Hacker News new | ask | show | jobs
by markolschesky 4855 days ago
None of the above, IMHO.

In San Francisco, Kaiser could electronically share patient data with every other system running Epic with very little technical work and price. We're talking hours of work here. That would let them share data with UCSF, PCMH and every other Epic site.

They don't. Why not? It's because sharing patient data makes it easy to poach patients, and that's bad for business. There are similar situations in other cities too.

I don't blame them because the government hasn't made data exchange required yet. It's coming, with some of the requirements for Meaningful Use Stage 2 & 3 and the work done by the S&I framework. APIs will help too, because HL7 is confusing to newcomers and costs money. Vendors could make this easier too, but it's not like Epic or Cerner could compel anyone to share patient data.

I have a more in depth answer about this topic here: http://www.quora.com/Electronic-Health-and-Medical-Records/W...
1 comments
Mz 4855 days ago
I would think HIPPA is one of the issues here. Federal law says it is a big no no to freely share health info without a raft of signed paperwork, basically.
link
markolschesky 4855 days ago
Typically customers handle this through some type of waiver system. Generally at the initial visit in an organization a patient signs a ton of releases that state that the parent organization allowed to share patient information as needed through the course of treatment. Most people want to share their information, but there are systems in place to restrict access as needed by law/best practices. Patients can opt out of data, and some data sharing systems support this through various technical choke points. If you were a nurse at one organization, you may not want people snooping through your medical records at another medical organization. The Direct Protocol supports this through pseudo-anonymity of accounts.
link
Mz 4855 days ago
I worked at an insurance company for five years. Part of my job was to get authorizations so I could request medical records. I had annual hippa training. I was not allowed to read any medical records or request any medical records that were not directly involved in doing my job. One standard of hippa is "minimum necessary." That means I am only entitled to as much information as is absolutely necessary to do the job and not more. So I suspect that some system to share records has serious challenges.
link