2 min read
Why Privacy-Centric Interoperability is Key
Mike Arce : 12.14.22 3:50 PM
At almost every healthcare organization I’ve worked with over the years, I see different priorities between Health Information Management (HIM) and IT teams. It makes sense: Each has different skill sets, training, and areas of accountability.
On the one hand, you have HIM folks who have been extensively trained in and are highly concerned with things like tracking documentation deficiencies, coding complex visits and, very importantly, protecting patient data privacy. They are the guardians of patient data and want to ensure sensitive health information doesn’t get into the wrong hands. On the other hand, you have IT folks who are concerned with maintaining complex systems, implementing new features and applications, and, on top of that, data interoperability. When it comes to how data is shared, the question that’s top of mind for them is: How can we make the technical connections to get data where it needs to go?
When it comes to data sharing, the different priorities between HIM and IT don’t need to compete. At Moxe, we know the importance of both creating a strong data pipeline and controlling what is sent through that pipeline.
Our privacy-centric interoperability solution bridges the gap between HIM and IT, giving our customers both top notch interoperability and stringent patient privacy standards.
Without privacy-centric interoperability, organizations can fall into one of two extremes
On one end of the spectrum are those organizations that prioritize patient privacy above interoperability and will only manually release data. They use people to help ensure only the right data is released to the right places at the right time. As we all know, this method of record release is inefficient and costly, but it allows organizations to keep tight control over what gets released.
The other extreme is those organizations that are hyper-focused on interoperability. Their data exchange solutions allow for the free flow of data, but with those solutions the onus is often on the data requestor or the IT department to follow policies that are meant to protect patient privacy. Relying on a requestor to follow the rules surrounding patient privacy places a lot of trust outside of the organization. Unfortunately, too often bad actors are only revealed during audits, which can occur months after data was released and potentially used inappropriately. As providers, health information exchanges, and interoperability networks look to open up more options for non-treatment or patient-directed interoperability, many have voiced concerns about how requestors of data will use this information.
Marrying connectivity with control
At the heart of it, privacy-centric interoperability is about marrying technical connectivity with control. In order to use clinical data to run the business of healthcare, make it more affordable, and improve outcomes across the healthcare ecosystem, we must have effective interoperability. In order to maintain patient and provider trust, reduce abrasion between providers and payers, and empower healthcare systems to remain guardians of patient data, we must ensure any interoperability solution effectively safeguards patient privacy.
At Moxe, we invest a lot of time with our customers during the implementation discovery and design phase to ensure we put the necessary controls on their data pipeline. With HIM, IT, privacy, and other teams around the table, we ask questions like:
- How do you flag a sensitive patient, visit, data element?
- What are the orders or notes that are considered sensitive? Departments?
- What do YOU consider to be the minimum necessary data to release for varying use cases?
We always ask customers to think about other data use cases we may have missed, and we work together until we are both comfortable with how we’ve set up the controls.
Privacy-centric interoperability is at the core of all of our solutions because we recognize the criticality of effective and efficient data sharing, but we also believe that patient privacy should be respected and safeguarded. We know you can have both connectivity and control.
If you’re interested in exploring how our privacy-centric interoperability solutions might help your organization reduce administrative waste, improve outcomes, and contribute to a better healthcare ecosystem for all, we’d love to chat. Please drop us a line here.