Skip to content

Knowledge Center

Episode 178: Pitfalls But Promise. The State of Healthcare Cybersecurity with Scott Mattila, COO & Chief Security Officer, Intraprise Health

February 22, 2024

In the fast-evolving landscape of health care data management, the WEDI Emerging Technology Subworkgroup identified critical issues raised on the recent WEDI webinar "The Road to Interoperability Series: Patient Access API & Provider Access API.” The SWG session brought to light both the achievements and the hurdles in the journey towards seamless patient data access and privacy. Led by a diverse group of experts, the dialogue traversed the complexities of interoperability rules, patient & provider access capabilities, and the burgeoning role of technology in health care.

The SWG outlined the successes and shortcomings of existing interoperability rules, highlighting the critical need for payers to educate patients on the capabilities this new Patient API mandate has made available to them. At the same time, meeting participants pointed out a significant gap in the proposed rules: a lack of notification capabilities, which could further impede third-party app developers in their quest to access data and APIs. The inconsistencies in data presentation, the challenges of end-point discovery, and the dearth of developer support mechanisms were emphasized as key barriers needing immediate redress.

The conversation then shifted toward the Provider Access API, where the group discussed the thorny issue of member/provider attribution and the varied processes among payers.  Several innovative provider attribution techniques were shared. The discussion also underscored the importance of patient control over their data, amid concerns over the opt-out nature of the provider access API. The group grappled with the need for a mechanism that supports granular consent and allows patients to manage who gets access to their data, emphasizing the complexities and potential privacy concerns that accompany the implementation of such a system.

Data integration challenges were also addressed by the SWG, with some advocating for the importance of data provenance with data quality and others discussing the intricacies of sharing granular patient information. The conversation highlighted the vital role of Health Information Technology (HIT) systems and the challenges providers face in sharing information with payers.

A particularly insightful moment came when the discussion turned to the potential of Artificial Intelligence (AI) in health care. The group explored the potential of AI in enhancing decision-making and simplifying patient communications, and shared examples of successful AI applications. Yet, this enthusiasm was tempered with caution, with many stressing the importance of accuracy and the safe implementation of AI technologies.

HIPAA privacy regulations and its implications on data sharing also took center stage, with a dissection of the nuances of clinical data exchange for treatment, payment, and health care operations. The conversation highlighted the potential benefits of allowing providers access to formulary information, which could significantly improve discussions around drug coverage and affordability.

The meeting concluded with actionable next steps, including addressing the issues surrounding patient attribution. The commitment to enhancing data quality and ensuring the effective integration of data from various sources was clear.

In sum, the WEDI SWG meeting underscored the complexities of navigating the health care data landscape, the imperative for patient-centric privacy measures, and the untapped potential of technology to revolutionize patient care. As the conversation continues at WEDI, the path forward is paved with challenges, but also with the promise of a more integrated, accessible, and patient-focused health care system.

Scroll To Top