[Senate Hearing 114-670] [From the U.S. Government Publishing Office] S. Hrg. 114-670 ACHIEVING THE PROMISE OF HEALTH INFORMATION TECHNOLOGY: INFORMATION BLOCKING AND POTENTIAL SOLUTIONS ======================================================================= HEARING OF THE COMMITTEE ON HEALTH, EDUCATION, LABOR, AND PENSIONS UNITED STATES SENATE ONE HUNDRED FOURTEENTH CONGRESS FIRST SESSION ON EXAMINING ACHIEVING THE PROMISE OF HEALTH INFORMATION TECHNOLOGY, FOCUSING ON INFORMATION BLOCKING AND POTENTIAL SOLUTIONS __________ JULY 23, 2015 __________ Printed for the use of the Committee on Health, Education, Labor, and Pensions [GRAPHIC NOT AVAILABLE IN TIFF FORMAT] Available via the World Wide Web: http://www.gpo.gov/fdsys/ U.S. GOVERNMENT PUBLISHING OFFICE 95-737 PDF WASHINGTON : 2017 ---------------------------------------------------------------------------------------- For sale by the Superintendent of Documents, U.S. Government Publishing Office, http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Publishing Office. Phone 202-512-1800, or 866-512-1800 (toll-free). E-mail, [email protected]. COMMITTEE ON HEALTH, EDUCATION, LABOR, AND PENSIONS LAMAR ALEXANDER, Tennessee, Chairman MICHAEL B. ENZI, Wyoming PATTY MURRAY, Washington RICHARD BURR, North Carolina BARBARA A. MIKULSKI, Maryland JOHNNY ISAKSON, Georgia BERNARD SANDERS (I), Vermont RAND PAUL, Kentucky ROBERT P. CASEY, JR., Pennsylvania SUSAN COLLINS, Maine AL FRANKEN, Minnesota LISA MURKOWSKI, Alaska MICHAEL F. BENNET, Colorado MARK KIRK, Illinois SHELDON WHITEHOUSE, Rhode Island TIM SCOTT, South Carolina TAMMY BALDWIN, Wisconsin ORRIN G. HATCH, Utah CHRISTOPHER S. MURPHY, Connecticut PAT ROBERTS, Kansas ELIZABETH WARREN, Massachusetts BILL CASSIDY, M.D., Louisiana David P. Cleary, Republican Staff Director Evan Schatz, Minority Staff Director John Righter, Minority Deputy Staff Director (ii) C O N T E N T S __________ STATEMENTS THURSDAY, JULY 23, 2015 Page Committee Members Alexander, Hon. Lamar, Chairman, Committee on Health, Education, Labor, and Pensions, opening statement......................... 1 Murray, Hon. Patty, a U.S. Senator from the State of Washington.. 3 Cassidy, Hon. Bill, a U.S. Senator from the State of Louisiana... 28 Franken, Hon. Al, a U.S. Senator from the State of Minnesota..... 30 Enzi, Hon. Michael B., a U.S. Senator from the State of Wyoming.. 32 Baldwin, Hon. Tammy, a U.S. Senator from the State of Wisconsin.. 34 Bennet, Hon. Michael F., a U.S. Senator from the State of Colorado....................................................... 36 Whitehouse, Hon. Sheldon, a U.S. Senator from the State of Rhode Island......................................................... 38 Witnesses Kendrick, David C., M.D., MPH, Chair, Department of Medical Informatics, University of Oklahoma, CEO, MyHealth Access Network, Tulsa, OK............................................. 5 Prepared statement........................................... 7 Mirro, Michael J., M.D., FACC, FAHA, FACP, Past Chair, Medical Informatics Committee, American College of Cardiology, and Chief Academic/Research Officer, Parkview Mirro Center for Research and Innovation, Fort Wayne, IN........................ 13 Prepared statement........................................... 15 Kibbe, David C., M.D., MBA, President and CEO, DirectTrust, Senior Adviser, American Academy of Family Physicians, Washington, DC................................................. 17 Prepared statement........................................... 19 Black, Paul M., MBA, President, Chief Executive Officer and Director, Allscripts, Chicago, IL.............................. 22 Prepared statement........................................... 23 ADDITIONAL MATERIAL Statements, articles, publications, letters, etc.: American College of Cardiology, Heart House, Letter.......... 50 Response by David C. Kendrick, M.D., MPH, to questions of: Senator Alexander........................................ 53 Senator Murray........................................... 54 Senator Enzi............................................. 55 Senator Casey............................................ 57 Senator Baldwin.......................................... 58 Senator Cassidy.......................................... 58 (iii) ACHIEVING THE PROMISE OF HEALTH INFORMATION TECHNOLOGY: INFORMATION BLOCKING AND POTENTIAL SOLUTIONS ---------- THURSDAY, JULY 23, 2015 U.S. Senate, Committee on Health, Education, Labor, and Pensions, Washington, DC. The committee met, pursuant to notice, at 10:05 a.m., in room SD-430, Dirksen Senate Office building, Hon. Lamar Alexander, chairman of the committee, presiding. Present: Senators Alexander, Enzi, Cassidy, Murray, Casey, Franken, Bennet, Whitehouse, and Baldwin. Opening Statement of Senator Alexander The Chairman. Senator Murray will be here, but she has asked me to go ahead and start. Welcome. This is a hearing of the Committee on Health, Education, Labor, and Pensions. Senator Murray and I will each have an opening statement. Then we will have our witness testimony. We will ask you to summarize your remarks in 5 minutes. Then we will have questions. I need to leave at 10:30 a.m. for just a few minutes to go vote in an Appropriations hearing, and Senator Enzi will preside during that time. Then I will be right back. I don't want to miss anything from our witnesses. I read your testimonies, very helpful. Today's hearing is on information blocking. What does that mean? Here is an example. If I suddenly found myself at the Vanderbilt University Medical Center emergency room and the doctors there wanted to get my paperwork from the hospital and doctors that I usually use, information blocking means there is some obstacle getting in the way of my personal health information being sent to the Vanderbilt University emergency room. This could happen in a variety of ways. No. 1, could be that my usual hospital refuses to share my information. No. 2, the electronic systems at both hospitals don't talk to each other. That could happen. No. 3, my usual hospital says it will charge Vanderbilt a huge fee to send my electronic records. No. 4, my usual hospital might say it can't share them for privacy reasons. That could be our fault here in the Federal Government. No. 5, or my usual hospital won't send them because they cite concerns about data security. There could be a lot of reasons why I am sitting there in the Vanderbilt University emergency room, and the doctors can't get my medical records. Since 2009, American taxpayers have spent $30 billion to encourage doctors in hospitals to install electronic health record systems through incentive payments to Medicare and Medicaid providers. One of the chief goals was to improve the electronic exchange of a patient's health information between physicians' offices and urgent care centers and hospitals and pharmacies. By encouraging these practitioners to adopt these systems and then encourage the manufacturers of the system to make them able to communicate with one another, we call that interoperability. That way, for example, I could have my physician send my records easily to a specialist who could have my entire medical history right in front of her before I even had my first appointment. No more printing of papers that I have to go to pick up and bring to my appointment, have added to a paper file, and then reentered into the specialist's computer. The Federal Government even went so far as to certify certain systems so physicians and hospitals generally expected that the certified systems would enable them to transfer records. But interoperability, this communication among systems that is so critical, has been difficult to achieve. Information blocking is one obstacle to interoperability, and I am interested to hear today from the witnesses the extent to which it is a problem, the extent to which the Government may share the blame and the extent to which the Government can encourage interoperability. It could loosely be defined as intentionally interfering with access to my personal electronic health information. Here is what Reid Blackwelder, a family physician in Kingsport, TN, told the New York Times earlier this year, ``We have electronic records at our clinic. The hospital, which I can see from my window, has a separate system from a different vendor. The two don't communicate. When I admit patients to the hospital, I have to print out my notes and send a copy to the hospital so they can be incorporated into the hospital's electronic records.'' Last year, I worked with the Appropriations Committee to acquire a report from the Office of the National Coordinator on information blocking. We received the report from Dr. DeSalvo and her team, who did a good job describing the various kinds of information blocking. The report described the sorts of information blocking and the scenarios I outlined earlier. It concluded that successful strategies to prevent information blocking will likely require congressional intervention, but this is not the only view of the practice. Some view information blocking as rational, competitive practices by for-profit businesses in a competitive healthcare industry. In other words, why would a hospital or physician network make it easy for a patient to go out of their network when that is against their business interest, these persons might say. Senator Murray and I have created working groups within our committee to deal with the various issues on electronic medical records. We have also created a good working relationship with Secretary Burwell, Secretary of HHS. In fact, we had breakfast with her this morning and discussed this subject some. Let me just give my own view about this. Based upon what I have heard from doctors, hospitals, administrators, meaningful use Stage 1 helped encourage adoption. Meaningful use 2 was a mixed blessing. Meaningful use 3 is a whole other kettle of fish. The head of Mayo Clinic came to see me recently and said that Mayo, which is unique in some ways, is budgeted spending $1 billion over the next 4 years with 500 employees working on it in order to put in place the requirements of meaningful use Stage 3. Another well-respected hospital told me that meaningful use 1 and 2 worked OK, but they were terrified by meaningful use 3. My instinct is to say to Secretary Burwell let us not go backward on electronic healthcare records, but let us not impose on physicians and hospitals a system that doesn't work and which they spend most of their time dreading. Half the doctors are now paying penalties rather than participate in electronic medical records. We want something that physicians and hospitals buy into that help patients rather than something that they dread. One of the questions I will be interested in hearing the witnesses talk about is the extent to which we might want to slow down the implementation of Stage 3 of electronic healthcare records, not with the idea of backing up on it, but with the idea of saying let us get this right before we set 500 employees and $1 billion to work at the Mayo Clinic implementing a system that is not right and that we then have to change in 2 or 3 or 4 years, or that we impose on physicians and doctors such an onerous system that we get a huge backlash in 2 or 3 years and waste the effort that we have made today. I took a little longer than I normally would in saying that, but this is our fourth hearing on electronic health records. We have got another one scheduled for September and then another one in October. We intend to make whatever results a part of our medical innovation legislation, which we hope to finish by the end of the year. This is a serious subject, both for Senator Murray and for me and for Democratic and Republican members of the committee. We are looking for advice about the right thing to do. Thank you. Senator Murray. Opening Statement of Senator Murray Senator Murray. Thank you very much, Chairman Alexander. Thank you to all of our witnesses and colleagues who are here with us today. I believe strongly that when it comes to our country's healthcare system, we need to keep moving forward, and that means building on the progress made so far to continue expanding coverage to our families, making healthcare more affordable, and improving the quality of care patients receive. This is, as the chairman said, our fourth hearing on strengthening our country's health IT infrastructure, an issue that is especially important to two of those goals--improving the quality and the affordability of care. When patients and providers have more convenient access to better health information, they are more equipped to make truly life-changing or even lifesaving decisions. Hospitals and providers have made substantial progress over the last few years toward expanding the use of health information technology. Today, for example, 6 out of 10 hospitals report having used electronic health records to coordinate with at least one provider outside their own organization. That is a 51 percent increase from just 7 years ago. We have taken some important initial steps forward, but we need to build on that progress and tackle a lot more challenges to make sure that patients can get better, more efficient care that reflects their medical histories. I am glad today that we are focusing on one challenge in particular, the practice of deliberate information blocking by some health IT organizations which threatens to get in the way of the progress we need to make to continue to improve our healthcare system. It is important to make clear that there are some legitimate reasons that a vendor might limit exchange of health information--patient privacy or unanticipated technological challenges. According to a recent report by the Office of National Coordinator for Health Information Technology, there is substantial evidence that some organizations are intentionally setting up barriers between their systems and other systems or overcharging or creating technical or legal barriers to providers who want to access information through the system they purchased, or both. To me, these efforts to knowingly interfere with access to patients' health information is completely unacceptable. We have heard before in this committee how big a difference medical records can make for patients and their families, and because a strong national health IT system depends on different electronic healthcare record systems being able to talk to each other, we can't afford to have bad actors who prioritize their bottom line over patients' best interests and block information that hospitals, providers, and patients need to be able to share with one another. Instead, I am hopeful that members of this committee can work together on ideas that would allow physicians to vote with their feet when it comes to health IT and enable patients to download and provide their medical histories in a standard, easily transferable way. Today I am going to be very interested in hearing from our witnesses about these ideas and others, which would help move us toward even more significant progress to strengthen health IT and improve healthcare for the families and communities that we all serve. Thank you again to our witnesses. We look forward to your testimony today. Thank you, Mr. Chairman, for really focusing on a critical topic. The Chairman. Thanks, Senator Murray. First, we will hear from Dr. David Kendrick, chair of the Department of Medical Informatics at the University of Oklahoma and CEO of MyHealth Access Network in Tulsa. MyHealth Access Network connects more than 1,600 providers and patients through an innovative, community-based health information system. Dr. Michael Mirro is our second witness. He is the chief academic and research officer at the Parkview Mirro Center for Research and Innovation in Fort Wayne, IN, and is a national leader in health information technology, serving as chair of the American College of Cardiology Health IT Committee for 5 years. Next we will hear from Dr. David Kibbe. He is the founding president and chief executive officer of DirectTrust, a nonprofit organization that helps and protects the rules and regulations of those in the nationwide Health Information Network. He is the senior adviser to the Alliance for Health IT Innovation at the American Academy of Family Physicians. And finally, Mr. Paul Black is here. He is president, chief executive officer, and director of Allscripts Healthcare Solutions, Inc., a leading electronic health record vendor. I am told that Allscripts is now able to work with all major electronic health record applications in today's market. Mr. Black served as the EHR vendor Cerner's chief operating officer prior to that. Welcome. We look forward to your testimony. If you would summarize your remarks in 5 minutes, then we will have a conversation. Dr. Kendrick, let us begin with you. STATEMENT OF DAVID C. KENDRICK, M.D., MPH, CHAIR, DEPARTMENT OF MEDICAL INFORMATICS, UNIVERSITY OF OKLAHOMA; CEO, MYHEALTH ACCESS NETWORK, TULSA, OK Dr. Kendrick. All right. Thank you. Good morning, Chairman Alexander, Ranking Member Murray, and distinguished members of the committee. In previous hearings, committee members have asked how do you define interoperability? From my perspective, every patient deserves to have their complete longitudinal medical record securely available wherever and whenever decisions are made about their health. Wherever includes places like the doctor's office or the emergency room, between doctor visits when medications are refilled, as well as at home with the patient or caregiver. I think this definition is helpful because it reminds us that the primary objective of interoperability is to better serve the patient with high-quality, safe, and cost-effective care. We have taken these principles to heart in Oklahoma and have leveraged our ONC Beacon Community Award to create statewide interoperability. MyHealth is a nonprofit that serves as an entity most trusted by payers and providers to measure quality, cost, and value in support of new healthcare payment and delivery models. This unique, trusted, third-party arrangement has accelerated the adoption of value-based payment models in Oklahoma, and interoperability has enabled providers to succeed in these new care delivery models. For example, MyHealth serves as the convening organization and data aggregator for CMMI's Comprehensive Primary Care Initiative demonstration project in which 265 Oklahoma primary care providers reduced Medicare costs by 7 percent in 1 year. These accomplishments have been hard fought, requiring more than 5 years and $15 million to produce. By far, the most significant barrier to success has been liberating accurate patient data from practices, hospitals, and other organizations. Generally, we think of data blocking as the intentional interruption or prevention of interoperability by one of two parties, the provider or the provider's EHR vendor. Provider data blocking may have been an important challenge early in the development of MyHealth, but it has quickly receded as value-based payment models take hold. Thus, the biggest challenge we face is liberating patient data from EHR systems to make it interoperable. While many EHR vendors work well with our customers and with our organization to establish interoperability, we still have so many specific experiences with inappropriate data blocking and substandard data quality that we have created a nomenclature to classify six common types. Below, we describe one or more real examples of each type. Type 1 is the golden rule. By far, the most common barrier to interoperability is the high price charged by vendors to implement and maintain interfaces, which commonly exceeds $10,000, and it is not uncommon to see charges of $30,000 to $40,000 per practice, regardless of practice size, to do something that meaningful use supposedly required. Type 2 we call the Hotel California. There is a component of the EHR certification program called data portability that is intended to help providers change EHR vendors if they like. Unfortunately, few vendors appear to offer this functionality as intended, and so we say that the customers of these vendors have a Hotel California problem. They can check out other EHR products anytime they like, but their data can never leave. Type 3 is inexplicable. We recently were told by a large EHR vendor's project manager that, ``We just don't do CCDs,'' which is the patient summary of care document, ``because they're not in our DNA.'' The CCD is required of all certified EHRs, and no amount of arguing thus far has been able to convince this project manager that his vendor could do this. Type 4 we call garbage in and garbage out, and this simply relates to the quality of the data we are getting in these standard CCDA files. We are finding uncoded lab results, uncoded medications. When the data is not coded properly, it can't be duplicated and essentially becomes useless for other providers to use in care. Type 5 we call EHR at the center of the universe. Increasingly, we are hearing from large health systems that their EHR vendor provides all of the interoperability that they need without the community HIE. This is because the vendor provides convenient connections to other systems that use their product. However, providers in critical services using other EHR products are excluded, leaving a big hole in the interoperability of the community and the health system. Most concerning about this mistaken belief among health system leaders is that it subverts interoperability at the community and State level, creating instead a corporate EHR network for interoperability which is not subject to the trust arrangements and policies of the community. Type 6 we call the bait and hidden switch. In this type of data blocking, the vendor achieves certification with one feature set and then either hides or eliminates functionality when the EHR is actually deployed in practice. By filing a complaint with ONC's surveillance program, we recently discovered that one of the Nation's largest ambulatory EHR vendors had actually hidden functionality that they used to get certified and were instead charging tens of thousands of dollars to practices for an additional product to do the same thing. We have since used this knowledge to connect many practices at no cost. Unfortunately, the vendor in question still has not been compelled to communicate this information to all of their customers. We have also observed a certain fear among providers that filing complaints with ONC against their vendor will produce a backlash in the form of poor service or increased fees. Most of the time our participants ask that we, the health information exchange, file the complaint to preserve their relationships with their vendors. My recommendations to improve the flow of data for interoperability are, No. 1, expand HIT certification to test interoperability in the field. Don't just test it on the bench, but also test it once it is deployed to prove that it works. No. 2, further emphasize the ONC certification surveillance program. No policy has ever been successful without at least the threat of enforcement. No. 3, consider implementation of a lemon law for EHRs to protect providers and other organizations stuck in long-term contracts with vendors who do not perform. No. 4, require certain clauses of EHR contracts to be transparent, especially the interoperability clauses that can hide these data blocking issues. No. 5, continue to expand value-based payment models, which inherently encourage interoperability among providers. And No. 6, although it may sound controversial coming from a board-certified medical informaticist, we don't need any new standards right now. We need to make the ones we have work. We should continue research and development, but please don't layer in new standards. HITECH called upon ONC to establish the governance for the nationwide Health Information Network, but perceived limitations on ONC's authority have left this entire segment of our critical national infrastructure without governance. This vacuum is being filled by various consortia and collaborations of vendors and large provider organizations. ONC's authority should be made clear in three groups. The Chairman. If you could wind it up, Dr. Kendrick. Dr. Kendrick. Sure. Those who receive care, provide care, and pay for care should be organized into governance. [The prepared statement of Dr. Kendrick follows:] Prepared Statement of David C. Kendrick, M.D., MPH Good morning, Chairman Alexander, Ranking Member Murray, and distinguished members of the committee. I am pleased to offer you my testimony on a topic that has consumed nearly all of my professional life--the modernization of our healthcare delivery system, and lately, the information blocking that is getting in the way of progress. I reviewed the previous healthcare IT testimony to this committee and noted that a very important question has consistently been asked by committee members: ``How do you define interoperability?'' My definition of interoperability is that every patient deserves to have their complete, longitudinal medical record available wherever and whenever decisions are made about their health. ``Wherever'' includes places like the doctor's office or the emergency room, between doctor visits when medications are refilled, as well as at home with the patient or caregiver and on smartphone when the patient travels. I think this definition is helpful because it reminds us that the primary objective of interoperability is to better serve the patient. It also provides us with a convenient test for any health IT implementation or policy. ``Does my EHR ensure that my patients have their records from my clinic available no matter where they seek care?'' is a fundamental question all doctors should ask about their systems. Another important test is ensuring that each patient, and population, is receiving high value care--the primary ingredient required for successful value-based payment models. In order to do this, quality and cost measures must contemplate ALL of the relevant data on each patient. Since the average patient sees more than 3 different doctors each year, and the average Medicare patient sees 7, this almost always means aggregating data from multiple doctors and hospitals in order to get an accurate picture of individual and population health. To do otherwise would be like assessing the record of a football team based only on the performance of the left tackle. We in Oklahoma have been hard at work transforming our healthcare delivery system. MyHealth Access Network is a non-profit health information exchange organization serving more than 4 million patients and connecting 275 organizations, including doctors, hospitals, pharmacies, tribal health systems, payers, employers, home health, hospice, long term care, State and local agencies, and many others. MyHealth received a Beacon Community Award from ONC in 2010 which encouraged and enabled us to build the Oklahoma approach to