Nicholas Sandercock of Gross McGinley.

Electronic health records (EHR) are as common in the modern health care landscape as needles and syringes. This is thanks in large part to the Health Information Technology for Economic and Clinical Health Act (HITECH), created in 2009. HITECH pressured providers with a scheme of financial incentives and penalties to individually adopt EHR systems with “meaningful use” requirements. HITECH’s definition of meaningful use focused on the functionality of EHR systems inside the four walls of the provider and has done nothing to regulate the landscape of the emerging industry or the companies that would come to dominate it. Consequently, HITECH’s meaningful use provisions do not encourage interoperability across platforms, nor have they met provider expectation of reduced exposure to malpractice liability. Now, 10 years since HITECH initially incentivized the health care industry to adopt EHR and meaningful use of health information technology (HIT), the question must be asked: is additional regulation of the HER/HIT industry necessary to achieve truly meaningful use and circumvent the creation of an EHR monoculture?

The inception of HITECH brought with it wide-ranging expectations, from increasing access to care, reducing adverse events and decreasing health care costs, to streamlining clinician workflow. All of these expectations were both created and regulated by the meaningful use provision of HITECH which outline the quality of use indicators eligible physicians must achieve in order to both receive financial incentives for meaningful EHR adoption and avoid penalties for inadequate usage. Subsequently, the impact of HITECH on the modern health care landscape is absolutely quantifiable. In 2008, the year before HITECH was passed, just 4 percent of physicians reported having a fully functional electronic records system. In the years subsequent, the International Medical Informatics Association (IMIA) Yearbook of Informatics reports hospitals and participators have spent more than $30 billion on EHR systems.

About 40 percent of physicians who responded to a national IMIA survey of doctors adopting EHR systems reported their primary reason for doing so was the perception that EHR adoption would reduce physician exposer to liability. This is contradicted by the simple reality of EHR adoption creating new types of patient risks: wrong patient selection, allowing clinical decision making to be guided by EHR systems and a provider’s clinical ability being restricted by their ability to navigate EHR systems. However, the impact of EHR systems on the quality of care rendered has simply not been realized in either direction. One study, conducted by professors at Harvard Medical School, analyzed patient outcomes in 17 hospitals as they either adopted EHR systems for the first time or migrated between systems, and found there was no statistically significant difference in 30-day readmission rates in study hospitals, overall or in subgroups defined by type of EHR implementation. Despite a pre-study bias, the authors observed no overall correlation between short-term inpatient outcomes or mortality rates and EHR implementation.

Furthermore, in as early as 2007, researchers noticed the importance new regulation would play in creating “life-long” EHR systems by enabling interoperability across competing EHR platforms by mandating venders create open platform. Twelve years later, in 2019, and the researcher’s fears have been realized as Epic, a Verona Wisconsin company founded in 1979, now captures more than 50 percent of new large hospital business; and as of 2013, was responsible for storing at least partial health care records for 51 percent of the population of the United States. This emerging Epic monopoly has been encouraged, at least in part, by a lack of marketplace regulation. The lack of regulation in regards to meaningful interoperability is stunting the true potential of EHR technology, and is allowing Epic’s dominance within the EHR marketplace to control the quality and interoperability of all EHR systems.

As EHR adoption, in and of itself, has fallen short of its promise to reduce the cost and risks of health care. Epic’s savvy marketing and total package approach, which guarantee compliance with by federal incentive (and penalty) programs, all contribute to its attractiveness to providers who rely on the HITECH financial incentives to cover the out-of-pocket expenses required to adopt an EHR system. Conversely, it is in Epic’s best interest to simply avoid interoperability and make it as difficult as possible for providers to migrate information between EHR systems. Thereby securing their stronghold on the market. However, neither HITECH nor Epic have focused on interoperability. Accordingly, even two hospitals sharing the same geographic space, that both run recently implemented Epic systems are incapable of sharing records without jumping through complex consent loopholes. While many blame the HER monoculture for lack of interoperability, providers often point to what they perceive the current regulation system as the main roadblock.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was passed in order to protect patient privacy; however, practitioners now view it as a regulatory barrier for interoperability in that its strict confidentiality mandates appear at odds with the notion of interoperability. Conversely, lawmakers argue HIPPA is actually a perfect companion to EHR interoperability. However, what is undeniable is that the harsh penalties providers face for privacy breaches under HIPAA have created a culture of fear surrounding EHR and interoperability. Accordingly, the first step to effectively achieving meaningful use is ratifying HIPAA, and thereby adapting patient privacy to the EHR landscape anticipated by HITECH.

What good is interoperability if a patient’s record isn’t immediately available at any hospital at any time? If EHR systems are ever going to truly impact patient outcomes and reduce provider liability, patient records must be available at every hospital a patient is treated at, regardless of which hospital originally collected the information. Moreover, patient consent to future records access by other health care providers’ EHR systems should be given at of treatment and initial record creation, so that patients’ electronic records are not held hostage at one health care institution while they are seeking emergency treatment at a second. HIPPA and other future healthcare regulation must consider the global access of EHR records in the event of an emergency where the patient is unable to give consent due to lack of consciousness. In catastrophic emergencies, where time is of the essence, interoperability of EHRs will prove to be a tremendously valuable, life-saving tool, but the functionality of this tool is being limited by EHR monoculture and antiquated regulations.

Nicholas Sandercock is a member of the medical malpractice defense group at Gross McGinley, representing physician groups, nursing homes, home health agencies, hospitals and large health networks throughout eastern Pennsylvania.