The following is a guest article by Alvin Loh, senior director of product at Redox.
No nation on earth has a more illustrious record of space exploration than the United States. While unmanned missions to Mars and beyond have continued at a brisk pace – yielding extraordinary pictures and information from distant worlds – the U.S. gave up on launching its own manned space missions in July 2011. In the face of a waning commitment from Washington, the private sector stepped in to fill the void. This past May, SpaceX launched two astronauts into orbit – and a second manned mission is set for November 14. We may be about to see the private sector take the reins of another large-scale initiative that most expected the federal government would lead: the development of a unique patient identifier (UPI).
The Government’s Funding Ban
The issue of creating a UPI at the national level has been considered through the years. Unfortunately, it has been difficult to gain the necessary approval in Washington. When HIPAA became law in the 1990s, it required the creation of a health identifier. But Congress quickly intervened and restricted the use of federal funds for developing a UPI. Due to concerns about data security and an individual’s privacy rights, Texas Congressman Ron Paul led an effort prohibiting the use of federal funding to create a UPI. That ban has been continually renewed since 1998 – despite repeated repeal efforts, including this year’s bipartisan Foster-Kelly Amendment and the efforts of a coalition of health organizations to convince lawmakers of the need for an identifier.
Record Locator Services as a First Step
With movement in Washington at a standstill, private companies are working to create solutions, such as record locator services. Although individual steps toward a UPI are helpful, it is critical to have a community effort centering around a standard. A system with services that aren’t compatible runs contrary to the central purpose of a single identifier. Additionally, patients and providers are unlikely to be interested in adopting more than one service.
We’re seeing the same thing happening with the development of matching records as we did with EHRs, which, as a source of truth, contain invaluable patient information. Yet many of the EHRs do not interoperate and healthcare organizations view patient data as their “asset.” In most cases, industry players zealously guard all their matching algorithms – a replay of the development of EHRs. To create a standard matching algorithm, it would be far better to open these algorithms up, share them and encourage scrutiny of ongoing developments.
The specter of government oversight must also be considered. Just because our legislators haven’t approved funds for this for over 20 years doesn’t mean they won’t change course if they see a viable option from the private sector. But elected officials and regulators will need to be convinced that the initiative makes sense.
Looking to the Private Sector
How likely is it that the private sector will seize the initiative? When the government’s interest in space exploration waned, the private sector took the helm. Similarly, interest in the private development of a national UPI grows with every instance of a patient not having their information available at times of greatest need.
When a person applies for a financial loan, computers are able to review records and render a decision based on a comprehensive view of an applicant’s current and past profile – and often do it within seconds. But when a person’s health history is needed, clinicians, ER personnel and first responders often have to rely on the imperfect – and stressed – accounts of experiences, medications, allergies and test results provided by patients and their families. Cobbling together shards of patient history – and hoping all relevant information has been assembled – increases the risk of an adverse medical event while also making it difficult for patients to get the comprehensive care they need.
Security Must be Paramount
Regardless of whether solutions come from the federal government, the private sector or both, data security and privacy will be at the top of the priority list. Individuals and lawmakers have legitimate concerns about sensitive personal data being exposed by cyberthreats or government entities being able to snoop on private citizens.
For example, access to patient identifiers might only be granted to the digital products healthcare organizations have already chosen as a part of their care continuum. Who is able to use a UPI to locate patient records will be selective and built around the trusted systems and providers used by the healthcare organizations a patient chooses for their medical care.
A unilateral approach to developing a UPI won’t work. But getting everyone on board to work together is easier said than done. In addition to a number of politicians who have privacy and security concerns about a UPI, there are businesses that are reluctant to support the cause. Similar to this spring, when a number of EHR vendors voiced objections to the Office of the National Coordinator for Health Information Technology’s interoperability rule changes, there are companies that want to protect their turf. They won’t be quick to contribute to a cause that requires them to sacrifice market advantages. Consequently, companies that are committed to true interoperability and can offer a community approach will provide the direction and guidance needed for patients to have their personal health data in one place where they can access and control it as they see fit.
We don’t need an act of Congress (literally) to make this happen. If government-sanctioned organizations won’t lead the way toward a national UPI, look for private entities to do it.