interoperability. MyHealth has established effective health information exchange with dozens of EHR's, administrative systems, and payer claims systems, and consolidates this data into a single record for each patient to ensure that their complete medical record is available wherever, and whenever needed for care. In addition, MyHealth serves as the entity most trusted by payers and providers to measure quality, cost, and value in support of new healthcare payment and delivery models. This unique Trusted Third Party arrangement has accelerated the adoption of value- based payment models in Oklahoma, and has enabled providers to succeed in these new care delivery models. For example, under the Beacon program, MyHealth demonstrated significant improvements in critical ACO success measures: preventable admissions and ER visits for asthma, COPD, and congestive heart failure. MyHealth technology has been shown to improve care transitions by reducing wait times for access to specialty care by 2/3 and significantly reducing the total cost of care for transitioned patients in the Medicaid population. MyHealth has also served as the Convening organization and data aggregator for the Oklahoma implementation of a CMMI pilot project called the Comprehensive Primary Care initiative (CPC), which includes local commercial payers as well as Medicare and Medicaid. These multiple payers have partnered to implement a value-based payment and practice transformation program in primary care practices. In the first year of the program, Oklahoma's 65 CPC practices reduced Medicare costs by 7 percent, prompting Secretary Burwell to seek commentary on the potential expansion and permanent implementation of the CPC model in the latest CMS Physician Fee Schedule. These accomplishments have been hard fought, requiring more than 5 years and $15M to produce. By far, the most significant barrier to success has been liberating accurate patient data from practices, hospitals and other organizations. Generally, we think of data blocking as the intentional interruption or prevention of interoperability by one of two parties: the Provider or the Provider's EHR vendor. Provider data blocking may have been an important challenge early in the development of MyHealth but it has quickly receded as value- based payment models take hold. The Comprehensive Primary Care initiative, the rise of several ACO's, and important moves by commercial payers such as Blue Cross and Blue Shield have all combined to convince providers in Oklahoma that value-based payment models are the present and the future. CMS further endorsed this thinking with their announcement in January. As providers recognize that their success in these new models of care and payment is dependent on having their patients' comprehensive data available wherever it is needed for decisionmaking (even if that is a competing organization), the provider-driven barriers to interoperability tend to melt away. Thus, the biggest challenge we face is helping our willing provider members to liberate the patient data from their EHR systems to make it interoperable. We have so many specific experiences with inappropriate data blocking and substandard data quality that we have created a nomenclature to classify the six common types. We have had some success in solving these issues, but many remain unresolved. Below we describe each type of data blocking in the context of a real event. Before reviewing the examples, I would like to point out three things. First, many EHR vendors work well with their customers and with our organization to establish interoperability. Second, until recently, we have been left with few options to address most data blocking issues. Recently, we have become active users of the ONC Certified EHR Technology Surveillance program, filing complaints after we have exhausted all other efforts to work with the vendor and the provider to implement interoperability. Finally, the cases below are examples of the types of issues we have experienced, but these issues arise in most other communities as well. type 1: the golden rule By far the most common barrier to interoperability, exorbitant interface and maintenance costs cause many small practices and hospitals (and some large ones) to forego participation in HIE or at least providing data to the HIE. The EHR Certification requirements do not set parameters for the fees that vendors may charge for interoperability, so this is a very common barrier. In our experience, typical, acceptable interface costs are below $2,500 per practice. However, several well-known vendors charge $10,000 or more per practice, regardless of practice size, and some charge more than $30,000 to $40,000, which for many practices in Oklahoma amounts to $3-$5 per patient seen for an entire year. Other vendors charge per patient. One vendor in particular has, until recently, charged more than $2.00 per patient per year, which added nearly $1M in cost to large health systems and prompted an avoidance of the standard interface approaches with that vendor. Asking a CFO to pay $1M extra just to provide competitors with access to see their patient data seems to be a guaranteed way to keep the health system to participate in HIE--and this is exactly the effect that this per- patient per-year fee model has had. When we question vendors about the exorbitant cost of interfaces, we are often told they are technologically complex and labor-intensive. While this may be true, the complexity is usually a result of the vendor's own decisions about architecture and their implementation of the meaningful use interoperability requirements. In addition, it is difficult to recommend to our participating providers that they pay these fees when a number of well-known EHR vendors have been extracting the data from their customer's practices, de-identifying it, and selling it for years. Certainly this process is more technologically complex than making a standards-based interface for clinical data. type 2: the ``hotel california'' There is a component of the EHR Certification program called ``data portability'' that is intended to help providers to change EHR vendors if they like. Vendors are required to enable providers to create a batch export of their patient records in a standardized format. It is also a very helpful capability for interoperability. Unfortunately, few vendors appear to offer this functionality as intended, and so we say that the customers of these Vendors have a Hotel California problem-- they can check out other EHR products any time they like, but their data can never leave. MyHealth has filed complaints about this issue and our initial complaints have been found to have merit by ONC and the ACB, but no specific timelines have been provided. Thus, doctors using these Vendors' EHR products are facing pressure to meet Meaningful Use by the end of the year without a clear idea of whether, or when, the product will enable them to do so. type 3: the inexplicable In some cases, the reasons for data blocking are not clear, and do not seem to be linked to any specific technology limitation or business driver. Often, given time, the real motivation behind the data blocking will become clear and it usually resolves to a vendor-or provider- driven decision about cost. For example, during the install of a major comprehensive EHR product in one of our largest health systems, we were told by the Vendor's project manager that ``We don't do CCD's, they're just not in our DNA''. We pointed out that their product was Meaningful Use certified, implying their ability to produce a CCD (a Patient Summary of Care file), and, in any case, this was their customer's request. Despite an hour of questioning, the project manager remained unfazed and simply continued to repeat ``we don't do CCD's, they're not in our DNA''. This issue remains today, despite the fact that we now get CCD's from other instances of this vendor's product. We were forced to build and maintain five different HL-7 (an older, less robust protocol) feeds to replace the missing CCD. The missing data from this health system means that their patients are at higher risk of Adverse Drug Events, duplicated testing and imaging (and radiation exposure). type 4: garbage in, garbage out All certified EHR's are required to produce Patient Care Summary records according to a common format, but many of them fail to include the proper structure, clinical content, or standard codes. We have never seen a completely correct Patient Care Summary despite processing millions of them. Poor data standardization and quality prevents data from being combined with other records on the patient, creating a messy and often inaccurate chart riddled with duplications. Further, this prevents the calculation of metrics and care gaps, as well as quality measures, compromising the safety and accuracy of clinical decision support, and undermining the success of value-based payment models. type 5: ehr at the center of the universe Increasingly, we are hearing from large health systems using certain EHR systems that their EHR vendor provides all of the interoperable information they need. These vendors have done an excellent job of implementing interoperability with other health systems using their EHR products. However, this interoperability does not extend beyond the specific vendor's customers, excluding independent providers and small hospitals, pharmacists, ancillary care services and long term care, etc.--all of which play a critical role in the health of patients. Most concerning about this belief is that it subverts interoperability at the community and State level, creating instead a corporate EHR network for interoperability, which is not subject to the trust arrangements and policies of the community. type 6: the ``bait and hidden switch'' In this type of data blocking the vendor achieves certification with one feature set and then either hides or eliminates functionality when the EHR is deployed in a practice or hospital. We pursued interoperability for nearly 4 years with one of the Nation's largest ambulatory EHR vendors, but were told repeatedly that we must purchase their proprietary ``HUB'' product. In addition to a base cost of $40,000, the HUB carries an additional monthly service fee of $50-$100 for every provider in every practice--more than doubling the cost of HIE services. Recognizing that 2014 EHR Certification required them to produce the Patient Care Summary files for interoperability, we filed a complaint with ONC, which was forwarded to the Accredited Certifying Body (ACB) for the Vendor, who apparently forwarded the message to the Vendor. Almost immediately we received an email from the Vendor indicating that they would no longer work directly with our HIE. We were quite surprised and concerned, but fortunately, within a few hours, we received an email from an executive with the Vendor. Realizing that the certification challenge was credible, the executive offered some new information, unknown to any other practice or HIE in the country, as far as we can tell. It turns out that instead of requiring the purchase and implementation of the HUB product, the vendor could make a simple ``configuration'' change to enable the data to flow out of the system. We immediately requested that the configuration change be made in our participating practices, and by 10 a.m. the next day we had data flowing from three practices, at no additional cost to the providers. This EHR Vendor product had passed certification testing with the configuration switch turned on, but turns it off by default for every installation of the product. Until we filed this challenge, no amount of direct questioning of the Vendor support, sales, and implementation staff revealed the existence of this ``switch''. The follow-on story is also informative. This feels to us like an important product defect that would be communicated to customers in any other industry. Since most of these installations were funded with tax- payer dollars, it would seem that the commitment to transparency would be even greater. Unfortunately, the Vendor does not appear to be communicating this information to their customers, and continues to offer the expensive HUB as the only way to get data out of their EHR system. So, we have shouldered the burden of informing the public and relevant stakeholders, including our HIE colleagues. We have assisted several States in making this configuration switch work for them, and we are happy to do it--but we continue to ask why a formal and transparent communication process is not being required. Of particular concern to me has been the clear reluctance on the part of the practices to file or participate in the filing of complaints against their EHR vendors. Several times, affected practices have requested MyHealth to file the formal complaints on their behalf, but expressed fear that filing directly could prompt retribution from the EHR vendor. I have been surprised to find intimidation of providers by their vendors, whether real or perceived, playing such a significant role in the data blocking issue. recommendations I have several suggestions to address and prevent the issue of data blocking. 1. The HIT Certification program is the strongest lever available to ensure Vendor alignment with success of the Nation in achieving the optimization of health and quality of life for all Americans. I recommend a tuning of the initial certification and an expansion of the ongoing surveillance program. a. Initial and ongoing certification recommendations: i. Current testing: EHR's are currently certified based on testing in an ideal, laboratory environment. ii. Expanded Certification Testing: We recommend that certified EHR's have their interoperability functions tested in the field with each deployment of their product in order to maintain certification. In this way, the product can be proven to be interoperable before the ``keys'' are handed over to the provider. This would specifically address Information Blocking Types 2, 3, 4, and 5 above. We are happy to expand on ways this can be accomplished cost-effectively as requested. iii. Meaningful Use 3 Proposed requirements: It has been proposed that Certified EHR's must enable providers to choose standard clinical documents and schedule them for automated delivery to specific locations. Preservation of this requirement is critical to achieving broad interoperability. b. Certification Surveillance program recommendations: As noted above, most progress on addressing the data blocking issue has come through successful use of ONC's Certified Health IT Surveillance program. We propose expansion and amendment of this program in the following ways: i. More prominent role: The ONC Surveillance program can be very important in solving these issues, but it must become a more prominent component of the Certification program to have maximal impact. Doctors and hospitals need to know how and when to use it, and Vendors need to know what to expect from it as well. ii. Increased Transparency: 1. When a complaint is found to have merit, and changes have been requested of a specific vendor, the customers deserve to know the details and timing for a solution. Posting the adjudicated issues and timelines will enable providers to plan and increase trust among the provider community. 2. An annual Health IT Surveillance report has been produced by the Accredited Certifying Bodies, but the report is only accessible via a Freedom of Information Act request--creating an additional barrier to transparency and therefore trust. iii. Whistle-blower protections: As described above, many providers, especially small clinics and hospitals, are concerned about backlash from their vendors that filing a complaint may generate. Whether these fears are warranted or not, it's important to create an environment where these providers can feel safe in airing their concerns. iv. Independence from Conflict of Interest: Currently, the Accredited Certification Bodies, who are responsible for the Certification program, are also responsible for executing the Surveillance program. This could be perceived to be subject to conflict of interest, since the ACB generates nearly all its revenue from the Vendors that it certifies. For example, an ACB perceived to be overly strict by Vendors could lose its Certification business. c. Lemon law for EHRs: On more than one occasion in our community, providers have invested heavily in an EHR product, only to discover that it does not meet their needs. One small, financially strapped hospital in Oklahoma recently fired their EHR vendor when it became clear that the Vendor would not meet 2014 EHR Certification--which would prevent the hospital from meeting its Meaningful Use obligation. Unfortunately, the EHR vendor sued the hospital for breach of contract. An appropriately crafted Lemon Law could help to prevent these kinds of issues. d. Transparency in contracting: The contents of EHR vendor contracts are among the best kept secrets in America, and the signatories are often bound by strict non-disclosure agreements. Certain elements of these contracts, and specifically those pertaining to interoperability, should be made transparent to customers and other healthcare stakeholders. 2. Payment model incentive alignments provide the strongest incentive for providers and hospitals to support and enable interoperability. In particular, the expansion of value-based payment models are prompting providers to look beyond the walls of their organization for the patient information they need. a. In the short term, a process measure for interoperability should be employed to help providers and other stakeholders gauge their progress in achieving appropriate levels of interoperability. We have defined several measures that could be of use and would be happy to share them. b. CMS and other Federal partners such as the DoD, VA, and HRSA should begin to place more value on Clinical Quality measures derived from a comprehensive record of the care each patient receives, rather than from a single EHR or site of care. This will further encourage provider participation in meaningful health information exchange, and will significantly improve the accuracy of the quality measures being reported. In Oklahoma, the commercial payers and Medicaid have already recognized the importance of this approach to value measurement and are proceeding to implement it. c. Support the development of regional data aggregation such as HIE's and the implementation of whole-patient quality reporting. These are important infrastructure elements that are needed to support the kinds of measurement described above for value-based payment programs, and also to ensure that patients get comprehensive, safe care no matter where they seek it. 3. Standards: It may be controversial for me to say this as a Board Certified Medical Informaticist, but we have plenty of standards--we need to focus on correctly implementing the standards we have right now and monitoring their performance. R&D on new standards should continue, but they should undergo rigorous testing before becoming a part of the certification or meaningful use requirements. The ONC Standards Advisory hits the mark well on this issue. 4. Governance: This is perhaps the most critical issue limiting the impact of the tax-payers $30B investment in health IT. In the original HITECH act, ONC was called upon to establish the governance for the nationwide health information network. Now, more than 6 years later, that governance still does not exist, due in part to interpretations of limitations on ONC's authority. Thus, there is a vacuum in governance for this critical component of America's infrastructure--and that vacuum is being filled by various consortia and collaborations of vendors and large provider organizations. In order to rapidly advance health IT and interoperability, ONC's authority should be made clear, and I believe strongly that the correct perspectives to include in that governance are: a. Those who receive care (patients, special population representatives); b. Those who deliver care (providers, public health); and c. Those who pay for care (payers, employers, governments). Thank you for this opportunity to share my experiences and offer my advice. The progress made to date is tremendous, and I am confident that with your guidance, health and healthcare in America can become the best in the world. The Chairman. Thank you very much. Dr. Mirro. STATEMENT OF MICHAEL J. MIRRO, M.D., FACC, FAHA, FACP, PAST CHAIR, MEDICAL INFORMATICS COMMITTEE, AMERICAN COLLEGE OF CARDIOLOGY AND CHIEF ACADEMIC/RESEARCH OFFICER, PARKVIEW MIRRO CENTER FOR RESEARCH AND INNOVATION, FORT WAYNE, IN Dr. Mirro. Chairman Alexander, Ranking Member Murray, and members of the committee, thank you for the opportunity to speak today on this important issue of information blocking and the unforeseen problems that have been created and the possible solutions that will help improve patient care. My name is Michael J. Mirro. I am testifying today on behalf of the American College of Cardiology, a 49,000-member medical society that is the professional home for the entire cardiovascular care team. I am board certified in internal medicine, cardiovascular disease, clinical cardiac electrophysiology, and geriatrics. I have focused the majority of my clinical work on cardiac implantable devices in patients with serious heart rhythm problems, and my clinical investigation historically has been on new and advanced technologies to enhance their function. I have worked also in the deployment of informatics tools since 1995, assisting in the refinement and development of decision support tools to improve point of care of patients with congestive heart failure. In private practice, my partners and I were early adopters of electronic health records, and these systems were implemented before the HITECH passage. They were complemented by the fact that they had user-centered design as opposed to software-centric design, which now occur commonly. Additionally, many of the current systems lack clinical utility and create substantial practice inefficiencies and reduce quality of the patient-physician interaction during an office visit. I first became aware of information blocking when my colleagues in other private practices of cardiology adopted EHRs and were forced to spend substantial resources to interface with their health system's EHR. Those practices would have been able to better financially plan if the cost had been disclosed during the contracting. Transparency of additional hidden costs or fees within contracts with EHR vendors should be evaluated. Many contracts between providers and EHR vendors include a gag clause, which prevent providers from speaking publicly about the problems associated with their EHRs. EHR vendors should not be allowed to include such clauses in the contract. The delay of information sharing is another form of information blocking. I once had a patient who was admitted to the emergency room in cardiac arrest. Because of a delay in receiving his cardiac history, data critical to the care of this patient, it resulted in an unfortunate outcome. The patient experienced complications. There was an emergency cardiac catheterization, subsequently resulting in a prolonged hospital stay. However, he did survive. Rapid and secure exchange of health information is critical. In some cases, it could mean the difference between life and death. Data fluidity should mean not only that information reaches the provider, but the data is transmitted quickly and securely. Many EHR vendors provide the functionality needed but require the user to purchase their IT products to make the elements of EHR interoperable. Like other products, such as consumer electronics, you are able to connect, but you must buy a company's specific products in order to do so with ease. The ramifications of technology in healthcare that we are not able to communicate are serious, resulting in decreased care quality and stunting improvements in population health. EHR vendor products should be universal and connect with other EHRs offered by different companies. Another advantage of the free flow of data is to empower patients in their care decisions. One of our recent projects has been to establish a way for patients who are remotely monitored with implantable cardiac devices to receive their data. Each element of the four companies that make these implantable devices are available. However, we have to require interface between each vendor in our EHR system. We have to pay for that interface to be created. Health IT vendors and providers should be incentivized to establish networks for patients to monitor their cardiac devices particularly, empowering them to actively participate in their healthcare decisions. In addition, adoption of public data standards should be expected and supported in the best interests of patients so the patients can receive their data. Many information blocking problems stem from the financial incentives of the EHR companies to obstruct data. The HITECH Act, along with implementation of meaningful use program, has improved data sharing and data liquidity to some degree. With that stated, the unintended consequences of meaningful use is that the systems were designed to facilitate charge, capture, and revenue cycle management and focus less on clinical data utility. Although meaningful use programs have brought favorable results within the context of data transfer, many of the requirements set forth in the program are unattainable. Recognizing that only 11 percent of physicians have attested for Stage 2 meaningful use, I recommend, in concert with the ACC, that Stage 3 meaningful use be delayed in its entirety. In addition to what I have discussed, the College has called for many of the same actions recommended by the ONC's report of April 2015, and these include the following: No. 1, strengthen in-field surveillance of health IT certified by ONC; No. 2, constrain standards in implementation specification for certified health IT; No. 3, work in concert with HHS to improve stakeholder understanding of HIPAA provisions provided related to information blocking; and No. 4, work with CMS to coordinate healthcare payment incentives and leverage market drivers to reward interoperability and discourage information blocking. In closing, I commend you, Chairman Alexander and Ranking Member Murray, and your excellent staff for gathering us today, taking this initiative to accomplish specific goals related to interoperability and information blocking. Furthermore, I applaud the collaborative bipartisan approach and thank you again for the opportunity to speak here today. I will look forward to the discussion. [The prepared statement of Dr. Mirro follows:] Prepared Statement of Michael J. Mirro, M.D., FACC, FAHA, FACP summary ehr vendor contractsTransparency of additional (or hidden) fees should be evaluated. EHR vendors should not be allowed to include gag clauses. data