Knowledge Center
Episode 178: Pitfalls But Promise. The State of Healthcare Cybersecurity with Scott Mattila, COO & Chief Security Officer, Intraprise Health
March 14, 2022
Written by Charles Stellar, WEDI President & CEO
The engine that runs the US healthcare system is data exchange between patients, providers, and health plans. While we’ve made great strides in the last quarter century making that engine run smoothly and efficiently, more work is left to be done before that engine is firing on all cylinders.
Improved data exchange was first prioritized in the early 1990s by Louis Sullivan, M.D., then Secretary of the Department of Health and Human Services. As a practicing physician, Dr. Sullivan experienced firsthand the difficulties associated with data exchange-no national standards for transmitting critical transactions such as healthcare claims, patient insurance eligibility and benefits, prior authorization for medical services, provider payment, and others. Too often, phone, fax, or mail would be used to conduct these communications. Dr. Sullivan created the Workgroup for Electronic Data Interchange (WEDI) to draft a blueprint for standardizing electronic data exchange and establishing guardrails to ensure that the privacy and security of the data would be maintained. This blueprint would later be incorporated into the Health Insurance Portability and Accountability Act of 1996, better known as HIPAA.
While HIPAA was modestly successful in moving the industry toward the use of electronic transaction standards, numerous gaps remained. Some electronic transactions, such as healthcare claims, are highly used and very efficient while others, including prior authorization, continue to be conducted primarily through inefficient manual means. The Patient Protection and Affordable Care Act of 2010 added new electronic transaction requirements and the 21st Century Cures Act of 2016 mandated a new era of data exchange leveraging Fast Healthcare Interoperability Resources (FHIR) standards to support application programming interfaces (APIs), the same standard that power the apps we use on our phones and tablets. FHIR and APIs not only support the exchange of data between providers and health plans, but they also can empower patients by providing them access 24/7 to their health information, enabling them to be full partners in the care delivery process.
Work continues here at WEDI and through other industry initiatives to improve what HIPAA started and implement data exchange solutions using FHIR. It is an exciting future for healthcare professionals and patients alike. Standardizing and streamlining the flow of health information not only reduces overall cost to the system but getting better data in the hands of clinicians, insurers, and patients when they need it will translate directly to improved care outcomes.