Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
Federal agencies’ electronic medical records are about to get a lot more interoperable with private sector health providers. Agencies like the Defense Department and the Department of Veterans Affairs are already members of eHealth Exchange, the country’s biggest health information exchange network. But they’ve now reached legal agreements that will let them start using a much broader...
Federal agencies’ electronic medical records are about to get a lot more interoperable with private sector health providers. Agencies like the Defense Department and the Department of Veterans Affairs are already members of eHealth Exchange, the country’s biggest health information exchange network. But they’ve now reached legal agreements that will let them start using a much broader health interoperability framework. That’ll add another 20 networks to the federal interoperability picture. Alan Swenson is executive director of Carequality, the nonprofit that runs the framework. He talked with Federal News Network’s Deputy Editor Jared Serbu on the Federal Drive with Tom Temin.
Jared Serbu: So folks actually know what we’re talking about here. Can you give us just a quick 101 on on the plumbing behind our nation’s entire health information exchange infrastructure and where you sit within that?
Insight by Pegasystems: During this exclusive webinar, moderator Jared Serbu and guest Lily Zeleke, acting DCIO for information enterprise, Office of the DoD CIO with the Department of Defense will discuss software modernization strategy at the Department of Defense.
Alan Swenson: Yeah, sure. Absolutely. Thanks, Jared. There’s a lot going on in the nation with health care interoperability, it’s a big focus of the federal government and has been for quite a while. So Carequality, the organization that I represent is a nationwide exchange framework that enables the exchange of information across disparate networks throughout the country. So as many of you probably know, there are state and regional [health information exchanges] all around the country. There are [electronic health record] vendors that have their own networks for exchange between their customers. There are vendors that sell proprietary APIs and things to vendors that don’t otherwise have the capability to easily exchange and then have a network through their customers. And then there are large networks that cross HIEs across some of the vendors such as the eHealth Exchange and CommonWell, a few of the big ones that often get talked about. Carequality is a framework that connects all of those networks that participate so that the participants of one network are able to exchange with the participants of another network without having to have any sort of agreements or anything in place, technical or legal, that is all under the framework and governance of Carequality to make it so that for example, the participants under the health exchange can communicate with the participants of CommonWell without the two needing to be members of each other’s networks.
Jared Serbu: Sounds like a big part of it is almost like a translation layer to make one exchange’s information comprehensible by another one system’s information comprehensible by another? Is that the right way to think about it?
Alan Swenson: Yeah, certainly to some extent. The example that we often give is kind of the cell phone network, right? If I use Verizon you use AT&T or whatever, you know, back in the day, I used to have to count my minutes and count my text messages. And I would get a certain number of messages when sending to other people using Verizon. But then I had to pay if I was sending someone AT&T, etc. And this is kind of where we’ve been at with health care interoperability. And Carequality gets rid of a lot of that by just making it so that you don’t actually need to know or care whether you’re communicating with someone who’s also on the same network as you, or across network, we require everyone to read to the same contractual terms, we provide the technical directory so that organizations can communicate and find each other across the country. And then we do point to and define and further constrain some of the specific industry standards for anyone on the technical side, there are a lot of different standards that are used. And each network may have different standards that they use within their network. But then at the network gateway level, they would translate to the specific standards that carry quality points to so that when again, eHealth Exchange and CommonWell as an example, are communicating with each other, the transaction in the middle is always the same, even if you held exchange within its own community, maybe using different standards.
Jared Serbu: Got it. So let’s talk a bit about as a practical matter what the federal government joining actually means. What can a provider do today that he or she couldn’t do six months ago? Or what could they see that they couldn’t see six months ago?
Alan Swenson: Yeah, great question. So the federal agencies, or some of them, already and have been longtime participants in the eHealth Exchange, specifically as a network for exchange. Some of the primary ones being [Department of Defense], [Department of Veterans Affairs], and [the Social Security Administration], there certainly are others that participate. But I know those are the ones that I’ve at least done the most work with in coordinating a lot of this. So what this means is that there are a number of organizations that participate and do disability claims ajudication with the Social Security Administration, or treat, you know, active servicemen and women or veterans and are exchanging records with the DoD and VA on a regular basis. And some of that happens with point to point connections or some of that happens with organizations joining the eHealth Exchange, in order to participate with those federal agencies. Those federal agencies will now have the ability to agree to some flow down terms through the eHealth Exchange, who connects them to Carequality in order to allow them to expand and exchange with other organizations across the entire Carequality framework, not just within the eHealth Exchange network that they’re currently connected to today.