fluidity Patient information should reach the provider without delay in a fast, secure manner. EHR vendors' products should be universal and connect to other EHRs offered by different companies. Health IT vendors and providers should be incentivized to establish networks for patients to monitor their devices and to empower them to actively participate in their health decisions. Adoption of public data standards should be expected and supported in the best interest of patients. meaningful use stage 3 Stage 3 of the Meaningful Use program should be delayed in its entirety. endorsement of actions outlined in onc's april 2015 report to congress on information blocking Strengthen in-the-field surveillance of health IT certified by ONC. Constrain standards and implementation specifications for certified health IT. Work in concert with HHS to improve stakeholder understanding of the HIPAA provisions related to information sharing. Work with CMS to coordinate health care payment incentives and leverage other market drivers to reward interoperability and exchange and discourage information blocking. ______ Chairman Alexander, Ranking Member Murray, and members of the committee, thank you for the opportunity to speak today about the important issue of information blocking, unforeseen problems that have been created, and possible solutions to help improve patient care. My name is Michael Mirro and I am testifying today on behalf of the American College of Cardiology, a 49,000-member medical society that is the professional home for the entire cardiovascular care team. I am board certified in internal medicine, cardiovascular disease, clinical cardiac electrophysiology, and geriatrics. [In addition to seeing patients, many who suffer from multiple chronic conditions, I also serve as Chief Academic Research Officer at Parkview Health System in Ft. Wayne, IN where I manage over 90 clinical trials.] I have focused the majority of my clinical work on cardiac implantable electronic devices in patients with serious heart rhythm problems and clinical investigation into new and advanced technology to enhance their function. [I have worked extensively on remote monitoring of cardiac devices and electronic messaging patients their data from their individual device.] I have worked in the development of health informatics tools since 1995, assisting in the refinement of clinical decision support software to improve point of care quality related to congestive heart failure. The private practice that my partners and I owned was an early adopter of electronic health records. These systems, implemented before HITECH's passage, had a user-centered clinical design, as opposed to the software centric certified EHR systems of today. Additionally, many current systems lack clinical usability and thus create substantial practice inefficiency and reduced quality patient-physician interaction during an office visit. I first became aware of information blocking when my colleagues in other private cardiology practices adopted EHRs and were forced to spend substantial resources to interface with their health system's EHR. These practices would have been able to better plan financially if these costs had been disclosed at the outset. [Fortunately, the practice was in a financial position to absorb these costs, but many other practices are not.] Transparency of additional (or hidden) fees within contracts with EHR vendors should be evaluated. Many contracts between providers and EHR vendors include gag clauses which prevent providers from speaking publicly about problems associated with EHRs. EHR vendors should not be allowed to include such clauses. The delay of information sharing is another form of information blocking. I once had a patient admitted to the emergency room in cardiac arrest. [The patient was a truck driver from out of State.] Because of a delay in receiving his cardiac history, data critical to his care was not available in a timely fashion. The patient experienced a complication during the emergency heart procedure resulting in prolonged illness. [The support of electronic messaging of standard clinical summaries is a critical issue with respect to quality and safety of patient care.] Rapid, secure exchange of health information is critical and in some cases can mean the difference between a patient living and dying. Data fluidity should mean not only that information reaches the provider, but that the data is transmitted quickly and securely. Many EHR vendors provide the functionality needed, but require the user to purchase their health IT products to make the elements of the EHR interoperable. Like other products such as consumer electronics, you are able to connect, but you must buy a specific company's products to do so with ease. The ramifications of technology in health care that are unable to communicate are serious, resulting in decreased care quality and stunting improvements in population health. EHR vendors' products should be universal and connect to other EHRs offered by different companies. Another advantage of the free flow of data is to empower patients in their health care decisions. One of my recent projects was to establish a way for patients to remotely monitor their implanted devices. Each element of the four devices available in the market had a different vendor, requiring us to contract with four different vendors and pay four different set-up costs to allow patients to accomplish one task. Health IT vendors and providers should be incentivized to establish networks for patients to monitor their devices, empowering them to actively participate in their health decisions. In addition, adoption of public data standards should be expected and supported in the best interest of patients. Many information blocking problems stem from the financial incentives of EHR companies to obstruct data. The HITECH Act, along with implementation of the Meaningful Use Program, has improved data sharing and data liquidity. With that stated, the unintended consequence of Meaningful Use is that systems were designed to facilitate charge capture and revenue cycle management and focus less on clinical data and usability. [The importance of exchanging a clinical summary document has been enhanced by this program, but we need surveillance of individual vendor behavior.] Although the Meaningful Use program has brought favorable results within the context of data transfer, many of the requirements set forth in the program are unattainable. Recognizing that only 11 percent of physicians have attested to stage 2, I recommend, in concert with the ACC, that stage 3 of Meaningful Use be delayed in its entirety. In addition to what I have discussed, the College has called for many of the same actions recommended in the Office of the National Coordinator's April, 2015 Report to Congress on Information Blocking, including: No. 1: Strengthen in-the-field surveillance of health IT certified by ONC. [The ACC feels strongly that a program such as this is needed and that ONC would be the appropriate entity to administer such a program. ONC could hire an outside contractor to affirm compliance--similar to what CMS has done with the Meaningful Use program.] No. 2: Constrain standards and implementation specifications for certified health IT. [This committee has debated whether the Federal Government or the private sector should establish common standards, and the ACC believes it should be a combination of both. Medical specialty societies are well-equipped to engage in the creation of these standards, while the Federal Government is needed to oversee enforcement of the standards.] No. 3: Work in concert with HHS to improve stakeholder understanding of the HIPAA provisions related to information sharing. [HIPAA is outdated and in many cases is actually an impediment to patient care. The ACC would encourage the committee to reevaluate HIPAA in its entirety--including its successes and failures--and whether all aspects of HIPAA remain appropriate given today's technology.] No. 4: Work with CMS to coordinate health care payment incentives and leverage market drivers to reward interoperability and discourage information blocking. [As with my example given earlier about creating a mechanism to remotely monitor devices, this is proof that when coupling providers with innovative companies, we can improve the well-being of our patients and reduce costs.] In closing, I commend you, Chairman Alexander and Ranking Member Murray, and your excellent staff for gathering us today and taking the initiative to accomplish specific goals related to interoperability and information blocking. Furthermore, I applaud your collaborative, bipartisan approach. Thank you again for the opportunity to be here today. I look forward to the discussion. The Chairman. Thank you, Dr. Mirro. Dr. Kibbe STATEMENT OF DAVID C. KIBBE, M.D., MBA, PRESIDENT AND CEO, DIRECTTRUST, SENIOR ADVISER, AMERICAN ACADEMY OF FAMILY PHYSICIANS, WASHINGTON, DC Dr. Kibbe. Good morning. Chairman Alexander, Ranking Member Murray, and distinguished members of the committee, thank you for the opportunity to share my thoughts today. Direct exchange was designed by an ONC-led consortium of over 50 organizations to replace paper-based mail, fax, and courier services with secure electronic messaging between users of different electronic health record applications and personal health record applications. Direct messaging is very similar to electronic mail, email, in that a sender can compose a message, attach a file or files, and send the package over the Internet to the address of a recipient. Because transmissions are encrypted and identity validated, this method of sharing data is ideally suited to the handling of personal health information, which needs to be protected at all times. The use of Direct exchange has grown very rapidly. There are now over 300 electronic health record vendor products that are certified by ONC as Direct enabled, and over 50 health information exchanges nationwide provide Direct exchange services. DirectTrust members have provisioned nearly 1 million Direct addresses and accounts in the healthcare industry, enabling Direct exchange at over 40,000 healthcare organizations. Over 30 million Direct messages have been exchanged in 2014 and 2015 so far in support of transitions of care and care coordination. The Indian Health Services, the Veterans Administration, the U.S. Postal Service, and the Centers for Medicare and Medicaid Services all have Direct implementation programs underway. Despite this success, information blocking by healthcare provider organizations and their EHRs, whether intentional or not, is still a problem for some providers and their relying parties. Persisting information blocking problems include local electronic health record and provider policies that are not standard, EHR product design and/or implementation flaws, lack of or inadequate product and service support, and high pricing for interoperable-enabled software products and services. Time allows me to provide you with just a couple of examples. EHRs capable of Direct exchange should accept all trusted inbound messages and attachments. However, some electronic health record companies' products require that an incoming Direct message be accompanied by a particular attachment. No attachment or not the particular attachment, the inbound message is discarded and dropped, often without letting the sender know that that has happened. Clearly, this is frustrating to relying parties, but it is also not the original intent of Direct exchange, which supports transport of messages without attachments and with many different kinds of file attachments. Another example. Believe it or not, although ONC certified to send and receive Direct messages, some EHR vendors' products are unusable in the field, as has been noted. They lack an inbox or a message compose button or some other key component that allows the user to easily compose messages and send them. In my opinion, the responsibility for assuring secure interoperable exchange resides primarily with the healthcare organizations, not with EHR vendors and not with the Government. Healthcare provider organizations must demand collaborative and interoperable health IT tools from their EHR vendors to make patient- centered care routine and ubiquitous as a practice throughout all communities in the United States. However, there are roles for Government, and I want to list a few that we find of high importance. Government can continue to shed light on these problems and work with trade groups, standards, and policies organizations, as you have done with these hearings that I think have been extremely valuable already. These hearings are setting high expectations for interoperability of electronic health records and other applications and especially for those that have benefited from the subsidies of the meaningful use programs. ONC can bring better and improved EHR certification processes forward beyond the testing laboratory so that the EHR's usability of interoperability features in the field becomes part of the public record and can be used in purchasing decisions, as my colleague has already mentioned. It is very, very important to make that public record available. Congress can accelerate multiple Federal agency uses and demand for open standard-based interoperability of health IT with private sector communities and providers in order to remove the demand and lessen the use of fax, e-fax, mail, and courier. The savings in documentation and time and cost for these Federal agencies, as well as their partners in the private sector, would be enormous in a very short period. Finally, CMS should continue to link the use of certified EHR technology to participation in value-based purchasing programs. Doing this makes interoperability and collaboration across multiple organizations in multi-vendor environments and with patients directly financially rewarding to providers and their health IT vendors. Demand for collaboration and interoperability is best driven by underlying business models and business cases supported by good regulation and oversight. Finally, I would just like to say I think the memo has gone out. Collaboration and interoperability of health IT is mandatory. It is no longer nice to have. We still have some kinks to work out and some people to deliver that message to, perhaps a second round. Thank you. [The prepared statement of Dr. Kibbe follows:] Prepared Statement of David C. Kibbe, M.D., MBA summary My name is David Kibbe and I serve as the president and CEO of the non-profit trade alliance DirectTrust, and also as senior advisor to the American Academy of Family Physicians, the physician membership organization representing over 100,000 of the Nation's family physicians, residents, and students. Because of the added privacy, security, and identity layers of Direct exchange, this method of sharing of data between providers using different EHRs, and between providers and patients, is ideally suited to the handling of personal health information which must be protected at all times. Interoperable Direct exchange has grown rapidly since becoming a required feature of EHR technology certified by ONC in 2014. There are over 300 EHRs that are certified as Direct-enabled, and over 50 HIEs nationwide provide Direct exchange services. DirectTrust members alone have provisioned nearly one million Direct addresses in the health care industry, enabling Direct exchange at over 40,000 health care organizations. Over 30 million Direct messages have been exchanged in 2014 and 2015 so far in support of transitions of care and care coordination. The Indian Health Services, U.S. Postal Service, Veterans Administration, and the Centers for Medicare and Medicaid Services all have Direct implementations under way to replace mail, fax, and efax communications between these Federal agencies and providers in the private sector beginning later this year. While it is true that interoperable health information exchange has made great progress in the past 2 years, information blocking by health care provider organizations and their EHRs, whether intentional or not, is still a problem for some providers wishing to use Direct exchange. Persisting information blocking problems include: Local EHR and provider organization policies; EHR product design and/or implementation flaws; lack of or inadequate product/service support; and high pricing for HIE-enabled software upgrades. In my opinion, the responsibility for assuring secure interoperable health information exchange resides primarily with the health care provider organizations, not the EHR vendors, and not the government. However, there is a role for government to encourage and incentivize collaboration and interoperability. Among the actions that government can take should be: To continue to shed light on these problems; to bring better and improved EHR certification processes forward beyond the testing laboratory; to accelerate Federal agency use of and demand for open, standards-based interoperable HIE with private sector providers and provider organizations; and to continue to tie more robust ONC EHR certification and use of certified EHR technology to participation in Value Based Purchasing programs. The root causes of information blocking are not technological or due to a lack of standards for interoperability or EHR capabilities for interoperable exchange. As noted in the ONC Report to Congress on Information Blocking of April 2015,\1\ --------------------------------------------------------------------------- \1\ http://www.healthit.gov/sites/default/files/reports/ info_blocking_040915.pdf. ``While some types of information blocking may implicate these technical standards and capabilities, most allegations of information blocking involve business practices and other conduct that interferes with the exchange of electronic health information despite the availability of standards and certified health IT capabilities that enable this information to be --------------------------------------------------------------------------- shared.''--(Emphasis added.) Therefore, attempts to redress information blocking must address the unwillingness of some providers and their EHR partners to share and exchange data, and not just the specific technical problems that may be encountered in making exchanges run smoothly and reliably. In my opinion, that unwillingness originates in the current business models of the health care industry in general, wherein fee-for-service payment creates disincentives for sharing of health information and rewards information hoarding, or at least the delay of timely information exchanges. Changes to these payment incentives could do much to reward business models where collaboration and interoperability are highly valued, and would create conditions for the technological capabilities, standards, and infrastructure for interoperable health information exchange now in place to be put to much better use. ______ opening remarks Chairman Alexander, Ranking Member Murray and distinguished members of the committee, thank you for the opportunity to share my thoughts on problems that impede the sharing of health information between and among parties authorized to access such information, now often referred to as ``information blocking.'' I will offer some near-term suggestions to help improve upon the current situation. My name is David Kibbe and I serve as the president and CEO of the non-profit trade alliance DirectTrust, and also as senior advisor to the American Academy of Family Physicians, the physician membership organization representing over 100,000 of the Nation's family physicians, residents, and students. DirectTrust's 150-plus members are a vibrant community of service providers, health IT vendors, and health care organizations dedicated to the use of interoperable, secure, standards-based health information exchange via the Direct standard, as well as other vendor-agnostic technologies. Direct exchange was designed to replace paper-based mail, fax, and efax transmissions of health information with secure electronic messaging between users of different software applications, like EHRs. Direct messaging is very similar to electronic mail, or email, in that a sender can compose a message, attach a file or files, and send the package over the Internet. Both sender and receiver need to have Direct addresses that usually have the format [email protected] Practice.com, supplied by Health Internet Service Providers, or HISPs. The word ``direct'' in the address signifies that both the message and attachments are encrypted end-to-end, and that the identities of both parties have been validated. Because of the added privacy, security, and identity layers of Direct exchange, this method of sharing of data between providers using different EHRs, and between providers and patients, is ideally suited to the handling of personal health information which must be protected at all times. Interoperable Direct exchange has grown rapidly since becoming a required feature of EHR technology certified by ONC in 2014. There are over 300 EHRs that are certified as Direct-enabled, and over 50 HIEs nationwide provide Direct exchange services. DirectTrust members alone have provisioned nearly one million Direct addresses in the health care industry, enabling Direct exchange at over 40,000 health care organizations. Over 30 million Direct messages have been exchanged in 2014 and 2015 so far in support of transitions of care and care coordination. The Indian Health Services, U.S. Postal Service, Veterans Administration, and the Centers for Medicare and Medicaid Services all have Direct implementations under way to replace mail, fax, and efax communications between these Federal agencies and providers in the private sector beginning later this year. DirectTrust members have significant experience with interoperability testing and the problems that can impede Direct exchange information flows. Indeed, DirectTrust is something of a laboratory wherein these problems are routinely identified, investigated, and usually solved. Here are some of our collective observations on information blocking from an ``on the street'' perspective. examples of information blocking While it is true that interoperable health information exchange has made great progress in the past 2 years, information blocking by health care provider organizations and their EHRs, whether intentional or not, is still a problem for some providers wishing to use Direct exchange, as well as for these providers' clinical partners who want to be able to exchange Direct messages and attachments with them. Persisting information blocking problems include: Local EHR and provider organization policies. For example, an EHR might require that an incoming Direct message be accompanied by a particular attachment type. No attachment? The inbound message and its files are discarded, often without letting the sender know. Which is very frustrating to relying parties. Clearly this was not the original intent of Direct exchange, which supports virtually any kind of file transmission, with or without an attachment. EHR product design and/or implementation flaws. For example--believe it or not--although certified to send and receive Direct messages, some EHR vendors' products lack an ``inbox'' or ``compose'' button, or other key component needed to allow the user to compose messages, attach files, and so on. Lack of or inadequate product/service support. If an EHR customer can't get service assistance for their product's interoperability functions, this inhibits or delays information exchange set up and implementation for providers seeking to use interoperable health IT. High pricing for HIE-enabled software upgrades. While some vendors include the costs of upgrading from Stage 1 to Stage 2 features and functions, including Direct exchange capability, others make the new features a new cost that practices must bear. Clearly, this hurts the smaller practices more than it does the bigger institutions. Registration and ``whitelisting'' requirements for message exchange. Making exchange partners register with the practice's or hospital's EHR in effect discourages EHR users from engaging in standards-based interoperable HIE. It's a little bit like having a phone that requires each caller to fill out a complicated form and ``apply'' to be able to reach you before you'll accept their call. ``HIPAA doesn't allow.'' Perhaps the most significant problem of all is faced by patients and consumers trying to use Direct exchange to access their medical records, only to be told that HIPAA won't allow them to do so. Patients and consumers ought to be able to be full participants in Direct exchange and partners with their providers in health information exchanges. the role of government to encourage health information exchange In my opinion, the responsibility for assuring secure interoperable exchange resides primarily with the health care provider organizations, not the EHR vendors, and not the government. Health care provider organizations must come to realize that acting in the best interest of patients is to assure that health information follows the patient and consumer to whatever setting will provide treatment, even if that means in a competitor's hospital or medical practice. And they must demand collaborative and interoperable health IT tools from their EHR vendors to make this routine and ubiquitous as a practice in every community in the United States. However, there is a role for government to encourage and incentivize collaborative and interoperable health information exchange. Among the actions that government can take to help overcome the kinds of continuing problems I have mentioned above should be: To continue to shed light on these problems, and work with trade groups, standards and policies organizations, and others to set expectations for interoperability of EHRs and other applications certified as interoperable, especially those that have been federally subsidized within the Meaningful Use programs. Let's ``Finish what we started before moving to more complex solutions that may or may not work.'' To bring better and improved EHR certification processes forward beyond the testing laboratory, so that the utility and usability of interoperability features of ONC certified EHR products in the field becomes part of the public record, and can be used in purchasing decisions. Collaboration and partnership with non-profit trade groups to achieve this goal would be advisable. To accelerate Federal agency use of and demand for open, standards-based interoperable HIE with private sector providers and provider organizations, thereby removing reliance on paper-based mail, fax, efax, and courier for these Federal programs. Examples include Veterans Health Administration referrals to and from private sector medical practices and hospitals; Veterans Benefits Administration health information exchanges with private sector medical practices and hospitals; the use by Medicare, Medicaid, and State agencies of interoperable HIE for communications with private sector providers and provider organizations for limitation of fraud, payment adjudication, claims attachments requests, and other administrative transactions now done via fax and mail. To continue to tie more robust ONC EHR certification and use of certified EHR technology to participation in Value Based Purchasing programs, wherein interoperability and collaboration across multiple organizations in multiple-vendor environments is financially rewarding to providers and their health IT vendors. Demand for collaboration and interoperability is best driven by underlying business models and business cases supported by regulation and oversight. summary Information blocking is a persistent and real problem faced by providers, provider organizations, and patients who wish to share and exchange health information between and among parties authorized to access such information, and to use that information to improve quality and care coordination. Progress is being made, and, at its root the causes of information blocking are not technological or due to a lack of standards for interoperability or EHR capabilities for interoperable exchange. As noted in the ONC Report to Congress on Information Blocking of April 2015,\1\ ``While some types of information blocking may implicate these technical standards and capabilities, most allegations of information blocking involve business practices and other conduct that interferes with the exchange of electronic health information despite the availability of standards and certified health IT capabilities that enable this information to be shared.''