Report on Patient Privacy Volume 23, Number 2. ONC’s Tripathi: HIPAA Doesn’t Impede Sharing, Requirements Under Info Blocking Regulation: February 2023 | Health Care Compliance Association (HCCA)

[author: Theresa Defino]

Report on Patient Privacy 23, no. 2 (February 2023)

When Micky Tripathi’s mom was recently transferred to a rehab facility to recover from a broken hip, the hospital, “right in front of me…printed off her record, handed it to us, and the ambulance driver, for her to bring to the rehab hospital.”

After the one-mile trip to the rehab—which Tripathi said is part of a larger health organization with a “very good and well-performing EHR” (electronic health record)—staff took the file and “scanned it into their EHR.” Tripathi knew that a network linking the hospital and rehab was “running in the background” of the EHR. Not only is he up on local and regional network development, Tripathi also happens to be director of the HHS Office of the National Coordinator of Health Information Technology (ONC) and is deeply involved in launching a national network called the Trusted Exchange Framework and Common Agreement (TEFCA).[1]

At both the hospital and rehab, “I was looking at them and saying, ‘What? You guys are connected. You realize, I know you are connected. This is my job. Why aren’t you using that capability?’” The frontline staff seemed just as incredulous, with one replying, “I have no idea what you’re talking about…there’s an electronic system so we don’t have to print this off and scan it? I would love that kind of system!” Tripathi recalled during a recent podcast with the American Hospital Association (AHA).[2]

His experience demonstrated “there’s a huge gap between what’s implemented by the system itself” and what the chief information officers know about “and what the frontline users know about and have access to and make a part of their day-to-day routine,” Tripathi told Nancy Foster, AHA vice president for quality and patient safety policy.

TEFCA is being developed as Congress directed under the 21st Century Cures Act as a technical and governance model “to connect the existing networks with each other,” Tripathi said, “so that a hospital user, a doctor, regardless of what network their EHR system” to connect “to every other network in the country in the same way that your cell phone connects to every other cell phone network.” ONC anticipates TEFCA, or at least certain early participants, will be “going live” later this year, he said.

In addition to network connectivity, Tripathi discussed how the information blocking regulations his office wrote interact with HIPAA, addressing some of the misconceptions that continue to thwart data sharing. He touched on enforcement, noting that the HHS Office of Inspector General (OIG) still has not issued the relevant rule, and shared how the pandemic accelerated IT adoption and fueled patient engagement.[3]

[View source.]