HIPAA, HITECH Still Limiting Health Data Exchange Innovation

Regulations barring EHR companies from charging health data exchange fees could inhibit innovation.

By Kate Monica on

The author of a new editorial on the Health Affairs Blog asserted that federal regulations HIPAA and HITECH— not EHR companies — are responsible for limiting interoperability improvements and obstructing health data exchange.

The op-ed by UConn Business School Assistant Professor of Operations and Information Management and non-resident fellow at Brookings Institution Niam Yaraghi stated a handful of uncooperative EHR companies and medical providers are not at the root of the nation’s interoperability problem.

Sign up for our newsletter!

“To be sure, there are some vendors that have violated their agreement to not intentionally block data transmission,” wrote Yaraghi. “But most of them are in perfect compliance with the guidelines.”

Instead, Yaraghi indicated certain regulations part of HIPAA and the HITECH Act of 2009 could be culpable for slowing improvements in health data exchange. Specifically, the regulation in HITECH deeming the free transmission of EHR data an individual right and the regulation in HIPAA barring EHR vendors from monetizing health data may have adverse effects on enabling progress.

“Declaring something as a right creates expectations, but it does little to help overcome specific obstacles,” stated Yaraghi. “Congress’s decision to declare free transmission of medical data as a patient’s right does nothing to help it happen.”

Yaraghi suggested banning health IT companies from charging fees for data exchange eliminates the incentive for businesses to invest in interoperability services. Allowing health IT companies to charge for health data exchange could foster competition and accelerate innovation.

“Theoretically, EHR vendors can fold the data transmission costs into other fees that they charge providers,” reasoned Yaraghi. “However, this would even further strengthen their monopoly and keep the actual exchange fees unreasonably high because currently only they can charge exchange fees, although indirectly.”

“If it was legal to directly charge a data exchange fee, other innovators would compete to provide exchange services at a lower cost and higher quality,” he added.

Yaraghi also points out other industries that have been successful in enabling data exchange charge fees for transmission. The banking industry, for example, is permitted to charge a fee for allowing customers to transfer finances over the internet.

“The online banking system and seamless exchange of financial data became possible only because there were no rules prohibiting banks from charging fees for providing such services,” he wrote. “Naturally, as soon as banks realized the benefits of online banking and exchange of financial data, they came together and created a system that is the envy of the health care system.”

The maturation of online banking demonstrates what could happen eventually in the healthcare industry if health IT companies and interoperability services providers are able to monetize aspects of health data exchange.

“It is now time to realize that under the current regulatory framework, every effort to enable information exchange in the health care industry is destined to fail,” he maintained. “Congress should learn a lesson from the success of banking industry and revise HIPAA and HITECH to allow providers and EHR vendors to charge fees for exchange of medical data.”

This op-ed followed a post on Health Affairs Blog by former ONC Chief Privacy Officer Lucia Savage urging the Office of Inspector General (OIG) to enforce regulations part of HIPAA banning EHR companies from profiting off patient protected health information (PHI) exchange.

“Building a revenue stream out of charging exorbitant fees to transmit the protected health information is arguably the EHR developer’s business, not the provider or hospital’s health care operations,” she wrote.

The EHR Association (EHRA) Executive Committee responded to accusations of charging unlawful fees with a statement that charging for customization, additional data collection, and data integration with a registry is legal and reasonable. 

Tagged EHR InteroperabilityEHR UseHealth Data ExchangeHealth IT InnovationHIPAA

Dig Deeper

View on EHRIntelligence