--(Emphasis added.) Therefore, attempts to redress the root causes of information blocking must address the unwillingness of some providers and their EHR partners to share and exchange data, and not just the specific problems that may be encountered in making exchanges run smoothly and reliably. In my opinion, that unwillingness originates in the current business models of some health care provider organizations, and the health care industry in general, wherein fee-for-service payment creates disincentives for sharing of health information and rewards information hoarding, or at least the delay of timely information exchanges. Changes to these payment incentives could do much to reward business models where collaboration and interoperability are highly valued, and where the technological capabilities, standards, and infrastructure for interoperable health information exchange now in place would be put to much better use. The Chairman. Thank you. Dr. Black. STATEMENT OF PAUL M. BLACK, MBA, PRESIDENT, CHIEF EXECUTIVE OFFICER AND DIRECTOR, ALLSCRIPTS, CHICAGO, IL Mr. Black. Thank you. Chairman Alexander, Ranking Member Murray, distinguished members of the committee, thank you for the opportunity to share my perspectives on the critical topic of the impediments to health data exchange and the best ways to address them. It is a true honor to be here. You have my written statement, which I will summarize in my remarks today. My name is Paul Black, president and CEO of Allscripts, the largest developer of health information technology, including electronic health records, revenue solutions, population health, and information exchange services. More than 180,000 physicians, including those in 45,000 ambulatory practices, 2,700 hospitals, and 13,000 post-acute facilities utilize Allscripts solutions to connect clinical and business operations within their organizations and throughout their communities. We employ 7,000 team members and have offices in 16 different States, including Illinois, North Carolina, Vermont, Georgia, Massachusetts, as well as people working in all 50 States. Congress and the American people have wisely made the investment in the advancement of health information technology toward a vital goal--confirming that this country's citizens are receiving the best care. Information exchange across vendor platforms and care settings is now required to meet that goal. Tomorrow, connected healthcare networks won't be built by one company or by technologists alone, but by all of us. Allscripts decided years ago to invest in an open approach to connectivity. Our corporate vision is granted in our dbMotion connectivity EMR- agnostic platform, and our philosophy, which has led to the development of a large network of external certified software developers who build apps based on our open application program interface, or APIs. While current narrative on interoperability is often negative, we note that there are many examples of providers who have established community-wide connectivity and who are connecting patients to their records, preventing disease and saving money. Thankfully, with today's technologies, changing EHRs isn't necessary in order to provide medical professionals with access to information, though not all stakeholders have embraced our position that replacing systems is an inefficient way to establish data exchange. There are many factors that need to be tackled ultimately to build an open, connected network of health. No. 1, we need to maximize the standards development, building on progress to date and encouraging adoption of standards-based approaches by everyone. Congress' role is to give stakeholders guidance on what is expected and create reasonable timelines. We need agreement on the so-called ownership of patient data. We need a way to identify each individual patient in the system, which we think is very vital. And last, we need greater transparency in the areas of interoperability and within health IT, and we must achieve this interoperability transparency. It is true that not all stakeholders seem to be equally motivated to make information liquid. Sluggish exchange largely stems from one massive gap, the lack of a strong business case for interoperability in healthcare. The payment system that has been in place for decades does not motivate them to create an interconnected healthcare environment. Recent legislation, such as the replacement of SGR and reform, such as ACOs, are great steps, and continuing to think about the relationship between payments and care coordination can only strengthen this imperative. We encourage Congress to allow recent laws and regulations to play out before additional interoperability legislation is passed. The same advice applies to standards development work. There should be some time allowed for the fine-tuning of existing standards, such as Direct, even when we explore new ones. Congressional attention would be best served in directing ONC to drive consistent adoption in implementation of the standards rather than focusing on the need to create new ones. Last, Mr. Chairman, I note that you said previously that the best way to solve the problems around interoperability would be for the health IT industry to do something itself. I share this view. We have a real obligation here, along with other provider organizations that we support. I feel strongly that this is doable, and I challenge all of my colleagues today to continue working together with us, with you, the provider stakeholders, the ONC, and the patient community that have so much to offer in this conversation until we have achieved success. Thank you again for the opportunity to be here. [The prepared statement of Mr. Black follows:] Prepared Statement of Paul M. Black, MBA Chairman Alexander, Ranking Member Murray, distinguished members of the committee, thank you for the opportunity to share my perspectives on the critical topic of impediments to data exchange and the best ways to address them across the health system. It is a true honor to be here. My name is Paul Black, and I serve as the president and chief executive officer of Allscripts. Allscripts is the largest developer of health information technology for this country's healthcare providers, including Electronic Health Records, revenue cycle management software, and population health and information exchange services. More than 180,000 physicians, including those delivering care in 45,000 ambulatory practices; 2,700 hospitals; and 13,000 post-acute care facilities and homecare agencies utilize Allscripts solutions to connect the clinical and business operations both within their organization and within their community. We employ 7,000 team members and have offices in 16 different States, including Illinois, North Carolina, Vermont, Georgia, and Massachusetts, as well as people working in all 50 states. I was invited here today to speak about interoperability and concerns about information blocking, and as more independent doctors use our software to treat patients than any other commercially available product, I'm pleased to share recommendations with you on this topic. This is important for two reasons: if a stakeholder were to intentionally get in the way of information exchange, (1) it would be bad for patients, and (2) it could be anti-competitive. Period. Congress and the American people have wisely made an investment in the advancement of health information technology, all oriented around one goal: ensuring that this country's citizens are receiving the best possible care--both from a quality and cost perspective. Robust, open information exchange across a multitude of vendor platforms and care settings is critical to ensuring that we meet that goal for America's patients. An increased level of transparency and cooperation is needed to meet this challenge--health information technology developers, caregivers, employers, payers, pharmaceutical companies, health systems and the government must all work harder together to solve this problem. Tomorrow's healthcare networks won't be built by one company alone, or even by health information technology developers alone, but by all of us. Allscripts has been working with healthcare professionals across the spectrum of care for many years during a period in which health care and health IT have evolved at a tremendously rapid rate. The changes that have been required have been challenging--they have disrupted systems that have been in place for decades. But we realize that innovation arises from disruption, and we have embraced it. Several years ago, Allscripts made a decision to invest in an OPEN approach to connectivity--one that is grounded in our dbMotion connectivity platform and a philosophy which has led to the development of a large network of certified software developers outside of the company who build apps based on our open APIs. From North Shore LIJ-- the largest private integrated delivery network in the country--to thousands of independent, single provider practices who make up the backbone of care in this country, we partner with physicians and other professionals nationwide who are taking this opportunity to innovate with us. And while the narrative on information exchange is largely negative in conversations in Congress and in the media, it is important to note that there are many examples of providers who have worked through the process of establishing connectivity and are making it work. These providers are changing lives by preventing disease and saving money. Organizations like Holston Medical Group, which has offered to connect all providers in NE Tennessee and SW Virginia and is already working with Allscripts to facilitate data exchange between 25 different EHR systems used by two hospitals and 1,200 physicians in more than 50 groups (either already connected or in process). University of Pittsburgh Medical Center, which has set up a connected network of 22 hospitals, 4,000 physicians, imaging centers, labs and others using dozens of different health information technology systems. Citrus Valley Health Partners in California, Baylor in Texas . . . that's another 1.5 million patient lives, and the list goes on. In fact, while it is clear there is still effort required, our clients demonstrate every day that information exchange can lead to quantifiable and demonstrable improvements in care delivery. It is true, however, that today not all stakeholders in the healthcare industry seem to be equally motivated to make information liquidity a reality. While the money spent through HITECH and other congressional investments have helped the industry to realize measurable benefits from the rapid adoption of electronic health records--an important success that shouldn`t be overlooked--clinical data exchange is not where it needs to be. There are many factors that need to be addressed for us to ultimately be successful: We need to expand the standards development process, building on the real progress underway with guidance from government and allowing the private sector to continuously develop, adopt and modify new standards; Key constituencies, such as public health registries, labs, State health information exchange organizations and others who are not following available standards in their work, should be required to do so; State laws and regulations must be harmonized, particularly those related to privacy and security, patient consent and other similar topics; Legal and liability concerns among providers about how the data will be used outside of patient care must be addressed; We need to get beyond the focus on how data is transmitted and agree on what and how data is stored; Activation strategies are needed to increase use of health IT by patients and their caregivers, while also generating accountability for their health outcomes; We need a national patient matching strategy--a way to identify each individual patient. This is a real challenge to both robust data exchange and patient safety, and Congress needs to stop blocking progress on this critical issue; and Finally, generally, greater transparency around interoperability and health IT among virtually all stakeholders must be achieved. Beyond all that, though, the sluggish progress we're discussing today most closely stems from one critical deficit: the lack of a strong business case or a true market driver for interoperability. At the end of the day, healthcare in most environments is a business where margins must be considered and the bills paid, and the current payment system simply does not provide appropriate financial motivation for providers to truly be invested in creating an interoperable healthcare environment; this is especially true given that the burden of cost falls to them almost exclusively. Healthcare providers are genuinely committed to providing the best care they can to patients, of course, but in many instances, the common reality of running on only a few days' cash-flow often trumps loftier goals. Much as CMS policy has already had a marked impact on hospital re-admission rates by associating them with payments, creating a direct relationship between payment and data exchange would have the same result. This could be the strongest step taken to create a genuine imperative for interoperability. H.R. 2, the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), is a good start in the right direction, but Congress needs to ensure that alternative payment models envisioned in this reform are rolled out appropriately. The good news is that the expansion of delivery reforms is already motivating accelerated electronic data exchange progress. We see this in ACOs, and demonstrations like the Comprehensive Primary Care Initiative, which Allscripts supports as the technology provider for a very sizable percentage of the participants. Simply put, they create a use case for health IT that focuses on clinical value and less on what level of visit they can code. We have already seen real change result within our client base from new approaches at CMS and within the commercial payer space, and I expect that will accelerate as MACRA is implemented. For this reason, given the volume of new programs that have been and are being rolled out along with Meaningful Use Stage 3, which we expect to push the industry further in terms of interoperability, we encourage Congress to allow the impacts of these recent changes to play out further before additional legislation is passed specific to interoperability. There is an opportunity to see what adjustments providers make in response to the new payment models and what steps they start taking to maximize the new revenue opportunities. Generally, the same recommendation applies to standards development work--it is important that there be time for maturation and the fine- tuning of elements that are already being embraced by the industry (for example, Direct and CDA), and there is no need to toss aside approaches that are working. This doesn't preclude exploring new and innovative approaches in an appropriately transparent manner, but the work done with standards development is not intended to have a lifetime of 2 years or 5 but longer than that so it's important to move thoughtfully. I do understand the eagerness of Congress, the Administration and industry stakeholders to move rapidly because everyone is keen to see the results, but looking to standards as a panacea for the challenges still ahead of us will only result in usability complaints from providers as immature technologies are mandated by the government. Congressional attention would be best served in directing ONC to drive greater standards adoption and consistency of implementation of those standards, rather than focusing on the need for all new standards. Further, it is important to witness what innovation comes from the private sector, generally, in response to the recent legislative and regulatory activity, as well as client requests. There are exciting technologies and services in development now and on the product road maps for the next several years based on what our clients have requested of us, and I think we can all agree that we want to avoid a prescriptive, heavy-handed statutory or regulatory mandate in which the government becomes the de facto product manager for our industry as a whole. Another important consideration in this conversation about information liquidity are the physician practices (small and large) and independent hospitals who have been pressured to move off of their current Electronic Health Record system--Allscripts in some cases--to one used by the large enterprise health system in their area. Sometimes the change is compelled through conversations about referrals, for example; threats not to include people in data networks; or even just a steady drumbeat of pressure, and it's often done under the auspices of increased interoperability. In actuality, with today's technology, changing systems just isn't necessary in order to provide physicians and other medical professionals with access to the information they need. The rip-and- replace strategy emphasized by some in the industry is many years outdated given the advanced data exchange capabilities that are out there. Allscripts' dbMotion platform provides an advanced semantic engine that aggregates and normalizes all clinical content across a connected community into a single view, accessible within whichever EHR the provider uses, to enable them to find relevant information quickly while with the patient. This technology is in use across numerous communities in the United States and overseas, including the entire country of Israel, and in each environment, it's connecting dozens of different vendors successfully and directly changing the care decisions being made because of the additional information that's available. Many people have termed what I just described--the pressure to change systems--as data bullying; others, data blocking because one involved party isn't committed to establishing connectivity between current systems and in some instances, will even put up indirect roadblocks. This raises what I believe to be a fundamentally important issue--what, exactly, is the definition of data blocking? The ONC report on information blocking stated that it occurs when persons or entities knowingly and unreasonably interfere with the exchange or use of electronic health information, but it also notes that the extent to which such information blocking is impeding the effective sharing of electronic health information is not clear because much of the evidence is anecdotal and difficult to interpret. This is an issue that really must be addressed before even implicit data blocking can be addressed. An additional factor at play is the commoditization of data that is occurring everywhere within the industry. Through our partnership with our clients, one thing has become clear. Healthcare is mirroring a trend seen virtually everywhere in business--attempts to access and/or control data are driving many of the dynamics that are being discussed today. The topics that are raised in the meetings I have with clients every day are all about the power of data. ``Big data'', population health, personalized medicine, quality-driven reimbursement and information exchange--each a conversation about data and its enormous potential. Until there is greater clarity regarding the so-called ``ownership'' of the data, this will continue to be a significant factor in negotiations around interoperability. I will note, too, that this committee's use of its oversight authority has had important effects already in driving undesirable behavior out of the industry, and we encourage continued attention in the coming years as health information technology is used not only as envisioned within the EHR Incentive Program but also for other important purposes, such as population health and personalized medicine. Last, Chairman Alexander has said previously that the best way to solve the problems around interoperability would be for the Health IT industry to do something itself. I share the view that we have a real responsibility here, along with the provider organizations that we support, and I feel strongly that this is doable. I challenge all of my colleagues to continue working together with us, with you, the provider stakeholders, the ONC and the patient community that have so much to offer in this conversation until we have achieved success. Thank you again for the opportunity to be here today. Senator Enzi [presiding]. Thank you. We will go to Senator Murray. Senator Murray. Thank you very much. Dr. Kendrick, you have personal experience working with providers in Oklahoma to make sure they are able to exchange electronic health information. I regularly hear from providers about information blocking, and HHS reported to Congress in April that in many cases, they have limited tools to find out when information blocking is actually occurring. To make matters worse, we have heard testimony that in order to use health IT, providers often have to sign contracts that include gag clauses, which prohibit them from disclosing technical problems or unfair pricing. Health IT is certified by the Federal Government because it stores and transmits information that is used to save lives, and users should be able to report safety problems. In your experience, can you talk to us about how easy it is to address unfair and unreasonable barriers to information exchange? Dr. Kendrick. That is a big question. I like to refer to it as ``death by 1,000 cuts'' because there are so many ways that the free flow of information about patients for their benefit can be blocked. The motivations are various. On the provider side, as several of the panelists have recommended, moving to value- based payment models really does a nice job of aligning the incentive of the providers in the patient's favor to make sure that their record is available wherever and whenever it is needed. On the vendor side, however, there are lots of other motivations at play, and to keep it to less than an hour, I would say that perhaps the most critical thing we can do is to get governance for the nationwide Health Information Network correct because until we do, Congress will be dealing with this issue year after year after year. By getting governance correct, I mean getting a body that includes those who receive care, those who deliver care, and those who pay for care to help guide this network. They don't need to have the technological knowledge. They can be supported by vendors and so forth, but that is where you are going to get--that is the eye--that is the right perspective to have in this. They will be able to set policies, because those three perspectives matter. They will be able to set policies that ensure that those contracts are transparent, that ensure that the standards that we have today can be used and that we move when we are ready to the next set of standards. Senator Murray. Do you think we need some tools or protections to ensure that individuals can safely report on unfair market practices without fear of repercussions? Dr. Kendrick. Yes, absolutely. It has only been within the last year that we have begun to leverage ONC's surveillance system, surveillance program for EHR certification. It has made a world of difference. In almost every issue we have filed, because we don't want to waste people's time, and we really--we exhaust every opportunity with the vendor and the provider to get the data moved. Almost every issue we filed has been found to be credible and has brought into question an EHR vendor's certification. Senator Murray. OK, thank you. That is very helpful. Dr. Kendrick. Sure. Senator Murray. Dr. Kibbe, let me turn to you. You testified that it is important for providers to have good information about how electronic health records worked in the field. In particular, you noted that information from this type of real-world testing could improve the purchasing decision of providers. Dr. Mirro also testified that ONC should support a strengthened in-the-field surveillance program and that technology developers must disclose additional fees they charge for sharing information between providers. I was actually glad to see the administration propose to include those two policies in their 2015 certification rule, but what types of information do you expect in-the-field surveillance to cover? Dr. Kibbe. Yes, so thank you. My comments would very much piggyback on David's comments. The confusion in the marketplace now among providers and provider organizations with respect to what their products are supposed to deliver in terms of interoperable exchange and particularly via Direct is a big problem, and there is no place where provider organizations can go to see how a particular product operates in the field. I mentioned that some of them are very good. Their products and features are familiar. People can begin to use them without any training. There are others where they don't even have an inbox for the messages to be sent to, and obviously, they can't operate very well if they don't have those features. That is the kind of information that the marketplace needs to make better decisions, not necessarily because they want to switch their products to another product. They