The Meaningful Use Stage 2 Balance


Over the past 4 days many people have written about Meaningful Use Stage 2.  Some have said it too aggressive, some have said it is not aggressive enough.

To me, the perfect compromise means that every stakeholder is just a little unhappy but all can live with the outcome.

I believe MU Stage 2 achieves this level of balance.

Complaints I've heard include

*The NPRM required that 10% of transitions of care include electronic transmission of structured data across vendor boundaries. The final rule still requires 10% transmissions but eliminates the requirement for transmission across vendor boundaries, instead noting that a single transition of care must be sent across vendor boundaries or to a test EHR operated by CMS for the purpose of receiving and validating these transactions.   Some have said that proprietary HIE within a single vendor product may still persist.   My experience in Massachusetts suggests that the care coordination demands of accountable care organizations are creating pressures on vendors to open their platforms to third party analytics, personal health records, and community HIE infrastructures.   The Meaningful Use requirement to reconcile problems, meds, and allergies plus the required demonstration of data exchange across vendor boundaries will melt away proprietary silos of data.

*The NPRM required that EHRs support "download and transmit" of DICOM images to third-parties:

"We propose to require EHR technology to be capable of enabling images formatted according to the Digital Imaging and Communications in Medicine (DICOM) standard to be downloaded and transmitted to a third party. We believe this specific capability has the potential to empower patients to play a greater role in their own care coordination and could help assist in reducing the amount of redundant and duplicative imaging-oriented tests performed. In fact, the National Institutes of Health has recently funded activities focused on personally controlled sharing of medical images and published a solicitation notice on the same topic."

The final rule drops this requirement and includes only viewing of image data within the EHR.

"Image results. Electronically indicate to a user the availability of a patient’s images and narrative interpretations (relating to the radiographic or other diagnostic test(s)) and enable electronic access to such images and narrative interpretations."

Although many people will argue with me, I believe that cross organizational internet-based DICOM exchange still needs refinement before making it a certification requirement.  If the standards for ubiquitous exchange across EHRs are good enough, then why do third party cloud-based image exchange companies such as LifeImage have so many customers?

I agree that image exchange is important to reduce costs and enhance quality of care.   It's a perfect requirement for Stage 3, once EHRs have enabled view capability and the Standards Committee has reviewed existing standards to assess the readiness of existing implementation guides for cross organizational internet-based exchange.

*There have been questions about the protection of patient privacy, given the increased amount of data sharing in MU Stage 2

I think of privacy as maintaining confidentiality per personal preferences.

Per wikipedia's definition of informational privacy

"Medical privacy allows a person to withhold their medical records and other information from others, perhaps because of fears that it might affect their insurance coverage or employment, or to avoid the embarrassment caused by revealing medical conditions or treatments."

Patient accessible audit trails enable the patient to monitor/enforce their preferences for information sharing

Encryption prevents breaches when mobile devices are stolen.  Encryption of client devices is required by MU Stage 2

"7) End-user device encryption. Paragraph (d)(7)(i) or (ii) of this section must be met to satisfy this certification criterion.

(i) EHR technology that is designed to locally store electronic health information on end-user devices must encrypt the electronic health information stored on such devices after use of EHR technology on those devices stops."

In addition, given that audit trails record the encryption status of client devices, the Office of Civil Rights can hold individuals accountable for breaches involving non-encrypted client devices.  Increased enforcement will lead to increased encryption.

*Some complained about the real world operational impact of the workflow changes implied by MU Stage 2.

The Standards Committee is compromised of world class professionals who implement systems for a living.   Their advice (especially that of the Implementation Workgroup) is from the trenches.

My honest opinion is that MU Stage 2 creates stretch goals for vendors, IT departments, and providers, but all are achievable.   MU Stage 2 lives up the metric first articulated by David Blumenthal - the escalator should move up fast, but not so fast that people fall off.

Next week I'll met with the BIDMC CEO to finalized my major thematic goals for FY13.  I'll tell him that MU Stage 2, ICD10 and Compliance/Regulatory support are my focus for the next year.    The change management of implementing so many new applications and workflows will not be easy, but the taking the uphill road often leads to the best views.   I believe the MU Stage 2 appropriately balances policy goals, change management realities and clinical quality imperatives.