Putting the Portability back in HIPAA

This is a 4 part blog series on the current state of affairs among large Health IT systems such as, EMRs, patient portals and Practice Management tools. These systems lack interoperability and as a result healthcare efficiencies and advancements are grinding  to a halt. Software vendors are missing the point of HIPAA. Through the course of these coming blogs I will cover the current state of affairs, how to make these systems more interoperable, why we should make them so and the benefits this will provide to all of us.

Part 1: Private Portability

T.S. Elliot, in reference to Dante, once said that hell was a place where “nothing connects to nothing.” This translates well to the present landscape of Healthcare technology. There are a plethora of systems, tools, interfaces and dashboards out there but none of them offer seamless integration to each other or more importantly to any of the widely adopted Electronic Medical Records (EMR) on the market. But can you blame them? Everyone is so afraid of breaking HIPAA rules that they cannot develop or engineer IT systems with the flexibility required to easily integrate with each other. Any small breach of information or mismanagement of access controls can lead to major fines from the Human Health Services. Secure data portability is not possible without interoperable IT systems. Yes, data and system security is paramount but the P in HIPAA stands for Portability not Privacy hence The Health Insurance Portability and Accountability Act.

HIPAA is a sweeping federal ruling that sets national standards to protect the privacy of individually identifiable health information. Additionally, HIPAA protects the secure transfer of all Personal Health Information (PHI) and what entities have access to certain data. While this rule is primarily focused on patient privacy, it was intended, and has succeeded, in setting requirements for the portability of PHI.

In order to see the true benefits of the HITECH Act the patient must be able to port their data from Doctor to Doctor, office to office, hospital to hospital etc. Regardless, of what EMR system (or any system for that matter) that they use. Interoperability describes the extent to which systems and devices can exchange data, and interpret that shared data. For two systems to be interoperable, they must be able to exchange data and subsequently present that data such that it can be understood by a user. New platforms come out almost weekly that tout new patient metrics, reporting and other engagement tools – but the data is all stored on an island in side of the clinic. EMRs need to open their integration points to let these cutting edge platforms connect with their database. This can vastly improve interoperability but the additional results are even more promising from reducing redundant workflows and wasted dollars to increasing user experience and improving patient engagement.

Part 2 in the series will go into depth on ways in which pre-existing technology platforms can be leveraged to extend these legacy systems, significantly improving data portability and interoperability. So stay tuned for the next installment of Putting the Portability back in HIPAA.

Update: All of the P in HIPAA Resources

Part 2:  Data Portability Through Superior Technology

Part 3: Why Should We Make These Systems More Interoperable?

Part 4: Conclusion


Tags: , ,

Dig Into The Code

Join the Drupal community and get our open source project at


Work With Us

The Achieve Internet team can do the migrations, integrations, and site customizations you need.

Contact Achieve Health