don't necessarily want to do that. They want their product to be better. Senator Murray. Right. Dr. Kibbe. This would put pressure on the marketplace and end that confusion. Senator Murray. OK. I really appreciate that response, and I need to go join Senator Alexander at Appropriations markup. We are going to keep this hearing going, but I appreciate everybody being here, and I will be back shortly. Senator Enzi. Thank you. Since Senator Cassidy also has to go to another meeting, I will defer my turn for questions to him. Statement of Senator Cassidy Senator Cassidy. Thank you, Senator Enzi. Dr. Kendrick, you are very explicit, saying that there are companies which hide functionality in order to basically bill for the same thing. You do not mention the company. Which company is it? Dr. Kendrick. This particular company was eClinicalWorks. Senator Cassidy. eClinicalWorks. Mr. Kibble, you also spoke specifically of companies blocking and imply that it was not justifiable. Which companies are they? Because I meet with these companies, and they deny it. They are saying we are not doing it. It has been a little bit hard to get people on the record so that when I meet with them I can channel you into that discussion. Mr. Kibble, can you kind of comment on who you see the offenders as? Dr. Kibbe. That is Dr. Kibbe. But that is OK. Senator Cassidy. I am sorry. I can't see your thing. I apologize. Dr. Kibbe. That is all right. Yes, I think that it is no secret in the industry that there are two companies in particular, electronic health record companies, very leading companies, Epic and eClinicalWorks, which both have over the course of the years, even before Direct exchange, developed their own proprietary messaging systems. One of the reasons why they have perhaps found it difficult to adopt Direct for their customers is because of their business model. I respect that business model, but I also feel that it is important for them not to create the problems in the marketplace that Dr. Kendrick has mentioned. I would also mention that eClinicalWorks is a member of DirectTrust, and we are working with them on this problem. Senator Cassidy. I met with Epic, and they deny information blocking. They say that they no longer require transfer fees and that if there is an issue of information blocking, it is because, oh, the hospital in Montana doesn't know that the hospital in Baton Rouge is a member or da-da, da-da-da, and I can make a very plausible argument. What should I ask them next time if I am in the room with them, and you were to give me the question to ask? Dr. Kibbe. Yes, I would ask them what are their customers telling them, asking of them? Because I know for a fact that their customers are putting pressure on them to be more transparent and easier to work with other vendors' products. Senator Cassidy. That does not necessarily imply a business model which is information blocking. It could just suggest that the technology of their software is not meshed with the technology of the others. Is that a fair statement? Dr. Kibbe. Yes, and I would not say that either one of the companies that I have mentioned has a business model based on information blocking. That is not what I am saying. I am saying that they have in some cases implemented Direct exchange in ways that benefit their customers, but not necessarily exchange partners outside of their own customer base. Senator Cassidy. Dr. Kendrick, you are the guy, frontline man, with all these FPs. What would you add to this? Dr. Kendrick. It would be nice to have a metric of interoperability, some way to measure, for example, in what percent of a patient's visits was there a complete record available from all sources. If we had that, then we could actually put a number to it. We don't right now. I would really encourage us to get to that point because then you could really quantify. I can say that, yes, sometimes the provider is user involved, but generally when value-based payment models come to town, that shifts. With the vendors, we have noticed some change in the last few months--probably as a credit to these hearings and as a start. Senator Cassidy. Let me interrupt because I am almost out of time. Dr. Mirro, you spoke of something. I am a physician. I still practice, and I have a young resident working with me now who points out some literature that an intern spends 40 percent of her time documenting and only 8 minutes per day per patient. That just blows my mind, 40 percent documenting, 8 minutes per day per patient. The patient should feel cheated because the patient has been cheated. You mentioned, Dr. Kendrick, let me bounce off the two of you, that we should have no more standards. I am thinking we should have a standard that the electronic medical record is at least as time efficient as a paper record because, otherwise, we will not have 15 minutes with a patient, we will have 6 or 7. Dr. Kendrick. One option I have raised is that---- Senator Cassidy. Dr. Mirro, I haven't heard from you. Dr. Kendrick. Oh, go ahead. Dr. Mirro. Yes. Actually, well stated. I could tell you that in the field so that the fundamental problem is these systems all suffer from the fact that they are built on administrative datasets. Their meaningful use has really been a catalyst for charge capture revenue cycle management, what the systems are based on, and not clinical data capture. A lot of the systems then have to be morphed or redesigned to collect clinical data. Senator Cassidy. I am out of time. Let me just interrupt. If we separated billing or charges from clinical data, that could make efficiency and make it more work for the patient? Dr. Mirro. Also user-centered design. I think the systems are built by software developers, and they are easily usable by a software developer, but they are not easily usable by clinicians. We need to have more user-centered designed built in the system. The vendors do know this and are working for solutions. This is not volitional, but they do know who their customer is, and their customer is usually the CFO of the health system. Senator Cassidy. Got you. Dr. Mirro. It is not a patient. It is not a doctor. It is the CFO. That is who they are selling to. That is why they are designed the way they are. Senator Cassidy. Thank you very much. I yield back. Senator Enzi. Thank you. Senator Franken. Statement of Senator Franken Senator Franken. Thank you, Mr. Chairman. I am going to pick up a little bit where Senator Cassidy started. Dr. Kendrick, you noted in your testimony that the biggest obstacle that your members face in trying to share patient data across payers and providers is liberating data from their EHR systems. I have asked a number of my constituents about information blocking. Is it happening? Why? Who is to blame? I have gotten very different responses, depending on whom I am talking to. A common theme I picked up on is that those healthcare providers who are using the same EHR don't think information blocking is happening, even when they are part of competing health systems, and the information blocking example No. 5 that you have aptly named ``EHR at the center of the universe'' helps explain this. If one EHR vendor is designing a technology that is not completely compatible with other systems and using its market clout to pressure providers to buy its product, doesn't this raise some serious legal concerns about anticompetitive behavior? Dr. Kendrick. I am no lawyer. I am just a doctor. Senator Franken. Humble. Dr. Kendrick. I find it ironic that large vendors who claim huge amounts of interoperability are primarily exchanging data with themselves, with other installations of their own product. There needs to be some truthiness to that. Senator Franken. I want to ask you another question that was kind of in your answer to Senator Murray. Because your testimony also highlights the new healthcare payment and delivery systems, those models, the success that they have had in incentivizing the coordination of information and improving health, the coordination of patient care, and in eliminating market incentives for providers to hoard their patients' health data because they are being paid for outcomes. Based on this experience with the Comprehensive Primary Care Initiative that you write about, a multi-payer medical home model being tested by CMS's Innovation Center, how can we focus more on these value-based reforms instead of just compliance with meaningful use? Dr. Kendrick. I am glad you asked that. Earlier, the comment was made that perhaps we should delay Stage 3 of meaningful use, and I want to make sure it is clear that there are actually two programs. There is the meaningful use program, which affects the doctors, and there is the EHR health IT certification program, which moves forward the technology. I would certainly say that the technology needs to continue to move forward, but that the rapid deployment of these value-based payment models may well help to accomplish the things that were intended in Stage 3 of meaningful use anyway but will do so with the full and vested interest of the providers being onboard. I would not want to slow down progress on the technology side because the EHR vendors certainly have some ground to cover, especially to support value-based payment models. If we can get the accelerated adoption of value-based payment models, the providers will be very much in support of interoperability. Senator Franken. In Minnesota, we like value-based models because we are good at them, and we kind of lead the country in that. I want to keep incentivizing--I want to keep implementing those as smartly, as intelligently, but as quickly as we can and robustly as we can. We were getting to talking about standards, and I think there is some dispute here about whether the industry does its own standards or whether the Government dictates these standards, but can't we put in standards for operability, interoperability? What is the dispute here? I mean, why? Can I hear both cases? I know I am out of time. Mr. Black. I will take a swing at that. The Government has put standards in place, which we have been talking about today, about what is required inside of, if you will, a packet of information that goes back and forth from an Allscripts system to a Cerner system to an Epic system. Those standards actually have a great deal of information that make the exchange of that information possible and make that important to be consumed by the caregiver. What we are working on and what I think that the debate is about is, there is an electronic exchange of information. If people are blocking that, punish them. They should not do that. The standards allow us, even if someone is trying to block that, for us to auger in and get that data out anyway, and then we can liberate or emancipate, or whatever the word is going to be, to go get that data. We actually do that each and every day. We connect to over 350 different electronic medical record systems in the United States. ONC certified a lot of systems to be certified for MU2--MU1 and MU2. We connect to over 350 of them in practice today. That is an important thing to get the connectivity done. Once you have them connected, however, you have to put the context of the way it was connected in practice. Senator Franken. Sorry to cutoff your answer, but I am way over my time, and if there is a really short response to that? Dr. Kibbe. Yes, one very short response is finish what we have done before we do something new. I think that is what you are hearing pretty loud and clear here. We have got standards. We have infrastructure for the use of those standards. It is working. It could be better. Don't go off and do something entirely new until we have got that job done. Senator Franken. OK. Thank you. Sorry. Sorry, Mr. Chairman. Statement of Senator Enzi Senator Enzi. It is OK. I would remind the Senators that you can submit questions. These people have agreed that they would handle ones in writing. That is part of testifying, and that gives us an opportunity to ask even more technical questions that might bore the entire audience. I am used to doing accounting hearings. [Laughter.] I understand that. This whole topic fascinates me. I have been on the High-Tech Task Force for a long time, and when we first started talking about interoperability, we talked about Australian railroads. How, when you get to the middle of the country, you have to change from one train to another because the railroad tracks are different sizes where they meet up in the middle. We wanted to make sure that with health IT that the railroad tracks would meet, and people would have access to information. I have kind of a science fiction version of what we need to achieve in all of this, and I picture the day when I would be able to have a card in my wallet that has every bit of my medical information on it, every X-ray, every MRI, everything. That would be a lot of data, but I have watched what the data transition has been. I would even have access to this card so that I could record trips that I went on or bug bites that I got or falls that I have had so that any doctor that is taking care of me would have access to all of that information. It wouldn't be a matter of them getting a hold of somebody to have the record transferred. I once fell down and had a bad ankle, and I got an X-ray. They said there wasn't a problem, but a few days later, I was in Wyoming, and I was still having a problem. So, I went to the doctor, and they said, ``Well, we will have to do an X-ray.'' I said, ``Oh, no, no. I had an X-ray.'' They said, ``Well, it would be too hard for us to get that one. We will have to charge you for another one.'' I have a whole series of questions here that I am not going to have a chance to ask. I will be submitting questions. Dr. Kendrick, I was particularly interested in your comments about the need for a lemon law, and I won't have you expand on that at this moment. Instead, I would like to know what you see as some of the incentives now for information sharing across providers and settings and how the market responds to that? How do you see vendors responding to these market forces? Dr. Kendrick. I think the message we get from our providers, as we try to connect them--in fact, I was on the phone with a physician group just yesterday kind of arguing with their vendor about the $40,000 fee and the 9-month timeline to get the interface built. I think the providers have bought in. They are ready to do value-based payment models, but they can't get their technology to keep up with them in moving that direction, which is why I cautioned against slowing the certification process. Even if MU3 was to slow down, the certification and the improvements in technology need to continue because I do think that the vendors have a big job. They have got a huge job, and they are critically important. At the end of the day, they are serving those who deliver care and receive care and need to meet their requirements. Senator Enzi. Dr. Mirro and several of you mentioned the need to have Stage 3 delayed. There is a security component here. Do you think your patients understand what data you have access to and what the protections might be for them and their personal health information? It is a difficult balance in some of these situations, but what risks do you see? Dr. Mirro. Certainly, the privacy and security concerns are of utmost importance to patients and that we certainly do everything we can to protect their personal health information. A lot of my work is focused on delivering content to patients and in a secure fashion, specifically from remote devices, as I had in my testimony. Patients are concerned about the privacy security. There is the encryption and secured file transfer protocols that certainly, as of today, seem to adequately protect the patient's information and particularly when we transmit this data to what we call a personal health record, where the patient can virtually store all of their information and access it. Right today, we do have adequate security privacy. Could it be better? Absolutely. I am not a cybersecurity expert. I am just a doctor. There are people working on this, and I think that everyone is concerned about the privacy security. Dr. Kibbe. My concern is data hackers will have Senator Enzi's collection of data before I will have it or the patients will have it at this rate. Security is a big problem, and it has to be dealt with on a very, very strong basis going forward. I do think we are doing a pretty good job in terms of transport. Direct exchange is encrypted and identity validated before the exchange can go back and forth. That is not as much of a problem. The issue around Stage 3 meaningful use, and I would agree with Dr. Kendrick on this, is that we don't want to put any barriers to innovation in health information technology in the standards development. We do--and I am speaking for the American Academy of Family Physicians now, we do want to delay Stage 3 meaningful use until we get the merit-based incentive payment system reorganized to go forward because there should be alignment between those payment--those value-based payment systems and whatever happens with respect to further development of meaningful use. Right now, I think your providers are saying, wait a minute, there is almost no relationship anymore between many of the objectives and metrics in Stage 3 meaningful use and the payment systems that we are being asked to comply with and to do well under. Dr. Mirro. I just wanted to make one other comment. If we had update the HIPAA Act and unique patient identifier, that would help. Actually, not just the unique patient identifier but have some two-factor authentication, such as facial recognition or retinal scan. Patients, we will clearly know that we are dealing with the patient. We have that matched adequately. The vendors spend a lot of effort and resources in probabilistic matching, which is also a problem with any kind of health information exchange. Senator Enzi. Thank you. My time has expired. Senator Baldwin. Statement of Senator Baldwin Senator Baldwin. Thank you. I want to thank the Chair and Ranking Member for this entire series of hearings. They have been very instructive. I also want to say that as a fellow member of the Appropriations Committee, I withheld going down there. Please excuse me when I depart immediately following the questions and I may submit some for the record in addition. I absolutely share the Chairman and Ranking Member's commitment to finding the way to address deliberate data blocking. There are a couple of questions that I wanted to get into, starting with Dr. Kibbe and Dr. Kendrick. In your testimonies, you suggest that we need to increase transparency for all stakeholders to help address some of the problems that we see with data blocking and promote interoperability. I wanted to get a little bit more granular about how we create this transparency. What exactly needs to be measured and reported by healthcare providers, as well as obviously by EHR vendors, for us to determine if data blocking is occurring or if progress is actually being made? Dr. Kibbe. I will take the first crack at that. One thing that was very, very useful when e-prescribing was being integrated into electronic health records, and what we are seeing now is analogous to that in some ways. We are seeing health--Direct information messaging and transport of files integrated into electronic health records. One of the things that would be very helpful, which was done with e-prescribing, is for people to actually see the software. Is it immediately easy to use? Is it familiar? Are pieces lacking? Et cetera, et cetera. This was done with e-prescribing largely because of the industry's backing of that. I have been a proponent of getting our industry to do the same thing. That is one example. Senator Baldwin. Transparency with technological capabilities and software is part of---- Dr. Kibbe. Yes. Senator Baldwin. OK. Dr. Kibbe. Being able to see what you get and what you would buy if you used it. Senator Baldwin. Dr. Kendrick. Dr. Kendrick. There are three things. No. 1, the section of contracts dealing with interoperability needs to be transparent, at least that part, because there are so many hidden things in those contracts. No. 2, the process around surveillance should be transparent, at least when a complaint is found to have merit. Everybody is innocent before proven guilty in that model. And No. 3 is, I alluded to earlier, we need a good metric for interoperability, a measure or two, a number that we can look at. We have got a couple of numbers we use in our health information exchange, which are a little bit complex to go into here, but I would be happy to share details on those. Senator Baldwin. If you would, I would love to have you answer that in more detail because obviously, transparency and metrics is going to be helpful. I suspect in some of the data gathering that you are talking about, we are going to be comparing apples to oranges, and we will really need to figure out a way to make the data that is, we hope, provided in a more transparent way relatable to one another. There has been a number of folks who have talked about how a move to value-based payment models is going to improve the very topic that we are talking about. I wonder if you could just take a moment, given that there are acknowledged instances where it is the healthcare providers that are unwilling to share the data because of economic incentives. If you could sort of walk through why our current fee-for- service system discourages and other similar business models discourage health systems from exchanging data, and whether in our payment system reform that is ongoing and we certainly will receive a lot of future attention, what Congress could be doing to help address that aspect of data blocking? Dr. Kibbe. In a word, risk. Because if you don't have risk for patient outcomes, then in a fee-for-service model, we duplicate tests. We don't coordinate care very well because we are not responsible or held responsible for the costs that are incurred when the handoffs are made poorly. Senator Baldwin. In fact, sometimes rewarded for that? Dr. Kibbe. We are sometimes rewarded. In most communities in America, the healthcare system is multi-vendor. There are Allscripts and Epic and Cerner and eClinicalWorks, and all those different vendors are out there. There are people who don't use electronic health records at all, like home health, for example, or long-term care facilities may not have those. What happens in a community that is starting to do accountable care is they recognize they have got to connect with all those people. Therefore, collaboration and interoperability becomes a must, not a nice to have. Dr. Mirro. Could I comment on that just for a second? Because we are in a fee-for-service system, the systems are designed around charge capture, as I mentioned, in administrative datasets. Whereas, if we would go to a value- based purchasing model, now the system is really focused on clinical data capture. They become much more usable by clinicians. The nurses and doctors are all struggling on the usability issues of these systems, and the reason is it is a reflection of the payment model. Senator Baldwin. Thank you. I will submit additional questions for the record. The Chairman [presiding]. Thanks, Senator Baldwin. I am going to wait until the end. Senator Bennet will be next. Statement of Senator Bennet Senator Bennet. Thank you, Mr. Chairman. I appreciate the hearing very much and the testimony of all the witnesses. It is obvious that there is a lack of adequate oversight when it comes to the adoption of interoperable electronic health records. Ultimately, it is the providers and patients who suffer the most. In Colorado, I have heard both rural and urban providers complain about the cost, the time, and compliance issues they have had with electronic medical health records and the vendors. Dr. Mirro, in your testimony, you discuss the lack of governance around who is in charge of making sure that these electronic health records are interoperable. You also discuss our inability to take action against vendors who make interoperability difficult for providers and patients. To you and the other panelists, who should be in charge of this process, and what additional steps should Congress take to make that happen? Dr. Mirro. I think ONC should provide that surveillance oversight, and Dr. Kendrick gave some examples of that. We need to have more transparency about the surveillance system and which vendors are really on the watch list, if you will, so that health systems and clinicians can connect. You see what is going on. The system that is in place just needs to be strengthened. I don't think we need to develop a new system. More transparency on the process and also exposure of the few bad actors. Because I think, far and away, the majority of vendors are actually all trying to do the right thing. They are definitely concerned about patient safety and personal health information and protecting that and behaving the right way. We could do more to just encourage that. A surveillance system that is working and functional would help improve that. Senator Bennet. Does anybody else have a view? Mr. Black. We are also getting together as a vendor community where we are building our own standards for the patient identification issue that is important for all of us. Identifying the correct patient is a big piece of making sure that as a clinician, I actually trust the source system that is sending me clinical information about somebody. If I have a doubt about the fact that it is really Bob Jones, I probably won't administer the care that I think they deserve based on the information I received from a source that may not be 100 percent verified or trusted. We are getting together through different organizations in order to come up with a set of standards by which we can identify at a national basis the patient, and we are doing that independent of any regulations or, excuse me, independent of any Government oversight. We just think it is a problem that has to get solved. It is a problem that has been punted down the road, and we are saying it needs to be done. Dr. Kendrick. I run a nonprofit health information exchange, and we have tremendous success in addressing some of these issues. Our governance is those who receive care, those who deliver care, and those who pay for care. Everyone else is supportive to those three types of stakeholders. Those perspectives, I believe, are the ones that matter and the ones that should be guiding these efforts. Senator Bennet. On behalf of the providers in my State and those that all of you represent who face a multitude of requirements and compliance issues around electronic health records, what do each of you think is the most important thing for us to understand from the provider's perspective when crafting and making changes to the current health IT