Patient engagement and access to data are hot ticket items across the healthcare IT spectrum, and in no place does this ring truer than with health information exchange. Looking forward to Meaningful Use Stages 2 and 3, it is important to involve the patient in the delivery of care. HIE supports information sharing among all critical stakeholders along the continuum of care, to support clinical decision-making for appropriate treatment and better health outcomes. As such, many believe that patient access to data is a critical component to the effective use of health information in HIE. Vendors and states alike are working to incorporate the patient into the HIE community.

While patient engagement through access to health data has clear-cut clinical benefit, a number of unique privacy and security concerns also arise as patients begin retrieving and entering data through the exchange. The “Protecting Patient Privacy” module of this toolkit details the steps that an HIE can take to ensure that sensitive health data remains private and secure as patients gain more access to the system.

The following sections introduce emerging approaches that are gaining popularity among HIE efforts for patient access to their health information and in hopes of driving increased involvement and engagement in patients’ own care.

Patient Portals

Perhaps the most advanced tool for patient involvement in HIE is the patient portal. A number of vendors are beginning to offer web-based patient portals as value-added components of their solutions. These patient portals usually start with the ability of patients to see a snapshot of their health information, and obtain all important health information that may have been otherwise difficult to find. Patients can also add comments to their existing records, so that a physician can take into account patient feedback when they follow-up and access that patient’s information. If a patient suffers adverse side effects to a medication or would like to pass information back to the doctor on feedback from a specialist, some portals will enable the patient to input such comments. While patients are unable to change, add, or delete health information from a record, this commenting capability can be powerful in assuring that any discrepancies a patient catches in the record will be addressed at the source of the information (i.e., doctor’s office, hospital, diagnostic center, etc.). The patient portal may also hold administrative capabilities, and serve as a platform for reminders, online scheduling, and even secure messaging between patient and provider. Allowing patients to update their contact and insurance information through the portal can streamline administrative workflows. Perhaps most importantly, portals give patients the keys to control their own health. Empowering patients through access to their own data and arming them with the tools to make health decisions aligns perfectly with HIE’s overarching goal of delivering better health outcomes.

Personal Health Records

Health information exchange platforms may also interface with a patient’s personal health record to create a gateway for exchange. Numerous PHR platforms exist today, through payers, provider organizations, and technology vendors. Patients are given the power to control and maintain their own health information, pulling information from the HIE and inputting any additional data they see fit to add to the record. HIEs have been slow to adopt PHRs as a top implementation priority over connecting providers. But, as HIEs become more mature, that is changing. With careful planning, HIEs have a distinct opportunity to provide PHRs. Unlike PHRs connected to a health plan or provider organization, a PHR provided by the HIE is not “tethered” to a specific entity. That means that when a patient changes health plans or providers, the patient does not risk losing access to the PHR and the data in it. Also the HIE has the potential of populating the PHR from many data sources. If a vendor PHR is connected to the HIE, then additional data is also potentially available to populate the vendor PHR.

In some cases, consent may be managed through the PHR, with patients deciding exactly who may or may not view information, and also enabling or disabling features such as “Break the Glass” access. Authentication services are also a critical piece in integrating PHR with HIE as a means of ensuring the validity of information entered into the record. These PHRs can act as a node on the HIE, with information available to any provider with consent, but cannot be directly integrated into the provider’s official records or altered in any way, as patients can decide to include or exclude whatever information they want. These capabilities require extensive integration and architecture design considerations. When evaluating whether or not to provide a PHR, HIEs should consider the following:

• how they will authenticate the patient;
• how to handle caregiver’s access/management of the patient’s data (i.e. family member/guardian);
• how to ensure security of the information once it leaves the HIEs domain (and the risk to the HIE for this); and
• how to engage patients in the PHR.

Blue Button Initiative

The Department of Veterans Affairs “Blue Button” Initiative, developed in collaboration with the Centers for Medicare and Medicaid Services (CMS), the Department of Defense, and Markle Foundation, enables veterans to download a cross-sectional view and summary of their health data through their My HealtheVet account. The information is downloaded as an ASCII text file which is an easy and simple electronic text format readable by most internet browsers and word processing applications, that can be printed or saved to computers or portable storage devices. More information on the Blue Button Initiative is available at http://www.va.gov/bluebutton/.