The Oct. 20 meeting of ONC's Health IT Policy Committee Information Exchange Workgroup was able to shine a light on some barriers to the electronic exchange of laboratory data, and emphasize the issue's significance. For one, the current practice of writing and testing interfaces between labs and EHRs is time-consuming and expensive. CLIA (Clinical Laboratory Improvement Amendments) regulations require the labs to verify that each individual EHR implementation is configured correctly to exchange data. One speaker noted that for clinics adopting EHRs in her health system, implementing, testing and validating a lab interface takes from 10 to 14 weeks. Some speakers recommended that the EHR certification process require that systems use national lab standards and display lab results in a CLIA-compliant way. Others called for decreasing constraints on the labs and putting that onus on the EHR vendors.
The meeting also provided a venue for a consumer-focused organization to raise the issue of patient access to lab data. These activists see patient access to lab data as crucial to consumers being better able to manage their own health information in personal health records. The group HealthDataRights.org is calling attention to federal regulations under the HIPAA Privacy Rule that treat test results differently from other protected health information.
HealthDataRights.org also notes that CMS regulations state that results can only be delivered to "authorized persons," which does not include the patient. The group proposes that the federal government treat the lab test data under HIPAA like all other data, and that the term "authorized person" should explicitly include the patient.
While the group notes that some state laws may restrict access to test results, removing federal barriers could have benefits. It claims that approximately 7 percent of lab results are never reported to the patient and that approximately 14 percent of labs and other tests are repeated because earlier results aren't available.
Some clinicians may balk at the idea of patients getting lab results directly. They have legitimate worries about patients freaking out after receiving abnormal test results directly from a lab without interpretation by a physician. But HealthDataRights.org notes that under the HIPAA Privacy Rule, covered entities/providers generally have up to 30 days to respond to an individual's request for their information.
With so many other certification and standardization issues to grapple with, this may end up being a low priority for the feds. But with the definition of meaningful use likely to include gradually increasing patient access to their own health records, this may be a proposal that regulators take seriously.