Jared Serbu: And I understand part of, I don’t know if delay is the right word here, but part of the challenge in getting the federal agencies on board was that they wanted specific policy language in their agreements with you. How different is the federal space here compared to all of the private exchanges that you’ve dealt with over the years? What’s special about the feds?
Alan Swenson: Well, I don’t want to say there’s nothing special about the feds, there certainly are special things about the feds. But anytime that lawyers get involved, things quickly get more complicated. And that’s where a lot of this, you know, wasn’t necessarily that there was anything that ever prohibited the federal agencies from participating in the past. Rather, there was some interpretation of how we point to certain federal laws and just kind of defer to applicable law allowing a lot of participating organizations to determine which federal and state laws and regulations would apply to their organization. There were some concerns from the federal agencies and their legal representatives of how that would apply to some of the specific federal regulations that only apply to federal agencies and don’t necessarily apply to the other organizations that are already participating around the country. And so a lot of what needed to be updated, and ultimately, what was updated is Carequality has a single document, Carequality Connected Agreement, and that is what all of these networks agree to in order to ensure consistent legal terms across everyone participating. And then there are some specific terms that those implementers we call them, those networks are implementers of the Carequality framework, there are some specific terms that they have to flow down to their connected organizations. And there were some clarification and updates that we made in both of those documents to ensure that there are specific things that are carved out for federal agencies, or that are called out for federal agencies that have other applicable law and regulations. Beyond just the basics of HIPAA and things that apply to other health care organizations.
Jared Serbu: Got it just at the risk of stating the obvious here. One of the reasons I think this is so important is both DoD and VA increasingly have patients that are being seen by private providers. So it’s obviously incredibly useful for their primary care providers to be able to see medical records that were generated on the outside. Does that relationship work both ways? Can that outside private sector provider now see records that were generated from within one of the federal agencies?
Alan Swenson: Yeah, absolutely. And actually, that’s one of the fundamental tenants of Carequality is reciprocity. In particular, when exchange is happening for the purpose of treatment, there are some additional requirements around like what the SSA does is for coverage determination, or if it were payment operations, patient initiated requests, public health, etc. But when an exchange is happening for the purpose of treatment, we do require that organizations that ask for information from others also share their information with others. So there’s a reciprocity requirement there. Now, again, some of that gets into what the federal agencies had some concerns around certain types of data that they may not be able to always share, or that they need to ensure is covered when the other organization is receiving that from the federal agency. So we do have some call outs there to ensure that all of that is met. And then federal agencies are comfortable. But what it ultimately means is that once, let’s say the DoD, for example, were to connect, they would immediately be able to exchange records bidirectionally, with every other already connected Carequality participating organization without any pre-coordination or special agreements with those organizations.
Jared Serbu: Before we close out here, can you just say a bit about protecting health information? I mean, obviously, we want as much interoperability as possible. But I assume you don’t want a situation where any provider in the country can look at any individual patient’s record, regardless of whether they have a relationship with them. So how do you go about verifying that this request for data is in fact for bonafide medical treatment?
Alan Swenson: Yeah, and for the most part, it is factual and policy base. Carequality itself has nothing technical in the middle, the exchange between DoD through the eHealth Exchange, for example, over to, you know, a clinical works site or an epic site or something would be directly from the eHealth Exchange server to you know, those ethics servers or clinical work servers. There’s nothing that goes through Carequality, we provide the technical server certificates, so that exchange the mutual TLS can be trusted. And we also provide the directory so the organizations can find each other. But ultimately, we then have contractual terms and policies around what does treatment for example, mean, largely pointing to the definition under HIPAA. And then we have processes where if there are concerns or issues that arise we have a dispute resolution process and are able to point to those policies. But one of the main tenants of Carequality really is trust and that you don’t necessarily know anything about the organizations you’re exchanging with. But because everyone has agreed to the same contractual and policy terms, you can trust that they are using it in the same manner that you are using it and therefore don’t need to know anything else about that organization. They are approved by Carequality and added into this directory, even though Carequality doesn’t necessarily see the transactions to verify in the middle.