Happy 20th, HIPAA. You’ve Been A Bust.

Home/Insights & Impact/Happy 20th, HIPAA. You’ve Been A Bust.

Happy 20th, HIPAA. You’ve Been A Bust.

Here is how a law introduced to benefit all of society in very meaningful ways gets sidetracked and stays sidetracked.

Some quick background. HIPAA was enacted 20 years ago by Congress as an attempt at healthcare reform. Most people don’t know this, but when it was passed in 1996, there were really just two main objectives:

  1. Ensure people could maintain their health insurance between jobs.
  2. Ensure security & confidentiality of patient data by mandating uniform standards for electronically transmitting administrative and financial data between healthcare providers, health plans, clearinghouses, banks, etc.

For the most part, #1 has been successful. Hooray. And for the most part, #2 has been a dismal failure. Boo.

By the time HIPAA was enacted, the Department of Health & Human Services estimated that 400 different forms or data formats were in use to process healthcare claims. This lack of standardization made it difficult for software vendors to build solutions that could dramatically decrease the administrative cost of providing healthcare. In essence, HIPAA was originally designed to standardize the (secure) flow of health information between all the players in the system.

So in theory, HIPAA made a lot of sense. By law-enabling interoperability, HIPAA would eliminate the proprietary systems that were making it impossible for healthcare to be administered efficiently. Think of all the everyday transactions that could be more easily and inexpensively exchanged this way – claims, enrollment/dis-enrollment, eligibility verification, invoicing, payments, authorizations, referrals, coordination of benefits, claim status queries, and more. Just a huge, huge amount of paper being replaced by electronic transactions. Billions of dollars in cost reductions. Less human error. Improved health outcomes. What’s not to be in favor of and promote?

Now fast forward 20 years to 2015. Here is a good summary of the “progress” made after two decades:

“From the federal government on down, there is no denying that the main goal of health IT companies in the next several years is to develop more interoperable EHR systems that can “talk” to one another. In the middle of this strive for greater interoperability is an ongoing feud between CommonWell Health Alliance, an industry trade group made up of many of the largest EHR systems vendors, and the Verona, WI-based Epic Systems, the giant health IT vendor which has decided not to join the alliance.”

There’s that word again — interoperable. The elusive interoperability. 20 years later and we still haven’t standardized how health information flows to make it easy for different systems to talk to each other. This despite the fact that the federal government has now paid out over $19 billion as incentive for healthcare providers to implement electronic health record systems.

Must be pretty complex technology, yes? In a word, no. The technology has been around for decades. This issue has very little to do with technology challenges and everything to do with the largest incumbents in health IT consolidating the industry and keeping barriers to entry high. In the process, innovation has been stifled. The innovators have been systemically excluded and many viable start-ups driven out financially. One could easily argue it is the classic vendor lock-in business model at work, ensuring the status quo is protected.

One thing is clear: There’s no reverting back to paper. The benefits of healthcare data being stored and transmitted electronically are so great that moving in any other direction would be nonsensical. This data needs to be portable between all the players in the system. And it needs to be accomplished in a way that separates the profit motive from the societal benefits that technology can bring. The current mix of corporate giants, lobbyists and a slow-acting federal government isn’t allowing this to happen.

For there to be more progress, the power struggle between the two industry heavyweights (CommonWell Alliance, Epic Systems) has to be settled, and the health IT community has to make it easier for smaller innovators to participate and profitably exist.

Think Google and the way they’ve gone about things. Industry standards are developed in a fairly open process. System interfaces are free for anyone to use. Open source software is encouraged, not penalized. If this all became reality in healthcare, the main thing holding back progress would be the healthcare providers themselves, who unfortunately are being encouraged by government and insurance carrier reimbursement models to fiercely compete against each other (and in the process, discouraged from interoperating and sharing information).

This mess is a long way from being solved. What started 20 years ago as a noble legislative mandate was long ago hijacked by people and organizations with a lot to protect and strongly motivated to control the direction of the health IT industry. Whether Washington is able to deflect lobbying efforts enough to wrest some control back remains to be seen. For the sake of the general public that was supposed to benefit more than it has from HIPAA, we can only hope.

About the Author:

Joe McGrattan oversees strategy and business development for Triple Helix. For nearly three decades, he has been helping companies leverage technology and their data to conduct business more effectively in a digital economy. This includes building strategic-level alliances with non-tech professional services firms whose clients are demanding more information management and technology-related guidance from them. Joe’s blog contributions focus on business-oriented advice to companies on how to take advantage of their data to run smarter, faster, leaner and more securely. He can be reached at joe.mcgrattan@3xcorp.com or found on LinkedIn.