Epic, Cerner, Google and Microsoft are just a handful of health IT companies speaking up about HHS' interoperability rules, which were finalized March 9.
Issued in February 2019 by CMS and ONC to support the MyHealthEData and 21st Century Cures Act, the regulations will require the health IT industry to adopt standards to help patients more easily access their health data via smartphone apps.
The rules will affect multiple stakeholders across the healthcare industry, including patients, providers, payers and tech companies. In recent months, Epic has spoken out against the final version of the rules, citing privacy concerns and rallying 66 health system leaders to sign a letter to HHS asking for provisions. Other tech companies, such as Cerner, Apple and Microsoft have pledged their support of the regulations, highlighting the potential to enhance patient care by making it easier to share information between providers, EHR systems and patients.
Here are 10 health IT companies, organizations and executive's responses to the March 9 finalized rules, as reported by Becker's Hospital Review.
Epic: "We keep the patient at the heart of what we do and we focus on improving healthcare for patients," a spokesperson said in an email to Becker's. "We have been working closely with HHS and ONC to try to improve the rule, and we appreciate their willingness to hear our feedback. The rule is very important to health systems and their patients, so we will read it carefully to understand its impact before making judgments."
Cerner: Brent Shafer, CEO of Cerner, pledged the company's support of the final rules, writing that giving patients free and secure access to their electronic health data is not only "the right thing to do" but will also support innovation in digital products and the healthcare industry.
Google: "Giving people more access to their own health information has the potential to unlock innovation that could make healthcare more accessible, more affordable, and save lives," a spokesperson said in an email to Becker's. "We welcome HHS' work to prevent the blocking of information and to facilitate secure data access to patients."
Microsoft: "As we move toward an interoperable future, we believe consumers should have control over their own health data, and the announced rules take us a step closer to that ideal," Peter Lee, corporate vice president of Microsoft Healthcare, said in an email to Becker's. "Microsoft is committed to working with our healthcare industry partners to build that future — making it easier for patients, researchers and clinicians to collaborate, innovate and provide the best care possible while ensuring privacy and regulatory compliance."
Meditech: "[We] are reviewing the final ruling in detail. As previously stated, we are strongly in favor of a patient's right to have access to their medical record data and in particular, their right to electronically transmit that data for use wherever they like," a spokesperson said in an email to Becker's. "We've embraced the existing standards and look forward to continuing to do so as they are evolving in this final ruling. We are happy to see that several of the concerns raised by the industry as a whole, have been considered and addressed in the ruling."
Allscripts: "Allscripts has supported efforts to address information blocking since they were first conceived in Congress, and for the most part, I believe HHS was successful in translating the requirements of 21st Century Cures into regulation," Leigh Burchel, vice president of government affairs at Allscripts, said in an emailed statement to Becker's. "The eight exceptions are thoughtfully constructed, and the commitment to the patient is evident throughout the rule. Yes, there are a number of elements that we would have liked to see finalized differently — the development lift is going to be substantive in what is still a fairly short period of time, for example, and the rule is constructed in such a way that it will inevitably require extensive education to be sure healthcare organizations understand the many nuances — but that's the nature of rulemaking. We support the effort overall, and we think it will benefit patients."
United Health Group: "We share the administration's goal of advancing interoperability and removing roadblocks to data sharing so that consumers have better access to and more control over their healthcare data," a spokesperson said in an email to Becker's. "However, enabling third parties — such as app developers and technology companies — to access consumers' private health information without abiding by the same proven privacy and security standards that healthcare companies and medical providers have adhered to for decades puts consumers at significant risk."
Healthcare Information and Management Systems Society: "Combined, the two regulations provide patients with unprecedented safe, secure access to their health data to make informed healthcare decisions and better manage their care," HIMSS said in a March 9 news release. "This effort to place patients at the center of care delivery and provide them more control is the centerpiece of the Trump Administration's work toward a value-based healthcare system."
American Hospital Association: "America's hospitals and health systems support giving patients greater access and control over their health data…" AHA president and CEO Rick Pollack said in statement emailed to Becker's. "However, today's final rule fails to protect consumers' most sensitive information about their personal health. The rule lacks the necessary guardrails to protect consumers from actors such as third-party apps that are not required to meet the same stringent privacy and security requirements as hospitals. This could lead to third party apps using personal health information in ways in which patients are unaware. These guidelines are too important not to get right. We need to stand on the side of the patient by protecting patient privacy and strengthening security in this rule."
Federation of American Hospitals: The final interoperability rules issued [March 9] lack adequate privacy and security requirements for third-party apps — leaving patients susceptible to misuse of their data and unnecessarily risking patient trust," FAH president and CEO Chip Kahn said in a statement emailed to Becker's. "Hospitals are held to high standards to protect our patient privacy and security; third-party apps should be too. At a time when almost all of one's personal information is accessible on your phone; patients deserve the same convenience for their healthcare needs. But, we owe it to patients to protect their privacy and security. This regulation does not meet that test."