The shift from fee-for-service to payment for outcomes based on the quality of patient care delivered means hospitals and doctors need to rethink how they use electronic health records.

In most U.S. hospitals, electronic health record systems are already in wide use. That accounts much for Medicare and Medicaid electronic health record (EHR) incentive programs launched in 2009 and aimed at encouraging eligible professionals and hospitals to adopt, implement, and demonstrate meaningful use of certified EHR technology.

As of 2016, over 95% of hospitals qualified for these programs achieved meaningful use of certified health information technology and were exempt from penalties. However, data exchange and security still need work.

Incentive programs to phase out, what’s next?

The Centers for Medicare and Medicaid Services’ EHR incentive programs will wind down this year to become part of the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), which changes the payment system for doctors who treat Medicare patients from fee-for-service to payments based on quality of care outcomes.

What changes are eligible hospitals and physicians to expect under this new quality payment program allowing for two different payment models?

“The focus will move away from rewarding providers for the use of technology and toward the outcome they achieve with their patients,” CMS says. In other words, MACRA will encourage providers to deliver value-based outcomes and promote a system based on quality of care, as opposed to quantity.


And a greater focus on customization, interoperability, and patient data safety will be a passport to success.

Customization: The art of the possible

There are three keys to successful EHR optimization, putting the spotlight on personalization, or software customization.

Indeed, certified EHR software with even minor custom features might contribute more to achieving meaningful use. However, it’s vital to conduct a cost-benefit analysis to make sure this endeavor isn’t more trouble than it’s worth.

For example, the University of Vermont Medical Center has successfully customized their EHR system to fight alert fatigue. Namely, they used clinical decision support (CDS) technology to tailor the type and the number of interaction alerts to a more manageable level.

Their three-pronged approach included fine-tuning the process of activating alerts, introducing more parameters and filters into data, and enabling clinicians to locally customize their needs.


EHR interoperability is still tricky

Much has been said about interoperability in healthcare. But the outcomes are not so positive due to variations in standards and lack of a national patient identifier. Other impediments include harsh competition among EHR vendors and promotion of proprietary software.

In a try to address the interoperability issue, the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services mandated that EHRs should be capable of open application programming interfaces (APIs).

The allure of an open API is that it enables EHRs to communicate with each other. Patients, in turn, can retrieve medical records from any hospital, lab, insurance company, or physician office via a tethered personal health record or a secure website (patient portal). A tethered, or connected, PHR is linked to a specific health care organizations electronic health record (EHR) system or to a health plans information system.

The ONC also touts the Fast Health Interoperability Resources (FHIR) standard as a key driver of establishing a foundation for an interoperable health information technology infrastructure.

FHIR’s focus on pragmatic and modern data standards (C-CDA, HL7 v3, and HL7 v2) makes it well suited for an array of applications such as mobile apps, EHRs, and analytical systems.


Two notable organizations promoting open APIs, the SMART project and CommonWell Health Alliance, have already committed to implementing FHIR. Apple is another company that creates electronic records based on FHIR, allowing iPhone users to access the available medical data from multiple providers.

Playing it safe: Security and privacy issues

It’s not enough to adopt and customize an EHR system. To deliver value-based care, hospitals must ensure that a patient’s data is highly protected. It becomes an even more urgent matter within an interoperable health IT infrastructure that health organizations and software developers are striving to create.

To prevent protected health information (PHI) from being stolen, make sure your EHR system is HIPAA-compliant. The HIPAA Security Rule demands that healthcare providers set up administrative, physical, and technical safeguards to protect data. EHR software should also include a number of safety measures:

  • Access controls to help limit access to personal health information (PHI) (it may be passwords or PINs);
  • Encryption so that the data stored in the system can be read and understood only by properly authorized specialists (those who are able to decrypt it using a special key);
  • Audit trails to record the system access history, i.e. what changes were made, when, and by whom.

Physicians may work with mobile devices, tablets, or laptops to access and process health information, making it even more vulnerable to leaks. In this regard the U.S. Department of Health and Human Services suggests that caregivers use these recommendations to secure patient data.

Moreover, hospitals should promote “data hygiene” — shielding PHI and educating personnel on how to do that. For instance, St. Luke’s University Health Network has recently found success with its employee-training program by conducting quarterly scenario-based presentations on phishing, malware, and URL defense.


EHR: Going mainstream

The facts and figures provided above show that much has been done to increase the EHR adoption rate among U.S. hospitals. However, delivering value-based care presupposes something more than just implementing EHR software. It’s also a must to create non-complex medical workflows, enable smooth data exchange with third-party systems, and enhance security.

Yet, that is not easy from the technical point of view. To succeed, you may need the help of experts who have a proven success record in developing custom software for the healthcare industry.

In addition, remember the educational aspect and take proper care of training staff on using EHRs.

Yana Yelina is a technology writer at Oxagile, a New York developer of custom medical applications and services.

Keep up with latest coverage on digital healthcare by signing up for Internet Health Management News today.