policies? Mr. Black. I spend a lot of time on the road with our clients, and they are very concerned about the comment that was made earlier in these proceedings about the amount of time that they spend entering data into the system. Was that data important about the care of the patient? If it is administrative data, if it is data that be compliant with a set of administrative things that were, if you will, ``pushed down by the Government,'' that is where they complain. It is not always apparent to them that these things that we are collecting are important. There is a lot of quality information that we are collecting that are important. It may not be important to their specific practice, but it is important to that population that they serve both from a quality metric standpoint, but also from a future research basis, which, depending upon who you talk to, which constituent you are working with, that may not be as obvious to them at that time. Dr. Kibbe. Yes, what we hear is it has been too much, too fast, with not enough time to reflect and to digest the things that we have learned about what works and what doesn't work. That is really the bottom line. That, and focus on the issues that are really important and are relevant to future value-based payment systems. Those are roughly, in order of importance, interoperability, the ability to report on outcomes and report on quality, and third, security. Those are the three critical issues that we need to pay continuing attention to before we go off and do a whole lot of other things that may be very worthwhile, but are too much, too fast, and without enough resources and time to digest it. Dr. Mirro. As a physician who does provide care to patients, I can tell you the usability issues, as Paul pointed out, are huge in every system. We have to get that right, and it is because there is too much time in documentation to satisfy meaningful use. It has deteriorated the quality of the office visit for the patient. We are spending more time with documentation. You are turning very highly trained clinicians into clerical people, basically. That is what happens. One of the unintended consequences of this, shortage of healthcare in rural America. I live in a rural area. The health system I work for has seven hospitals, but we are very close-- we are in farm area, and the older physicians in these rural towns are just retiring at a rapid rate. It is accelerated by just this very fact. We need to do usability testing in some way in the certification process. Dr. Kendrick. I would just add one thing. I completely agree with my colleagues. The one thing I would add, though, is in these new models of payment, physicians are increasingly being judged, and rightfully so, by the satisfaction their patients have with their care. It might be time to have satisfaction scoring for the vendors. Senator Bennet. Thank you, Mr. Chairman. The Chairman. Thank you. Senator Whitehouse. Statement of Senator Whitehouse Senator Whitehouse. Satisfaction scoring for the vendors, they would love that. Thank you all for being here, and thank you for this hearing, Mr. Chairman and Senator Murray. I really appreciate it. A quick question to begin with. Dr. Kendrick, you mentioned hidden things in the contracts. There were reports to ONC that gag clauses in some of the vendor contracts prohibit the provider from actually complaining about what is wrong in the contract. Can anybody on this panel see a single reason why those contracts should have gag clauses in them? Mr. Black. I cannot. Dr. Kendrick. No. Senator Whitehouse. Four noes. OK, let the record reflect that. Thank you very much. Mr. Black. You are welcome. Senator Whitehouse. I am concerned about the meaningful use program having kind of outlived its original usefulness, and to the question of how it might be redirected, there are two things that I hear a lot from my home State. One is that there has been precious little support for health information exchanges compared to support for and testing of doctors and whether they have got the equipment running on their desk right. That makes it kind of a bank shot, to use a pool metaphor, at supporting health information exchange when, in fact, if you have really vibrant health information exchange, it becomes an almost inevitable part of anybody's business model because it is working well. I think we have got it upside down between the extent to which we support health information exchange versus the extent to which we put mandates and responsibilities and equipment and credits and everything onto doctors' desks. The second is that two of the key transactions in the healthcare equation, one is the loop between skilled nursing facilities and hospitals, which is a very unproductive loop. The second is patients who have significant behavioral health issues for whom necessarily their behavioral health provider is their medical home because it is their behavioral health provider who makes it possible for them to negotiate the rest of the system. Leaving out behavioral health and leaving out skilled nursing facilities seem like very significant oversights. Starting with Dr. Kendrick, I would like to ask you to comment on--I know you run an HIE, so I am particularly interested in yours. We have got a really good one in Rhode Island. Laura Adams runs CurrentCare very, very effectively, and we are pretty much out front with you guys on this. I would be interested in the panel's thoughts on those two questions. If you could just keep them brief and fill in later, I have got another question I would like to fit in, too. Dr. Kendrick. OK. I will try to be brief on these. One, transitions of care are critical. Agreed. Senator Whitehouse. Particularly those skilled nursing facility and behavioral health omissions. Dr. Kendrick. Yes, particularly those. One thing we need to recognize, at least as a clinician, when I write an order to transition a patient from one place to another, that is generally the action that makes it happen. That is an order. Currently, we don't track that as an order, right? We fax something somewhere or we send a secure email somewhere, but I don't know what happened to it after it got sent. I don't know that it got--the patient showed up. I don't know that the loop got closed and the record got back to me. I would recommend that we shift our thinking around transitions of care to start thinking about them as an order that gets tracked with a status, just like a prescription or a lab test or anything else. Senator Whitehouse. Should we move our focus more toward health information exchange support, as opposed to---- Dr. Kendrick. That would be the appropriate clearing house, so to speak---- Senator Whitehouse. For that? Dr. Kendrick [continuing]. For those orders, I would suggest. Senator Whitehouse. Got it. Dr. Kendrick. Your second question, your second question was about--remind me. Dr. Mirro. Behavioral health. Dr. Kendrick. Oh, behavioral health. On behavioral health, we have actually---- Senator Whitehouse. Why are they outside of meaningful use when they, in fact, are the medical home for---- Dr. Kendrick. Right. Senator Whitehouse [continuing]. That set of patients? Dr. Kendrick. We have most of the community mental health centers in our State connected or connecting to the health information exchange, despite the fact that we have to jump through incredible hoops to meet the provisions of 42 CFR that permit--that prevent certain data from moving---- Senator Whitehouse. We are doing it, too, and it is a nightmare, and it is not supported by the meaningful use program. Dr. Kendrick. It is really--if you could fix something, please fix that. Senator Whitehouse. OK. Dr. Kendrick. Because those patients are getting cheated. Senator Whitehouse. I am about to be out of time. Let me offer two things. One, I share the experience that Senator Bennet had of going around my State and having doctors' offices, having hospitals, having skilled nursing facilities, having people say, ``Oh, my God, what a nightmare to go to electronic health record.'' If you ask them the next question, ``Would you go back?'' They all say, ``Oh, my God, no. Thank God, we got through that.'' Mr. Black. Right. Right. Senator Whitehouse. ``But this is really a big, big improvement for us.'' While it was painful, it was--I am getting a lot of nodding heads from the panel as well. The second thing is that I heard what Mr. Black said about the quality reporting and the burden of that. That is really important, and I would suggest to you that it has a patient component as well. If we load up the system, as I think we have, with a whole broad array, a multiplicity, a babble of quality reporting, then it creates a huge burden for the doctors who have to meet the regulatory burden. Also it blunts or blurs any kind of a public signal that doing badly on the quality reporting ought to on occasion. Somebody comes up with a really bad quality report on something, and the next thing they are saying, ``Yes, but I got these other five really good quality reports.'' Mr. Black. Right. Senator Whitehouse. The whole thing just turns into a mess. I would encourage you and ask it as a question for the record to make recommendations on how we could simplify the quality reporting so that it has real consumer impact, in addition to any questions about undue regulatory burden. Mr. Black. There are a lot of quality ratings that are out there today. There are star ratings that are out there that are actually pretty effective at being able to do that. You can rate the institution. You can rate the provider. You can rate the organization. There is actually a fair amount of that data that are out there, and that data wouldn't come across again had you not done the broad mass adoption of these systems. That is what MU1 did. While it was tough, while it was hard, while $30 billion was spent, there is no way we could have these conversations about any of the rest of these things, including HIEs, if they--they have to connect to something. They have to connect to the electronic medical record that is in that doc office or that hospital. To me, that was a great amount of money that was spent, a lot of time and effort. But you hit the promise of this, which is that you can interconnect these. You can get data. You can get quality information. And you can rate them. Over time, because of a consumer focus, there will be a lot of transparency on these data that are going to force additional changes in behaviors from providers and organizations in order to become more relevant to consumers. Senator Whitehouse. Thank you, Chairman. The Chairman. Thank you, Senator Whitehouse. Mr. Black, who owns my personal healthcare information? Mr. Black. You do. The Chairman. Thank you. No. 2, is there a consensus or are there surveys about the actual percentage of time that physicians spend on documentation? Anyone know of that? Dr. Mirro. I could probably answer that. Actually, I am part of a Federal grant that is coordinated by the University of Nebraska, and there are several sites. Duke University, University of Nebraska, Christiana Healthcare in Rhode Island is participating also. The Chairman. Do we know what the percentage is? Dr. Mirro. Yes. It is, at least from that experience, the data that we have, preliminary data because we are in the midst of this grant, we are spending well over 15 minutes per office visit. We have a 15-minute office visit. There is quite a bit of variation between individual clinicians, right? We have some high users that maybe will only spend 5 minutes documenting. The Chairman. So 30 percent? Dr. Mirro. At least 30 percent. The Chairman. Do any of you know of any other surveys, reputable surveys about the time doctors spend? Dr. Kendrick. I can't give you anything reputable, but I can tell you my department, my academic department runs the electronic health record system for the university. The majority of notes are signed between 10 p.m. and midnight. The Chairman. Yes. Dr. Kendrick. That is the busiest 2-hour window for documentation. Dr. Kibbe. It is a real problem. The Chairman. Mr. Black, of the people you work with, do you have any idea? Mr. Black. It depends on the specialty type. In some cases, people will say they are actually faster with electronic medical record, and other people will say it takes them more time because of the charging of the other documentation that is provided, and they actually are doing it versus, as was said earlier, perhaps a clerical staff. The Chairman. There has been some discussion about delaying meaningful use 3, about whether it is a good idea, whether it is a bad idea, whether to delay part of it, whether to delay all of it. I would like to ask each of you if you would summarize for me what you think the answer to that question is. Assume you were Secretary Burwell and you had it within your power, and you are looking ahead, and you are saying, ``OK, we have two big rules coming down in September or so,'' which are going to establish the rules of the game, which will be implemented, which will go into effect, what, in a couple of years, something like that? Mr. Black. Correct. The Chairman. You have Mayo Clinic, as I mentioned earlier, saying, ``all right, we are going to spend $1 billion over the next 4 years, 500 employees, to finish the job.'' You have others saying, ``we are terrified by the prospect'', and you have half the docs not--paying penalties rather than participating. What would you move forward with, and what would you slow down in not to stop electronic healthcare records, but to gain the largest amount of buy-in and most effective use of it so that providers look forward to using it rather than dreading it? Then if you--and then after you are through, if you have time, if you would send me your written suggestion for that, that would be helpful to me. Dr. Kendrick, can we just go down the line? Dr. Kendrick. Sure. I indicated earlier that meaningful use, in my mind, is separate from the EHR certification program, and I very much would recommend against slowing down the EHR--the advances in the EHR health IT certification program. There are some--there were important gaps---- The Chairman. Because vendors need to be--and others need to be able to rely on that and go ahead and do their work on that. Is that right? Dr. Kendrick. Because we still--we have all heard we need improvements in workflow, and we need improvements in other components. In particular the next round of certification requirements, as proposed, fix some specific holes in interoperability that were in the last round. The Chairman. OK. Dr. Kendrick. That I would proceed with. I tend to agree, though, that when major programs through MACRA and others are coming down the pike, it would be great if we could synchronize those efforts, have one set of measures, have one approach. I would only add one additional item, and that is these new payments models, this approach we are taking depends heavily on assessing value correctly. That means measuring value correctly. Our current architecture will measure value in a single practice, and the same patient can appear in several different doctors' measure, right? What we care about as a nation is what is the health of an individual, and is it being improved? To do that, we have to measure at a higher level with the patient's complete record available. I recommend that that needs to be a part of things going forward, or we will miss the boat on value-based payment, and we will be arguing over measures that aren't valid. The Chairman. Dr. Mirro. Dr. Mirro. As I testified, we want to delay Phase 3 meaningful use in its entirety. Phase 2 only---- The Chairman. Does that mean including the certification standard? So you disagree with Dr. Kendrick on that? Dr. Mirro. I actually do agree with Dr. Kendrick on the certification side. On the eligible provider side, I am referring to, we definitely need to delay Phase 3 meaningful use. Phase 2 we only have 11 percent of eligible providers attesting right now. We have to actually analyze the impact of Phase 2 meaningful use on improvement and care and its impact within the efficiency of the health system because we have created incredible inefficiencies, as we have just discussed, with usability and workflow issues. We really have to digest the impact of Phase 2 meaningful use and continue to strive to simplify the requirements. The Chairman. Dr. Kibbe. Dr. Kibbe. Yes, we would recommend an immediate moratorium on Stage 3 until Stage 2 is fixed. I agree with my colleagues in the sense that there are parts of Stage 2 that need to be fixed and improved so that more providers and eligible hospitals can participate in Stage 2 before we go on to anything called Stage 3. In particular, the certification needs to be focused on and made better. Interoperability needs to be focused on and made better. The quality reporting we have talked about needs to be made better, and the security side of Stage 2 also needs to be fixed. The Chairman. Fix Stage 2 before we move on to Stage 3? Dr. Kibbe. Indeed. The Chairman. Mr. Black. Mr. Black. It is important that there is a bunch of information that is going to be gained out of these electronic medical records that are going to be further extended by MU3. I would suggest that we keep on the path we are on. We think it is going to be in the 2018 timeframe. That is a long time from now. I need time to prepare for that, and so the sooner that we can get the specifications. We have to be done with those and get certified prior to these folks rolling them out. For me, it is important to get advance notification. There is a lot more patient information than patient benefit, the consumer benefit as a result of some of the regulations that I have seen around MU3. I also think from an interoperability standpoint, there is a lot of API exposure that we welcome the rest of the organizations to be exposed to. The Chairman. API exposure? Mr. Black. Yes, sorry. There are requirements in there for all vendors to expose more of their application programming interfaces. Allow third parties to innovate on top of platforms to allow other people to be able to go in and extract data out of their systems. That is what we do today. The Chairman. Build that for---- Mr. Black. That is a piece of the proposed legislation that we would support as well. We think it is good for America to have access at a detailed level to electronic medical records versus being reliant upon a specific vendor to give that to you. The Chairman. Thank you. If each of you could, even if it is just 1 page, just say if I were Secretary Burwell, here is what I would do this fall, that would be helpful to me and to other Senators. Senator Cassidy wanted to ask another round of questions, and he knows a lot about the subject, and I thought that was good. Why don't we--I will go first to Senator Murray and see if she has questions, then to Senator Cassidy and if Senator Whitehouse has some. Then we will conclude the hearing. Except, Senator Enzi, you may have---- Senator Enzi. No, no, I have learned as much as I can handle right now. [Laughter.] Mr. Black. Any accounting questions? The Chairman. All right. We will start with Senator Murray. Senator Murray. I would just submit any additional questions, but I do really do appreciate this panel and the information you are providing us. It has been a lot. We appreciate it. The Chairman. Thank you. Senator Cassidy. Senator Cassidy. Mr. Black, when we spoke earlier, and you mentioned how you all have apparently your product, semantic interoperability. Mr. Black. Yes, sir. Senator Cassidy. Wherever you go as a patient, there is an integration of the blood pressure in a standard format. You also mentioned in an earlier conversation that one person may mention weight in kilos, and the other person in inches, and the other person in feet and inches. How can you get--I am just asking, how do you get semantic interoperability? Because we are told we have to have a standard---- Mr. Black. Right. Senator Cassidy [continuing]. That everybody use the same standard before we can have that and yet, apparently, you have accomplished. I am asking how can that be? Mr. Black. Yes, even inside of--we attached, as I said, over 350 different electronic medical records today. Even though you may have one client who has one electronic medical record vendor, they actually may have different instances of that. Let me give you an example. We have one client, very large client, who has 44 different instances of the same electronic medical record vendor established across 186 different hospitals. You would think that by us plugging in and trying to determine a male/female status, that would be a very easy interface. In fact, because of the flexibility of the system, there are 25 different ways in which as you plug in, you read that information, it actually comes back to us in a different manner. We have to take that information and harmonize that information to make it say either male or female. It sounds very easy, but I am just telling you, the information systems the way that they are out there, the way that they are designed, the way that they are implemented can vary widely even inside of just one. Most places I go to have anywhere from 300 to 700 different systems. Our largest client today has 100 electronic medical records---- Senator Cassidy. With that said, are you able to harmonize without--apparently, you are. Mr. Black. We are. Senator Cassidy. Because you have semantic interoperability. There is some way to do a workaround aside from having everybody sit down and say we are going to call it meters, or we are going to call it---- Mr. Black. Right. We take it, as I say, God is on the side of computers, and we are going to figure it out. There are algorithms you can say to read this SNOMED file and convert it to CPT. Take the CPT file, convert it to ICD-9. Take this ICD- 9, convert it---- Senator Cassidy. Got you. How do you define data blocking? Because you mentioned in your testimony, we must, and so how would you? Mr. Black. I would define it by somebody who knowingly is out blocking the data. The definition of that would be very difficult to enforce, but I do believe that there is very--a lot of people are not knowingly doing it. But to the extent that we had practices in the past, which this committee actually because of the questioning that you had, actually got some suppliers to change the way that they charge for that. That is extraordinarily important. The light that you are shedding on this has actually been very well received---- Senator Cassidy. Let me ask each of you if you can submit for the record your definition of data blocking because that is important to us going forward. Next, on the House side, there is a bill, part of 21st century is a portion which says that if someone is found to data block, that they would be decertified. If you are a doctor and you just paid all this money and now your product is decertified, it is actually the physician that loses. If it is a small practice in Iowa or in Bunkie, LA, you are stuck. Is there some way to enforce a you can't data block and if you do, you are busted without busting the doc? Dr. Kibbe? Dr. Kibbe. Yes. Part of the problem there is we are kind of in an all or nothing State right now, right? We need a better certification program so that in-the-field usability of these products is testable. If there are problems, they are available early, and the vendors and the users of those products have a chance to fix it. Senator Cassidy. That doesn't help those who have already purchased? Dr. Kibbe. No, it would because it would expose the vendors whose products are having problems or in usability early enough that they would have a chance to correct that---- Senator Cassidy. OK. Let me go back to Dr. Kendrick. Dr. Kendrick, you mention that there are these gag orders. I had to press you to tell me that it was eClinicalWorks that is getting certified with a package which they then pull out and hide and then charge $10,000 in order to have access to. If you are under a gag order, you can't really say, ``Oh, my gosh. I am paying 10K a year for something which I should be getting for free.'' How do we--you could have a gag order. You are doing a beta test, and you can't report that it is a dog. Do you follow what I am saying? Dr. Kendrick. Yes, in my written testimony submitted, it says that we are finding a fair amount of almost intimidation among the folks we work with, the practices we work with, that they are afraid to file these things themselves. Maybe because of a gag order, maybe because of experience. Certainly when we filed one complaint recently and it got forwarded to the vendor, we got a note almost immediately from the vendor saying that they wouldn't work with us anymore. Thankfully, an executive at the corporation decided it was worth that this really could be an issue. I would say in terms of--transparency has got to be there, and in terms of dealing with the next---- Senator Cassidy. Should we outlaw gag orders? Should we have legislation that says, ``my gosh, if you have got a dog, you can say I heard it bark''? Mr. Black. Please. Dr. Kendrick. I think we should. Senator Cassidy. OK. Dr. Kendrick. I would just add that in terms of dealing with the decertification, if you take away that threat, then there is no reason for an organization to comply, and I would suggest that perhaps the EHR vendor that becomes decertified should be compelled to reduce their prices to their practice-- -- Senator Cassidy. How do we hold the doc harmless if she has bought a product which is now decertified? How do we keep her from being punished? Do we have a money back guarantee? Dr. Kendrick. That is where I was going is maybe the EHR vendor has to reduce its fees or charge no fees until they are certified again. Senator Cassidy. We would allow a grace period for the physician to continue with the decertified record? Dr. Kendrick. We have to make the data portability real. I need to be able to strike my data and move on to another vendor. Senator Cassidy. OK. Thank you for allowing a second set of questions. The Chairman. Thank you for your participation. Senator Whitehouse. Senator Whitehouse. Senator Cassidy, put me down as a cosponsor---- [Laughter.] Senator Whitehouse [continuing]. On your legislation to restrict these gag orders, and we will work together on that. I am having a very enthusiastic agreement from the entire panel on that point. I had just one specific question since I get another round, and this has to do with Dr. Kendrick's written testimony with respect to the part of ONC's certification program that requires data portability. The quote I have from your testimony is that few vendors appear to offer this functionality as intended, and I would like you to have the next couple of minutes to elaborate on what you meant by ``few vendors appear to offer this functionality as intended.'' Dr. Kendrick. The reason we came across this functionality is because it is