Talk to a Security Expert Now: (800) 721-9177

The Federal Health IT Strategic Plan and the Final Four

I just finished reading the ONC’s (Office of the National Coordinator for Health Information Technology) draft document The Federal Health IT Strategic Plan (“the Plan”) while watching the Butler-Florida game in the quarterfinals the 2011 NCAA Championships.

One of the ONC’s key responsibilities is to provide strategic leadership to the public and private sector. Mandated under the HITECH Act of 2009, the ONC is must publish and update its strategic plan for improving healthcare through the use of information technology. Making this plan public and in fact, inviting public comment, is helpful to the cause. It gives the ONC a vehicle to communicate priorities, guide efforts and influence allocation of resources. What’s not quite clear is how frequently the ONC is required to update the plan. The last plan was dated June 3, 2008 and covered the 5 year period 2008-2012. This latest plan is intended to cover 2011-2015. Is that sufficient? Let’s turn to basketball for a moment. .

While watching Butler beat Florida, I noticed how frequently the TV commentators used the word “adjustment” to describe mid-game coaching decisions. At this level of competition, both teams clearly started the game with a strategy for winning. So did these adjustments or tactical maneuvers reflect changes in their strategy? No. Theoretically, the development of a comprehensive strategy should include contingency planning (e.g. If X happens, do Y; if A occurs early, respond with B). Butler’s strategic plan to win the game included limiting Florida’s ability to score from the 3-point range. Yet, even having achieved that, they were losing by 11 points with 9 minutes left in the game. Contingency time. Since star player Matt Howard was in no danger of fouling out of the game, Butler could risk having him play very aggressively during the games final minutes. The strategy with contingency plan was successful. Game won.

How is this relevant to The Federal Health IT Strategic Plan? Last published in 2008, I’ll give the updated plan points for “adjusting” to the rapidly changing landscape of health IT. The past few years were marked by truly major legislation – the HITECH Act and the Patient Affordable Care Act have galvanized  organizations throughout the industry; each mapping out their own specific organizational goals and initiatives.  We are now on the verge of dramatic changes. With that, the ONC’s new 5-year plan builds on the foundation of meaningful use (both as a rallying cry and as a measure of electronic health record (EHR) adoption and information exchange), with the ultimate goal of improving health care outcomes.

The Strategic Plan sets 5 overriding goals for “unlocking the vast promise of electronic health information to improve decision making, help individuals better manage their health, and improve the health system’s capacity for rapid learning.” These goals are listed below:

  • Goal I, the health information exchange strategy focuses on first fostering business models that create health information exchange, supporting exchange where it is not taking place, and ensuring that information exchange takes place across different business models.
  • Goal II, we discuss how integral health IT is to the National Health Care Quality Strategy and Plan that is required by the Affordable Care Act.
  • Goal III, we highlight efforts to step up protections to improve privacy and security of health information, and discuss a major investment in an education and outreach strategy to increase the provider community and the public’s understanding of electronic health information, how their information can be used, and their privacy and security rights under the HIPAA Privacy and Security rules.
  • Goal IV, we recognize the importance of empowering individuals with access to their electronic health information through useful tools that can be a powerful driver in moving toward more patient-centered care.
  • Goal V, we have developed a path forward for building a “learning health system,” that can aggregate, analyze, and leverage health information to improve knowledge about health care across populations.

Admirable. But is it a winning strategy? Since the ONC has asked for public comment, I’m going to give it. In the 80-page document, only 6 pages are dedicated to privacy and security (pp 29-35), nowhere near sufficient. Also, efforts to improve privacy and security are listed as Goal #3 on a list of 5. This gives this very important topic the imprimatur of being either third in priority or third in time sequence. Even if an unintended impression, it is at best misleading as privacy and security are necessary conditions for achievement of all of the other 4 goals. Also to be fully comprehensive, the ONC’s Strategic Plan must address contingencies – what if breaches continue to increase despite more stringent breach notification rules and more costly penalties? How can the industry combat the undermining of public trust by publicizing its failures?

I’d suggest elevating privacy and security to a higher plane. Rather than a goal, make it as foundational an element as meaningful use. I’m be submitting my more formal comments by the April 22 deadline via the HSS ONC Health IT Buzz Blog – accessible at http://www.healthit.gov/buzz-blog/from-the-onc-desk/hit-strat-plan/#comment Meanwhile I’d love to hear your thoughts on how we can make privacy and security the bedrock of the strategic plan. Perhaps we can borrow from the “Butler Way,” and agree that the mission to transform healthcare IT “demands commitment, denies selfishness, accepts reality yet seeks improvement every day, while putting the team above self.” This is a game we can’t afford to lose. Go Bulldogs!

Leave a Reply

Your email address will not be published. Required fields are marked *