The $800 billion 2009 American Recovery and Reinvestment Act (ARRA) set aside $36 billion toward health information technology (health IT) initiatives, including over $500 million for the State HIE Cooperative Program. This federal program provides funds to each state for the successful planning and development of infrastructure that supports the exchange of electronic health data between physician electronic health records (EHRs), hospital EHRs, lab systems, radiology centers and other clinical IT systems. For example, in Texas we are using these funds to support the development of local health information exchange entities, called HIEs, across the state and to concurrently develop the policies, standards and infrastructure needed to safely/securely connect these HIEs to each other. The statewide HIE network will also be built to be compatible with national standards and efforts.
Each state's effort to develop a network of community HIEs and/or a statewide HIE will be more successful with physicians involved upfront with governance and policy development. When working with local HIEs most physicians will generally understand and appreciate the importance of protecting the privacy and security of electronic patient health information. Their inherent knowledge on this issue will help guide policies in the right direction. A more complex issue for physicians to understand is the relationship between HIEs and patient care. A heightened awareness of this issue will allow physicians to properly inform HIE policymakers about the need to establish an environment where local HIEs, HIE networks and physicians share accountability for safe patient care.
To deepen physician's understanding of this issue I encourage them and others to think about an HIE as a tool physicians use as a part of patient care, similar to a surgical tool. If a patient is harmed by a surgical tool that broke because the physician used it incorrectly, the physician is negligent. If the physician used the tool correctly but it still broke, but it has only broken 8 times in over 10,000 surgeries and the patient consent explains this remote risk of breakage, then no one is negligent. However, if it broke and the issue had been reported to the vendor by many physicians on a repetitive basis, but the vendor failed to investigate the issue and fix the problem, or failed to inform physicians and patients of the increased risk in the meantime, then the vendor is negligent.
This perpsective will help physicians advocate for policies that lead to an environment where HIEs and physicians share accountability for safe patient care. Effective policies will lead to contracts and agreements which acknowledge that:
- HIEs and HIE infrastructure are tools used by physicians during the course of patient care
- HIEs are responsible for informing patients and doctors about the inherent risks of the electronic health information exchange including changes in risks when issues are identified
- HIEs have a responsibility to continually monitor for and mitigate risks associated with their services that may impact quality of care provided by physicians