can launch an external application while preserving the patient and user context, thus providing secure access to EHR data.
Information blocking (including seven exceptions) is also a large part of the proposed rule and attempts to codify the concept of patients, rather than their health systems, owning their data and being entitled to access that data free of charge. As CMS administrator Seema Verma noted, “The idea that patient data belongs to providers or vendors is an epic misunderstanding. Patient data belongs to patients.”
Final Thoughts
Of course, the highlight of our HIMSS experience is interacting with our peers who are equally passionate about healthcare IT. Throughout the event, current and prospective DHIT clients stopped by our booth to chat and the energetic environment of HIMSS left us with additional motivation and a renewed commitment to healthcare IT and providing our client base with outstanding customer service.
Our promise is continuing to strive towards an impactful footprint in the HIT industry by providing research, news, and innovative development. If you missed us at HIMSS, plan to meet us at the next FHIR Developer Days, FHIR Connectathon, or ONC Annual Meeting as we dive deep into ongoing development on FHIR Resources and C-CDA requirements. We have a blog on NPRM, comments to ONC, newsletters, and emails all coming soon and, in the meantime, you can join us on Twitter @DynamicHealthIT.