another option for interoperability. Unfortunately, Stage 2 of meaningful use required that the standard document be created and that the provider be able to export it, but not that the exporting of that document be automated. Many vendors buried that export three buttons down, three menus down, and force a manual process. Until the next round of EHR certification comes out and hopefully fixes that, we are stuck with other options that are written into the policy. One of those is data portability. Senator Whitehouse. Just so I understand it, what we would like to see--what CurrentCare has accomplished in Rhode Island is that the record is kind of automatically populated with data. If you go out and have a CAT scan or if you pick up a pharmaceutical or get a test of some kind, it loads more or less automatically---- Dr. Kendrick. It moves where it needs to go automatically. Right, right. Senator Whitehouse. Exactly. What you are saying is if that doesn't happen, somebody has to page through several---- Dr. Kendrick. Right. Senator Whitehouse [continuing]. Screens and then hit ``send'' before it---- Dr. Kendrick. What happened is, we discovered the data portability clause, which is the requirement that a batch export be possible of these CCDA files, these standard files, and we can do that on a nightly basis and use it. Unfortunately, when we have gone to now several vendors to say where is your batch export functionality, they can't demonstrate it to us, and many have to come in and actually rewrite code to make it happen. We filed a complaint, and the first one of those has been found to have merit. It did require some pretty significant conversation between ONC and the certification body because, remember, the certifying body tests, ONC writes the test. The question was whether the test adequately tested that functionality, and so things slipped through the door. Senator Whitehouse. Got it. OK. Thank you, Chairman. It is a technical issue, and it can drive people into a state of stupor. Dr. Kendrick. Sorry. Senator Whitehouse. It is also really, really important, and the panel has been terrific. The Chairman. We need to see if we can come to some consensus here on the committee about what we think about this. Senator Murray and I had breakfast with Secretary Burwell today, and we talked a little while about it. Of course, Secretary Burwell and the President are very interested in changing the way physicians are paid, value-added, and you are saying there is a relationship between that and better use of this. Those are relevant things, but there are big decisions to be made. If any adjustments are to be made, they probably need to be made this fall, and I don't want to recommend adjustments that are not the right adjustments to make. We want to complete our work on this by this fall and understand that there are steps. If there are four or five steps that can be taken to make the electronic healthcare system work better and if they require legislation we can deal with that early next year. If it is something the Secretary can do, we can talk with her about it and let her do it. That would be much more preferable to do it that way because it could get done more rapidly. Let me ask, this is an off-the-wall question, and it may sound like a really stupid question. I am old enough not to worry about things like that. Should we be defining--are we being too ambitious with interoperability? Should we say that we should have interoperability to just an extent? If what we are really talking about is making sure that information, let us say about me, is available at all the places where I might have gotten healthcare. What if a rural doctor somewhere where I might have gone after a fishing trip says I will send you--if you are going to go see your doctor next week, I will fax it to him? I will FedEx it to him. I will keep it according to a certain standard that you tell me to keep. Why in this age of communication where we have many different ways of getting information to people, when the usual time that you need information about your healthcare, I would assume, is a scheduled appointment with a physician or a hospital, where a doctor in some other place would have time either to fax the information he or she has or to Fed Ex it by the next day or UPS it? Or maybe, maybe we just say that interoperability ought to apply to this much information and these kinds of data, and it is too ambitious to try to go beyond that. It is just we just can't do that in a system as big and diverse as ours. Is that a really ridiculous question, or is there an easy answer? Dr. Kibbe. Dr. Kibbe. Let me--there is an easy answer. Because doctors and the hospital systems and medical practices don't want to go outside their electronic health record to exchange health information. They want to work within that electronic health record interface. The Chairman. Oh, I don't know that is true. I know some very good doctors who keep a separate drawer filled with written information about their patients. Dr. Kibbe. They may do that. When the information flow is required to go from one place to another, you really don't want to go to a separate Web browser over here or go to a fax machine over here. That is inefficient. That is extra documentation. That is extra cost for everybody. One of the things that I meant in my fixing of the Stage 2 meaningful use is that we have an infrastructure, we have standards, and we need to fix those and make them a little better. For example, a Direct message ought to be acceptable with any kind of attachment, not just a CCDA. A PDF document, a Word document, a file image. Those ought to all be acceptable means of transfer of documentation from within the electronic health records' current standard for exchange. Mr. Black. I don't think you spent $30 billion, we did. You have to take it to the next level. Otherwise, you are going to have just a great, big, huge community and country full of silent information that is not expandable, and it doesn't really benefit the patient. In order to get that information to an interoperable manner through an HIE, whatever it has to be, in order for it to be used, though, by a clinician, you have to have all the information about that patient, irrespective of which EMR that they are in across the community. Then when I log in to my patient and my patient is in front of me today, I want to see that there is additional information in the community about that patient that is going to change my mind. At the University of Pittsburgh Medical Center today, we sit on top of Epic and Cerner, and when they click on the community view, that clinician, 60 percent of the time, makes a different clinical decision because of the fact they saw the totality of the patient's record, not just what was inside of EMR 1 or EMR 2. The Chairman. OK. Mr. Black. We now have 100 of them attached to that, I can promise. Dr. Kendrick. The issue--I would zoom out just a little bit and say, or a lot and say that this--the health of America and the success of our industries in the world depends on solving this issue appropriately. If I were to compare healthcare to banking, it is about 1965 in healthcare. We just don't have electronic transactions like we need them. We have lots and lots of labor force dedicated to things that haven't been done manually in banking for decades, and we won't be able to compete on the world stage as a nation and have a healthy workforce if we don't solve this. The efficiency gains from interoperating electronically far exceed the paper processes. Dr. Mirro. I agree with my colleagues wholeheartedly, and we cannot have enough interoperability. Remember, we are trying to have a patient-centric electronic record. It is actually about the patients, and that is we want to get to that stage where the patient is holding all their information, and we have patients that are using a highly functional personal health record so that their data is stored in a PHR, and that could be accessible from any site, even rural America. The Chairman. I thank all of you for coming. I would ask once again if you could send me in 1 or 2 pages of what you would do if you were Secretary Burwell if faced with decisions about these two rules that come down in September about electronic healthcare records. I would appreciate it very much. The hearing record will remain open for 10 days. Members may submit additional information for the record within that time. Thank you for being here. The next HELP Committee hearing will be Wednesday, July 29. The committee will stand adjourned. [Additional Material follows.] ADDITIONAL MATERIAL American College of Cardiology, Heart House, Washington, DC 20037-1153, June 16, 2015. Hon. Lamar Alexander, Chairman, HELP Committee, U.S. Senate, Washington, DC 20510 Hon. Patty Murray, Ranking Member, HELP Committee, U.S. Senate, Washington, DC 20510 Dear Chairman Alexander and Ranking Member Murray: The American College of Cardiology (ACC) is a 49,000-member medical society that is the professional home for the entire cardiovascular care team. The mission of the College is to transform cardiovascular care and to improve heart health. The ACC leads in the formation of health policy, standards, and guidelines. The College operates national registries to measure and improve care, provides professional medical education, disseminates cardiovascular research and bestows credentials upon cardiovascular specialists who meet stringent qualifications. The ACC also produces the Journal of the American College of Cardiology, ranked No. 1 among cardiovascular journals worldwide for its scientific impact. The ACC has a vested interest in complete interoperability of health information technology not only because of its diverse membership of cardiovascular care team members including physicians, nurse practitioners, nurses, and practice administrators, but also because of its operation of five hospital-based, one outpatient, and two multi-specialty clinical data registries. The College would like to applaud you and your respective staff for taking the initiative and working to accomplish specific goals related to interoperability of EHRs. The College appreciates the opportunity to provide input and encourages you to address these pertinent issues. The ACC views the following as key priorities that should be addressed related to EHR interoperability: vendor data blocking Issue: The ACC has been on the record with the Senate HELP Committee in bringing the issue of ``vendor data blocking'' to the forefront and the College is appreciative of the committee's responsiveness and eagerness to address this issue. The ACC views vendor data blocking as one of the largest barriers to EHR interoperability. EHR vendors charge exorbitant fees to transfer data from hospital to hospital or hospital to physician office, undermining the very purpose of EHRs. Many times, hospitals are in a better financial position to incur these costs. Physician practices, which are typically smaller and have fewer resources, are not in the position to absorb these costs. Example: For each patient, cardiologists are often required to reference several tests to obtain a complete understanding of a patient's condition. These required tests are sent to various labs, each of which operates its own separate EHR system, often administered by different vendors. In order to fully exchange information, EHR vendors charge physician practices upwards of $20,000 to fully interface with each lab's EHR system. While this is usually a one-time fee, many physician practices cannot absorb these unexpected startup costs. In order to provide appropriate and effective levels of care to their patients, these providers face fees to interface with necessary ancillary systems to facilitate the transfer of data between settings. Once the connection is established, there are often additional charges for the exchange of information. The College feels these exorbitant fees must be brought under control. Solution: The ACC acknowledges that an initial fee to establish a connection could be appropriate. Our concern lies with the amount of fees these vendors have arbitrarily established. Perhaps a solution could be for vendors to work these fees and others into the initial agreement signed with physicians, including (but not limited to) bundling open application programming interface (API) costs into the overall maintenance fees. This would require vendors to be up front and transparent with their pricing both at the time of purchase and throughout the use of the implemented EHRs and the peripheral elements included in these contracts. Additionally, it would be ideal to know up front the costs associated with purchasing interfaces to exchange with another vendor's EHR. Penalties should also be established for vendors whose actions prohibit the exchange of data under any circumstances, which leaves the practice without options to solve the problem. The ACC looks forward to working with the committee to determine the most appropriate way to address this issue. effective ehr standards Issue: The Office of the National Coordinator for Health Information Technology (ONC) has attempted to establish effective common EHR standards since the passage of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009. The Certified EHR Technology (CEHRT) criterion (2011, 2014, and the proposed 2015 criteria) aims to set a floor for certification to avoid stifling innovation while still working to require EHRs to meet the specific needs of clinical settings. With the current EHR standards in place, clinicians not only face continual challenges exchanging the simplest elements of data between EHRs--that have all met the EHR standards in place at the time of their certification--they also face basic usability issues. Despite these issues, there is still a widely felt concern that if effective common EHR standards were to be established, they would be too prescriptive and would stifle innovation. Example: As a part of certification, EHRs are tested to meet varying criteria and specific definitions. The criteria are tied to components of the Meaningful Use program such as computerized order entry, secure messaging, and e-prescribing. Definitions address other items of the Meaningful Use program as well, such as how a ``base EHR'' is defined, along with other items such as how patient health information is captured and how to import, calculate, and report clinical quality measures. This is in addition to base requirements relating to privacy and security, accessibility-centered design, and safety-enhanced design. Once the EHRs are certified and implemented, many times data received by a certified EHR from other certified EHRs populates in inappropriate fields or the data is received in a format that is unusable. For example, a clinician may receive a chart mapping a patient's blood pressure rather than individual data points. Another example is that clinicians in the outpatient setting frequently refer their patients to a hospital across the street from their office for procedures. The inpatient setting, however, often uses a different EHR and the different systems cannot communicate. When patients are admitted to the hospital, clinicians have to print out their notes and send a copy to the hospital so the notes from the clinic can be incorporated into the hospital's electronic records for the inpatient setting. This information is often scanned and inserted into the hospital's EHR as a PDF and is therefore far less usable. Thus, in order to truly achieve health information exchange these providers and their small clinics are forced to incur additional fees to replace their outpatient EHR vendor to match the hospital's system and make the records interoperable. Solution: The ONC should provide a clearer path to certification that includes an enhanced focus on usability and interoperability. These standards could include the ability for systems to connect with multiple Health Information Exchanges (HIEs). The most important aspect of a standard is that they be clinically relevant and useful, as would occur if the standards were created in cooperation with specialty societies such as the ACC. Through its rigorous process of creating clinical guidelines, societies such as the ACC are well-equipped to make these specific determinations as to what standards need to be applied and how they should be applied. In addition to adjusting the certification criteria, thorough testing must be performed not just of the EHR itself but in exchanging information with other EHRs and other actors in the health IT sphere such as HIEs and registries. This can lead to the higher level of bi-directional data exchange that we need in order to achieve the true benefits of health information exchange. post-certification surveillance of ehr systems Issue: Since the passage of the HITECH Act in 2009, the Federal Government has invested over $30 billion in EHRs. Currently, no programs exist to ensure that existing EHRs are functioning properly. Implementation of a post-certification surveillance program of EHRs would add value to the Federal Government's already substantial investment and set the Nation on a path of complete interoperability of EHRs. Solution: The ACC requests that ONC or the HHS Secretary conduct post-certification surveillance of EHRs to properly evaluate what elements are effective and what elements are not working with respect to basic usability and interoperability functionalities providers require of EHRs. This includes the removal of contract gag clauses to enable documentation by the Federal Government of any data portability issues and to provide for further transparency in pricing. It should be clearly stated that the burden for upgrades would pass to the EHR vendors rather than physician practices or hospitals. Additionally, a quarterly report from the Federal Government summarizing the surveillance findings would further aid in fixing usability and interoperability issues of CEHRT. The ACC applauds CMS for launching the initiative to collect feedback via email from patients, clinicians, and others whose health data was stymied. reevaluation of hipaa and security of data Issue: The ACC operates five hospital-based, one outpatient, and two multi-specialty clinical data registries within a suite of registries collectively known as the National Cardiovascular Data Registry (NCDR). As a result of the Health Insurance Portability and Accountability Act (HIPAA), hospitals and health systems within which the NCDR conducts business require security contracts to transmit data. The ACC understands that certain measures must be taken to comply with HIPAA and ensure data security. However, HIPAA has resulted in overly risk-averse interpretations of an almost 20-year-old law that was based largely on paper data storage. This in turn has created unnecessary demands from multiple layers of compliance officers with several layers of review which may not actually be relevant or afford the best protections in a digital, mobile-enabled environment. Example: Compliance officers from larger health systems and academic medical centers require NCDR to complete over 40 pages worth of security questionnaires that are unique to their own institutions. It may be possible for larger vendors with large numbers of staff to accept this as a cost of doing business, but for society-operated quality improvement programs and startups, these practices are extraordinarily burdensome and stifle innovation by creating barriers that only the largest entities can reasonably overcome. Solution: The ACC has been on the record requesting the reevaluation of the Health insurance Portability and Accountability Act (HIPAA) and its appropriateness in a 21st Century digital landscape. Technology has changed substantially since HIPAA was originally adopted in 1996. The ACC urges Congress to convene a hearing to reevaluate the role of HIPAA, including its successes and failures and whether all aspects of HIPAA remain appropriate given today's technology. delay of meaningful use stage 3 in its entirety Issue: The Centers for Medicare and Medicaid Services (CMS) released a notice for proposed rulemaking on March 20, 2015 outlining the third and final stage of the Meaningful Use Program to be in place starting in 2018. The proposed changes increase thresholds for objectives and measures to an unattainable level in an aspirational attempt to achieve greater care quality through the use of health information technology. Example: The Health Information Exchange objective (#7) of the Stage 3 proposal requires program participants to provide or retrieve a summary of care record when their patient moves to or from their care, and calls for the participants to incorporate summaries of care from other providers into their EHR using the functions of certified EHR technology. This is required for a certain percent of transitions that is far too high given the existing problems outlined in previous examples of this letter and the lack of solutions currently in place. In full disclosure, other issues exist with this objective and the other seven objectives proposed. Solution: The College has provided comments to CMS on this proposal outlining our concern with the overreaching requirements. In light of these concerns, the College has called for a delay in the implementation of Meaningful Use Stage 3 in its entirety. Delaying only certain parts of Meaningful Use Stage 3 would cause further confusion around the program and lead the government to veer off the current course of reducing complexities of the program. Given the lack of participant data available from Meaningful Use Stage 2 coupled with the data exchange issues that already exist, it is not feasible to implement the increased demands of the program in 2018. Time is needed to reevaluate the issues participants are facing in Stage 2 of the program and to develop and enact solutions. The ACC applauds you and your respective staff for taking the initiative to accomplish specific goals related to interoperability of EHRs and commends you for your collaborative approach. On behalf of the entire cardiovascular care team and the patients who we serve, the College appreciates the opportunity to provide input on these concepts and encourages you to address these very pertinent and closely connected issues. For additional information on the perspectives of the ACC, please contact Charles Cascio ([email protected]) and Lucas Sanders ([email protected]). Sincerely, Kim Allan Williams, Sr., M.D., FACC, FAHA, FASNC, President. ______ Response by David C. Kendrick, M.D., MPH, to Questions of Senator Alexander, Senator Murray, Senator Enzi, Senator Casey, Senator Baldwin, and Senator Cassidy senator alexander Question 1. If you were Secretary of the Department of Health and Human Services and were faced with decisions about the Meaningful Use Stage 3 rule and the 2015 Edition Certification rule, what would you do? Answer 1. I would pause the roll-out of the Meaningful Use Stage 3 program until the measures and expectations placed on providers can be synchronized and coordinated with MACRA, PQRS and other related programs which have the potential to create massive duplication of effort and confusion. By coordinated, I mean the following: 1. The various programs (PQRS, MACRA, and MU) will all be unified from a timing, target, scope, content, and measurement perspective. To the extent that the programs are not fully integrated, at least all required measure and utilization reporting should be synchronized across the various Federal programs. 2. CMS should continue to fund and maintain the creation of measures and the measure bundles that support consistent valid implementation of the measures through the Quality Data Model. This work is foundational to the assessment of value and assuring that the U.S. tax dollars are being spent wisely in healthcare. Without this, all previous investments in changing healthcare will be in jeopardy as we will have a system for which we cannot measure the impact, preventing iterations toward improvement. 3. The Federal partners in healthcare delivery should be subject to the same requirements for reporting and interoperability as every other organization--a majority of the care funded by DoD, IHS, and VA is provided in the private sector and the private sector cannot deliver high value care and services without appropriate and timely access to accurate data about the patients they are treating. The Federal partners should participate in the Health Information Exchanges that are relevant to the care of their patients. The current approach to interoperability, through a federated connection, is not responsive enough to be relevant to clinical care. It can take several minutes to retrieve a single patient record, by which time the provider has usually moved on to the next patient. BY participating instead in the State and regional level HIE efforts, the Federal partners will be assured that their patients are getting the same benefits from interoperability as the other patients in the community, including fewer adverse drug events, reduced duplicate lab testing and imaging, and improved coordination of care. Surely the America's active duty military, veterans, and tribal members deserve the same chance at receiving high quality care as any other American and active participation in local/regional Health Information Exchanges is an important step. 4. An important concept in Stages 2 and 3 of meaningful use is the notion of the transition of care (ToC) from one setting (such as a hospital) to another (such as a long-term care facility). Unfortunately, CMS' original approach to this measure, which required that a secure email be sent to the next provider in the transition was not successful and CMS has recast the requirement in the Amended Meaningful Use Stage 2 regulations that were released on 10/6/2015. The new requirement is much improved because it allows the sending/ referring provider to send the patient records by other electronic means, such as to a Health Information Exchange. However, the burden of ensuring that the receiving provider actually looks at the data on the referred patient remains on the shoulders of the sending/referring provider, who is actually penalized in the measure if the receiving provider fails to check the patient record. This is not the way healthcare works. Once the sending/receiving provider has made the current records available to the receiving provider, his or her obligation has been met. It is the obligation of the receiving provider to check the records on the patient before making diagnostic and treatment decisions--not the referring provider. This may seem like a minor point but in reality this single suggested policy change could have the most impact of anything else that could be done to drive interoperability as well as improving healthcare. On the other hand, without it, the incentives for providers to demand the complete, interoperable medical record on each patient they see will remain low. Please consider this alteration to the Transitions of Care policy in the amended MU2 and certainly in MU3. When a combined MU3/MACRA/PQRS strategy rolls out, ideally there will be a single program for providers to work with, one that is designed and tested with significant provider, patient and payer input and can align well with the current drive toward multi-payer value- based payment models such as the Comprehensive Primary Care initiative. However, I would push forward with the 2015 Edition Certification program, and especially the interoperability components and the new process of certifying that the EHR actually works in the field as it did when being certified ``in the lab''. We must get beyond the interoperability limitations and loopholes in the 2014 Certification program which are enabling EHR vendors and occasionally providers to skirt their interoperability responsibilities. Elements that should be emphasized in the 2016 Certification program and launched immediately include: 1. Data interoperability will be sufficient to enable the owner of the EHR to elect to participate in HIE and configure their system to export data of their choosing structured and coded to current standards, based on an automated trigger of their choosing and deliver it securely to a location of their choosing. Appropriate triggers would include the referral of the patient to another provider, completion of an encounter note, sign off on a new lab or imaging test result, and other clinical events that should be communicated with other members of the patient's care team. Appropriate locations for the exported data to go would include a health information exchange, secure email, public health program, or registry. 