Meaningful use and more recently the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) rules call for doctors to enable patients to view, download and transmit their electronic health record data.  

And some patients are beginning to inquire about adding that information to various healthcare apps that range from blood pressure monitoring to fitness trackers to glucose reading software for diabetes, among others.

The thorny part: Doctors have had it drilled into their heads for years that under HIPAA they need to protect the data, but that was when records lived on paper.

Now that doctors are expected to get used to the idea of giving patients an electronic copy of their data they have to learn let go of it.  

“This is a new world that we’re entering. It can be unsettling for anyone,” said Aaron Seib, CEO of the National Association for Trusted Exchange (NATE), a not-for-profit focused on enabling trusted exchange among organizations and individuals with differing regulatory environments and exchange preferences.

[Also: Mount Sinai launches MountSinaiNY app to give patients access to Epic EHR]

What’s more, complying with a patient’s request for data isn’t the only thing to be concerned with, said Gary Dickinson, co-chair of HL7’s EHR workgroup.

Here are some of the issues that Dickinson and Seib said may arise when doctors transmit data to a patient’s app:

What patients get via the data transmission may not be as useful as they think

Meaningful use and MACRA require physicians to give patients a standard summary through an HL7 standard that calls for a snapshot summary including recent laboratory results, medication list and some patient history. The problem is that some apps are going to be looking for more specific data than a C-CDA version can offer, Dickinson added. It doesn’t include information from other providers the patient may have seen. “It’s not a perfect vehicle by any means, in terms of content,” he said.

The matter of accountability

The ultimate question: Who is accountable for the patient summary? And could a doctor make a clinical decision based on a certain set of information? Because of all these questions, downloading a patient’s summary to an app is “kind of a mixed bag,” said Dickinson, which is among the reasons the whole prospect makes so many doctors uncomfortable.

Trust: Difficult to come by

Physicians have trouble trusting data they have not collected themselves. This is why they often want to call for a new test on a patient, even though another doctor has already run the same one recently. To make progress in this digital health world, there will need to be a new level of trust and confidence in the data, Dickinson said. The current distrust contributes to fears about transmitting the data and using the data a patient collects via an app.

Doctors may feel overwhelmed

“As these news doors get opened, and as new data gets moved around, we have to ask, are we really benefiting from it or is it just more overhead for doctors?” Dickinson added. “We’re kind of getting to the point where the data is becoming an avalanche.” Not all of the data collected on an app will be of value and even for pieces that are worth understanding it will take effort to glean out the nuggets of insight.

Download logistics could pose a problem

Smaller physician practices may have staff download the data on the spot while the patient is with the doctor. Larger practices, other the other hand, might get the IT department involved. “If each of these requests has to be served by an IT person, involving all different flavors of data being sent to all kinds of different apps, that’s a problem that most providers can’t manage, even if they’re a big organization,” Dickinson predicted. Sticking with the required basic patient summary will probably be the best way for physicians to survive the onslaught.

What to ask of patients

Dickinson said that doctors should require patients to ask in writing for the download of the patient summary to the app so that patients clearly know once the data is downloaded it’s out of the doctor’s jurisdiction. The doctor is no longer responsible for it, at least according to the Office for Civil Rights. 

On the horizon

NATE CEO Seib, who is a member of the federal Application Programming Interface (API) task force, said that the API task force released recommendations in May.

One of the major suggestions requires doctors to provide the same level of privacy assurance when transmitting to an app as is required for a patient portal.  

“It’s going to take some time for people to deal with the recommendations and internalize them,” Seib explained.

Seib likened the policy surrounding APIs to taking different bites out of an elephant.

“The first task force took one bite. The second task force will take a different bite,” Seib added. “There’s no ‘one and done.’” 

Twitter: @HealthITNews

Like Healthcare IT News on Facebook and LinkedIn