News Stay informed about the latest enterprise technology news and product updates.

Mostashari reveals more about meaningful use stage 2 at HIMSS 2012

In an in-depth session with reporters, U.S. health IT coordinator Farzad Mostashari, M.D. reveals more on meaningful use stage 2, including HIE, interoperability and encryption.

LAS VEGAS -- At the Health information and Management System Society's HIMSS 2012 conference, Office of the National Coordinator for Health IT (ONC) leader Farzad Mostashari, M.D. sat down with reporters for a detailed questions-and-answers session following his Thursday keynote. Here are some of the highlights he shared regarding the meaningful use stage 2 proposed rules.

More from HIMSS 2012 on the meaningful use stage 2 proposed rule

Meaningful use stage 2's bumpy landing: Sessions cancelled, questions unanswered

ONC offers sneak peek at meaningful use stage 2 proposed rule

Can you please talk a little more about how there is more flexibility built in for physicians in the quality metrics?

The President's executive order said -- and we take very seriously, and I think it's very much in line with what the President had asked for -- is to really take a look, across the board, at all of our regulations to see what we could do to increase flexibility and decrease regulatory burden. Let me give you some examples in meaningful use. [Mostashari listed examples such as batch reporting for group practices and exceptions for specialists as well as more "broad based measures appropriate for all physicians," such as patient satisfaction, medication safety and referral tracking metrics.]

The Health IT Policy Committee had recommended eliminating the "core and menu" approach to meaningful use, and making everything core. We actually felt it was important to provide, still, some of that flexibility so we are continuing with core measures and optionality within the menu items.

Can you explain how health information exchange (HIE) relates to meaningful use?

First of all, I refuse to speak of HIE as a noun. HIE is a verb. It is the actual exchange of information, and that's what we care about.

We don't have religion about how you exchange information. You can exchange information however you choose. You can use a vendor product to exchange information; we've included capabilities in certification to exchange information. You can exchange information using nationwide networks, using accountable care-enabling organizations. [You can use] private networks, as long as they maintain the standards for the conditions for interoperability and conditions for trust.

As part of that, we’re going to be looking at a governance rule to help lay out what are the conditions for trust and interoperability for organizations who would like to call themselves part of the Nationwide Health Information Network.

Does meaningful use stage 2 mandate encryption?

The HIPAA Security Rule says that you should do encryption unless you have a good reason not to do it. That's what's called "addressable." That's the law.

On the meaningful use side, a huge, huge, huge portion of all breaches do not occur because someone hacked into a system. They occur because someone left their laptop on the train -- and they didn't encrypt it. So what we're doing as part of meaningful use is saying, "Follow the law, take the security rule seriously, and take a real close look at whether you really don't want to encrypt." We're saying we really want you to take a really serious look at encryption as part of your adherence to the security rule.

It is our hope and our expectation that the vast majority of providers, if current trends continue -- and definitely nearly every hospital -- is going to be a meaningful user.

Farzad Mostashari, M.D., national coordinator for health IT

On the certification side, we have proposed that vendors, invisible to the provider, by default enable encryption of data on end-user devices -- if any data is kept on the end-user device after the session ends.

What should primary care practitioners be doing under meaningful use stage 2 in regards to interoperability?

For transitions of care -- sending someone for a referral or…send[ing] someone to the hospital --10% of those transitions of care should be accompanied by an electronic Continuity of Care Document with care plan and list of team members [transmitted] electronically, using the standards  Direct Project protocols or Simple Object Access Protocol, or SOAP, in the EHR] that we propose. You can't put a USB drive in the mail. That doesn't count. It's got to be electronic, over the Internet, using the standards we propose in the certification rule or [using] a Nationwide Health Information Network deemed organization.

The patient, separately, has a right to get that exact same document sent using the exact same protocols, to them in their personally controlled health record. So we have the right for view, download and transmit…and they can choose to share it with whomever they choose to share it. A separate measure. We're not requiring that the patient has to be the one to have to bear the burden of care coordination in all cases. We think that the patient should be enabled to do that, but [the physician bears the responsibility] of the B2B aspect of it.

Only 10%?

You know, one of the things we learned with thresholds [was that] there was so much wailing and gnashing of teeth around thresholds in the stage 1 discussion. What we found was [that] it doesn't make a difference. Once you start, it's basically "You do it a little, you do it most of the time," and once you start doing it, you start doing it [most of the time]. So I'd rather not get wrapped around the axle on what the threshold is.

The point is, we want people to start doing it routinely, where they can. We also have the requirement around the exchange that it be done outside of organizational and vendor boundaries. So that's why the 10% is actually quite significant, because in some parts of the country you have a lot of care that needs to be coordinated within the organization or within other organizations that use the same EHR. So the requirement is, I think, substantial that they actually exchange information across organizational and vendor boundaries.

Talking to some people out there on the HIMSS floor, they are convinced -- given CMS's past history and its delay in ICD-10 -- that the federal government won't actually go through with penalties for not complying with meaningful use. What's your response to that?

People have an opportunity, now, to establish the information foundation that can help them deliver care that is more coordinated, that is safer, that's more effective. And, for a couple years, there's going to be both financial assistance from Medicare and Medicaid -- well, Medicaid throughout 2021 -- to help defray some of the costs and disruptions that encompasses. And help from regional extension centers for primary care providers to do that.

That's why they should do meaningful use.

It is our hope and our expectation that the vast majority of providers, if current trends continue -- and definitely nearly every hospital -- is going to be a meaningful user. Not because they're going to be paid [only] 99 cents on the dollar in 2015, but because it's the right thing to do for their practices and for their patients.

Let us know what you think about the story; email Don Fluckinger, Features Writer or contact @DonFluckinger on Twitter.

Dig Deeper on HITECH Act and meaningful use requirements

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.