2. Data export formats will include standard message types (HL-7 2.x) as well as document types (HL-7 3.0's CCDA 2.x standard) and documents to support external evaluation of quality and value (QRDA1 files with complete coded data), etc. At a minimum, all file & message types required for MU, PQRS, MACRA, and any other mandated reporting programs should be able to be exported at no cost and delivered as above in 1. 3. The interoperability described above should be rigorously tested and validated by the Certification Bodies both in the development lab at the EHR vendor (where they are tested today) AND in the field when the product is deployed in a provider practice or hospital (where it is not tested today, and most commonly fails to meet interoperability expectations). 4. Vendors should be required to support credential exchange standards such as SAML and OAUTH which enable doctors' and other providers' workflow to move seamlessly among different vendor products in the course of treating each patient and conducting their other care- related work such as quality assessment and utilizing decision support. This is critical to enabling innovation to continue in the Health IT space, even though a few large vendors claim large swaths of the territory. senator murray Question 1. You testified that you have personal experience working with providers in Oklahoma to make sure that they are able to exchange electronic health information. I regularly hear from providers about information blocking, but the Department of Health and Human Services reported to Congress in April that in many cases they have limited tools to find out when information blocking is occurring. Answer 1. Yes, that is correct--this is a very complex issue, and it takes expertise in the field of medical informatics, focused attention, and a desire to fix the problem, all of which are rarely available in busy medical practices. In addition, one must have access to the vendor product at the practice level to identify the issues. There are dozens of ways that an EHR vendor can (intentionally or unintentionally) prevent interoperability from occurring. Further, many practices I encounter are actually too afraid to report their vendor-- fearing repercussions such as poor service, higher bills, or delayed responsiveness to critical issues. Any of these can put a practice or small hospital out of business and this fear is clearly limiting the filing of formal complaints. I listed six common ways data blocking can occur in my testimony, but there are many others. Since it is impossible to think of all the ways that data blocking can occur, effective surveillance and enforcement is required. Ideally, ONC should receive sufficient funding to provide visible and active enforcement of the requirements in the Certified Health IT program in order to protect the tax-payers' investment in health IT. These funds should be used to make the existing ONC Certified Vendor Surveillance program more robust. The success that MyHealth has had in identifying and pursuing remediation with vendors whose products fall short of the required capabilities has been limited to only a few vendors and has required inside knowledge of the workings of ONC and the Accredited Certifying Bodies as well as significant time focused on the tracking and reiteration of our complaints. Furthermore, the critical knowledge we gained about unlocking an EHR vendor system through the Surveillance program has not been publicly communicated--rather that burden has fallen to our small non-profit organization. While we are happy to help our peers and others seeking interoperability it would seem that ONC should be tasked with publicizing the results of Certified Vendor Surveillance activities just as they publish the list of certified products. The Accredited Certifying Bodies, the private organizations contracted by ONC to implement the Certification program, are also currently tasked with conducting the Surveillance program. Because these ACB's are dependent on the vendors they certify for most of their revenues, there seems to be a potential conflict of interest created by the assignment of the ACB's to also conduct the product Surveillance program. Whether driven by conflict or not, the current Surveillance activities seem much less substantial than they should be. The 2014 Surveillance report by the ACB's (which has not been made publicly available as far as I can tell) was disappointingly thin on details and action, especially given the tenor and rate of complaints that we hear from providers regularly. Question 2. This committee has also heard testimony that, in order to use health IT, providers often have to sign contracts that include ``gag clauses,'' prohibiting them from disclosing technical problems or unfair pricing. Health IT is certified by the Federal Government because it stores and transmits information that is used to save lives--users should be able to safely report problems without facing any sort of repercussions. Answer 2. Agreed. These gag clauses are certainly a part of the problem. We recently surveyed our member organizations to gather the data on the costs they faced when connecting their EHR to MyHealth's Health Information Exchange. The reports ranged from $0 to $40K + ongoing monthly fees. This was concerning, but even more concerning was the fact that most of the providers and other organizations we surveyed reported that they could not divulge the cost due to contract restrictions (gag clauses). Question 3. What tools and protections are needed to ensure that individuals can safely report on unfair market practices regarding the use of health IT, without fear of repercussions? Answer 3. Expanding and encouraging ONC's certified technology Surveillance program (as described above) is very important. Publicly reporting significant findings of this surveillance program is also very important. Like any good enforcement program, whistle-blower protections should be put into place, and cases should be promptly and professionally handled. In our experience, even when a vendor is forced to correct a shortcoming in their technology, the remediation time window is so long (months to more than a year) that it adversely affects the practice and other stakeholders anyway, and no compensation is offered to the affected practices or entities while the remediation is being performed. In some cases, the practices have been forced to pay the additional ``product'' fees the vendor originally requested even though we know the vendor's product has been found to be defective and the obligated fix is working its way through the system. A successful Surveillance program must have teeth--that is, ONC must have the power and a mechanism to withdraw certification if necessary. In theory, this is currently possible, but in reality this is rarely done because of concern for the impact of decertification on those providers that use the decertified products. This creates a ``too big to fail'' scenario with EHR vendors. These implications should be addressed clearly in the Certification program. There are several ways to address this: 1. Require the decertified vendor to continue to provide services to the practices but discount their fees to offset the Medicare or Medicaid penalties the practice will incur by not meeting Meaningful Use. If the loss to the provider exceeds the feeds then actual financial compensation could occur. 2. An insurance product could be required of Certified Vendors (or even made available to practices) that would enable the providers to change vendor products should the Certification of their existing systems be withdrawn or should the vendor go out of business. This could be a means of supporting the ``lemon law'' I proposed in my previous testimony. senator enzi Question 1. What is the greatest barrier in obtaining access to data from the perspective of vendors? Answer 1. I suppose that the EHR vendors would cite the complexity of the MU Certification process, the cost of connecting their products to HIE's in various communities, and the highly variable levels of sophistication among the HIE vendors and HIE organizations. While I agree that these elements all play a factor, one simple fact makes me question the real significance of these issues. It has been known for a long time (decades in some cases) that many of the large EHR vendors aggregate data from their customers and resell de-identified data to researchers, pharma, and other organizations interested in big healthcare data. Most practices and hospitals sign agreements with these vendors that contain fine print that grants the EHR vendor the rights to that de-identified clinical data. Very few providers, in my experience, are aware of this practice. This common practice, which requires all of the same activities as interoperability, makes me skeptical about vendor complaints that interoperability is ``too hard'' or ``too expensive''. Question 2. Is this challenge technical in nature, rooted in custom-designed EHR's? What, in your opinion, would be the simplest way to address this problem? Answer 1. There are two potential sources of data blocking: (1) Provider data blocking and (2) Vendor data blocking. Provider data blocking: As noted in my testimony, with the rise of value-based and risk-sharing payment models, provider opposition to interoperability seems to be melting away, because the incentives to have the complete medical record available wherever and whenever needed for care are now shared among the patient and all providers they choose to involve in their care. Vendor data blocking: Unfortunately, these incentive realignments do not seem to have affected Vendor data blocking. In our recent experience, the greatest barriers to broad interoperability are EHR vendor policies and business practices around interoperability, not technical challenges. While it is true that many of the largest EHR vendors are still running highly proprietary code written in the 1980s and 1990s, and some are still using database products from the 1970s, the basic capabilities needed for appropriate levels of interoperability have existed for a long time and frankly work quite well if they are used. As described above, most vendors are quite capable of extracting clinical data, standardizing its structure and exchanging it with other organizations as evidenced by decades of resale of de-identified clinical data to third parties by many EHR vendors. Despite this extensive experience, EHR vendor capabilities for data exchange and quality of the exported data remains quite poor and non-compliant with the Certification Criteria. Thus, one can only conclude that the correct incentives are not in place to warrant these vendors to participate fully in interoperability. The simplest solution to this problem is iterative, not sweeping-- this is, it builds on the work already begun rather than ripping and replacing with some other new, potentially more expensive approach. 1. As recommended above, the 2015 EHR certification program should be allowed to proceed, because it contains a number of provisions that should increase the interoperability capabilities of the EHR vendors and improve the Surveillance program. 2. The Certified EHR Surveillance program at ONC should be adequately funded, as noted above. In particular, vendors should be required to demonstrate that each install of their product is interoperable by making a connection to a standard test server operated by the Certification Program or perhaps a local health information exchange organization certified by ONC, and transmitting the required standard documents on a few dozen test patients. This level of testing would provide assurance to the practice or hospital and their patients that the EHR product has the capabilities and is properly configured for interoperability. This concept has been referred to previously as ``field testing'' for interoperability and would go a long ways toward assuring that the technical capabilities are not a limitation. 3. Making the patient, rather than the practice or provider, the frame of reference for quality and value measurement: By emphasizing (and even requiring) the use of interoperable data on each patient in quality reporting and other value assessment, CMS and others can shift vendor and provider incentives away from data blocking toward improved health data interoperability. Making this change to focus measurement on the patient is also critical for the success of value-based payment models. New value-based payment models for healthcare are showing some promise that savings can actually be achieved while quality is maintained or improved. For example, CMMI's Comprehensive Primary Care initiative has shown 7 percent and 5 percent cost savings over the last 2 years in Oklahoma. However, all value-based payment models depend completely on having the ability to measure Value accurately. Unfortunately, those of us practicing medicine and working with clinical information daily have come to recognize a significant methodological flaw in CMS's current approach to value assessment which calls the validity of most of today's value assessment into question. Although an exhaustive discussion of this is not possible here (happy to provide more details if there is interest), the basic issue is that the current measurement approach uses the wrong frame of reference. Just as adopting the correct frame of reference is important to solving basic physics problems, so too is adopting the proper frame of reference critical to correctly measuring value in healthcare. Unfortunately, most current CMS projects adopt the doctor or the practice as the frame of reference for measurement, when in reality, the proper frame of reference is the patient. To choose any other frame of reference than the patient is to risk repeatedly counting the same (and especially the sickest) patients over and over as they see multiple doctors and hospitals. In addition, only by centering measurement on the patient can the impact of team-based care and effective care coordination be measured and reported accurately and without methodological issues. We have demonstrated this approach to measurement in Oklahoma as part of the successful Comprehensive Primary Care Initiative, and it makes a significant difference in the results. The achievement of these three items and especially item #3 will create a marketplace whose natural tendencies are toward, rather than away from, interoperability. Question 2. When you work with vendors, providers, and ONC to resolve issues, do you see there being a need for a more defined process to facilitate those interaction? Answer 2. The CEHRT Surveillance program was originally conceived to provide such a defined process but until the last year or so has not been an active program. ONC appears to be making strides in strengthening the Surveillance program but funding for the effort seems limited. As recommended above, a strong, transparent, and responsive Surveillance program with real ``teeth'' will go a long ways toward reducing EHR data blocking. We would be happy to contribute specific experiences and suggestions for improving and expanding the surveillance program. senator casey Question 1. In the absence of a straightforward method of patient matching like a national patient identifier, health IT uses complicated algorithms to match patient records from multiple locations and providers. Algorithms include data such as name, date of birth, address, and social security number. Pennsylvania has a significant Amish population and many Amish people don't have Social Security numbers or phone numbers. Additionally, many older female patients share a Social Security number with their husbands and many are widows, making matching of their records challenging. As a result, hospitals like Geisinger in Danville, PA have had to develop unique and complicated ways of matching patients that are not always highly reliable. How does lack of reliable method of patient matching contribute to difficulties in sharing information? Are there additional sub- populations for which patient matching is especially difficult? What are the implications for care of the patient? What, in your view, is the best solution? Answer 1. Assuring accurate patient identity is critical to the health and well-being of the patients we serve. Unfortunately, the political will to implement a nationwide patient identifier has not existed since the passage of HIPAA authorized it. Nevertheless, there are many things that can be done to address this issue. In particular, electronic master patient indexes (eMPI's) have become important tools for resolving identity at regional and State levels, and many HIE's around the country have these tools and several offer them to local doctors, hospitals and other providers as a source of truth against which patient registrations can be searched. In addition, State and regional eMPI's can provide active feedback to providers about patient identities that may have errors or need resolution. By correcting data at the source, the accuracy of patient identity throughout the entire healthcare system is improved. We have seen that this approach can be quite successful, with close to 99 percent of all patient identities accurately matched between organizations without human intervention. The remaining patient identities must be matched to the correct patient with human intervention. In the case of a State or region, this is manageable. However, it is probably premature to attempt to construct a national eMPI because the trust does not yet exist at a national level, and further the number of manual interventions required would be in the millions, requiring significant staff. Our experience at MyHealth confirms the concerns outlined in the question about specific missing data (like social security numbers). In addition, we often see patients with rapidly changing addresses, phone numbers, and even last names. We carefully monitor the identity of twins, triplets, quadruplets, etc, because they often have very similar first names and identical last names, dates of birth, addresses and phone numbers. Having a single medical ID does not necessarily help with these kinds of issues. A single medical ID could be helpful--it is after all just one more data point on the patient. However, in our experience, even with a national identifier, all of the logic and capabilities of an eMPI will still be required to accurately maintain identity. For regions/States which have implemented eMPI's, the challenge of maintaining accurate patient identity is greatly reduced. In order to optimize this approach, some regions have included State registration data such as that from State DMV's or identity from credit agencies such as Equifax and others. This does leave the challenge of maintaining patient identity on a national level, but a strong regional/State-level eMPI infrastructure will enable the optimization and exchange of patient identity at a national level as well. By optimizing identity where patients receive most of their care (near their homes), the issue of national patient identity becomes much more manageable. As States and regions work with one another to exchange interoperable health data, they are addressing these issues of identity management as well, so this issue may already be on its way to solution. senator baldwin Question 1. In your testimonies, a number of you suggest that we need to increase transparency for all stakeholders to help address some of the problems we see with data blocking and to promote interoperability. How do we create this transparency; what needs to be measured and reported by providers and vendors for us to determine if data blocking is occurring or if progress is being made? Answer 1. Creating transparency is important. I would offer three ways of achieving transparency of the data blocking issue, and suggest that these approaches are also essential to curing the data blocking issue: 1. Further emphasize (and fund) the ONC Certification Surveillance program with included language about transparency of findings and public communication of results. 2. Establish a nationwide measure of interoperability. This metric is constructed using existing data sources and would be based on the premise that every patient deserves to have their complete, longitudinal medical record available wherever and whenever it is needed for decisions about their healthcare. This single metric can be applied to specific types of clinical encounters and events to track and monitor our progress as a nation toward interoperability. A few months of research would be required to rigorously validate the metric but it will provide enormous insight and motivation toward interoperability once available. We have prototyped such a measure and it seems quite feasible to roll out broadly within a year. 3. Measure value at the correct frame of reference: the patient. As noted above, value-based payment models must be based on value assessments that take into account each patient's entire experience of care, not just the pieces of experience that occur in each practice or with each individual doctor. If payment policy shifts to reward reporting metrics based on multi-sourced/complete data on each patient rather than just individual practice perspectives, sophisticated interoperability will spread quickly because it will have a clear business case for providers and vendors. senator cassidy Question 1. How do you define data blocking? Answer 1. I would define data blocking as any factor, whether intentional or unintentional that prevents a patient from having their complete, longitudinal medical record available wherever and whenever they or their healthcare team needs it for decisionmaking about their health. Admittedly this is an outcome-based definition of data blocking, but I find it helps avoid the loopholes and semantic issues that have thus far enabled vendors and others to thwart attempts at true healthcare data interoperability. Unintentional causes of data blocking should be identified and pursued for correction, which can be greatly facilitated by the creation of an Interoperability Metric as described above. Intentional causes of data blocking need to be identified (again, using an Interoperability Metric) and brought to light using smart policy (to align incentives away from data blocking, for example) and enforcement of regulations (such as the ONC Surveillance program). Question 2. In the context of certification, how do you penalize the vendor without penalizing the physician? Answer 2. As described above in more detail, it makes sense that, because the EP or EH has purchased a product that has been ``certified'' by a government agency, it is not fair to penalize them for subsequent failures of that product, including the potential revocation of the product's certification. The purchase and implementation of an EHR product is a massive, expensive and complex task for any healthcare organization, and is usually second only to (and often exceeds) the cost of their physical facilities. In today's healthcare marketplace, the EHR is central to the success or failure of the organization. For these reasons, it seems logical that significant consumer protections and risk mitigation should exist for purchasers of these systems. Among these should be: 1. Requirement that a vendor who loses their certification, even if only temporarily, must cover any MU penalty losses to their customers, first through discounts on licensing fees, and then through future service or actual monetary compensation. 2. Establishment of insurance products to mitigate the extreme cost and market share loss experienced by practices and hospitals who must make an unexpected EHR vendor change. Practices or hospitals could then require that their vendor be ``bonded'' against such an unexpected event, similar to the way risk is mitigated in the construction industry today. 3. Make Vendor contracts, including as much as possible the Total Cost of Ownership, transparent, and encourage a competitive, consumer- driven marketplace which will ultimately be much more conducive for success as well as continued innovation. 4. Be very careful not to ``over design'' the requirements of certified Health IT (and the required uses of that IT)--the requirements should be written to focus on the desired outcome rather than prescribing exactly how the outcome should be achieved. If we eliminate the potential for innovation then we have failed utterly in our efforts to improve health and reduce costs. Unfortunately, many EP's and EH's are being penalized now for not meeting MU requirements even though they invested in Certified health IT. Putting in place policies that ensure that health IT is an open marketplace with sufficient transparency to enable the consumers (in this case doctors and hospitals, but eventually patients as well) to drive the success or failure of the vendors will be the best and most permanent fix. Question 3. Should ``gag clauses'' in contracts be made illegal? Answer 3. Yes. I can't think of a single way that these gag clauses improve patient care, reduce costs, or improve the practice of medicine. [Whereupon, at 11:50 a.m., the hearing was adjourned.] [all]