Ensuring Patient Access to Healthcare Records Act: What It says and What It May Do
By Anne Kimbol, Texas Health Services Authority, Director of Compliance Services
On December 11, 2017, Congresswoman Cathy McMorris Rodgers (R-Washington) introduced H.R 4613 into the 115th Congress, 1st Session. The bill states its short title as the “Ensuring Patient Access to Healthcare Records Act of 2017” and states it is about “allow[ing] the use of claims, eligibility, and payment data to produce reports, analyses, and presentations to benefit Medicare, and other similar health insurance programs, entities, researchers, and health care providers, to help develop cost saving approaches, standards, and reference materials and to support medical care and improved payment models.”
In terms of individual access to information, the bill would require clearinghouses to respond to patient requests for their own data in the same manner hospitals and payers must now. They would also be allowed to charge reasonable fees and could pass along any fees from other clearinghouses if the patient authorized the original clearinghouse to buy more of the patient’s data from other clearinghouses. The idea appears to be that clearinghouses will be better at providing data from multiple providers and in a longitudinal manner than is currently being done. While the first is certainly true, we will have to see about the latter.
There is some concern about the usefulness of clearinghouse data, which is generally limited to claims data, versus provider data, which is generally clinical data, but often some information is better than none. The other main criticism is that even people within the health policy field do not know what clearinghouses exist, so “regular” patients would not know how to get this information, even if they knew the possibility existed.
The main thrust of the bill language focuses on changing how a healthcare clearinghouse can act under the Health Insurance Portability and Accountability Act (HIPAA). Currently clearinghouses, which focus largely on taking the data from providers that is in a non-standard format and moving it into a standard format or vice versa, are covered entities under HIPAA for certain purposes only and are business associates for most other purposes. Under the bill, clearinghouses would have the same abilities to share information without patient consent for most purposes and to de-identify data as other covered entities do now. Clearinghouses would also have expanded abilities with respect to aggregating data and aiding in clinical trial recruitment, both potential money-making activities.
Additionally, all covered entities under H.R. 4613 would be allowed to use and disclose information for healthcare operations purposes, whether or not a relationship exists between the covered entity and the patient whose information is being used or disclosed.
The bill would require clearinghouses seeking to use some of this expanded authority to receive accreditation from the Electronic Healthcare Network Accreditation Commission or a similar body relating to data accuracy and technical infrastructure to support sufficient security protocols.
It is unclear as of yet what the bill’s likelihood of passage is, but it could be a game-changer in expanding the use and disclosure of data without patient consent.