In Meaningful Use Stage 3, an API could replace the patient portal for some providers

By Jonah Comstock
Share

JONAH_COMSTOCK_HEADSHOTLast week, the Centers for Medicaid and Medicare Services (CMS) announced the long-awaited proposed guidelines for Stage 3 of Meaningful Use requirements for electronic health records. On the same day, the Office of the National Coordinator for Health IT (ONC) released the proposed 2015 certification criteria for EHRs. The standards proposed will be optional through 2017 and mandatory for all hospitals in 2018. They have been opened up for public comment.

The new guidelines contain a few changes to the patient engagement provisions, including a provision that would allow APIs to be used in place of patient portals to give patients access to their data and requirements for secure messaging and patient generated data.

Current Stage 2 Meaningful Use guidelines require not only that patients have the capability to "view, download, and transmit" their data from the EHR via a patient portal, but that 5 percent of patients actually make use of this functionality. The proposed guidelines would increase that requirement to 25 percent, but it would also give hospitals the option of providing that access via an API rather than a portal.

"From the provider perspective, using this option would mean the provider would not be required to separately purchase or implement a 'patient portal,' nor would they need to implement or purchase a separate mechanism to provide the secure download and transmit functions for their patients because the API would provide the patient the ability to download or transmit their health information to a third party," the proposed guidelines state. "If the provider elects to implement an API, the provider would only need to fully enable the API functionality, provide patients with detailed instructions on how to authenticate, and provide supplemental information on available applications which leverage the API."

CMS will create eligibility standards for APIs which will apply to those created by the EHR vendor, like Allscripts and Epic have already released, or by a third party. The guidelines also lay out some of the potential benefits to an API approach.

"From the patient perspective, an API enabled by a provider will empower the patient to receive information from their provider in the manner that is most valuable to that particular patient," the guidelines state. "Patients would be able to collect their health information from multiple providers and potentially incorporate all of their health information into a single portal, application, program, or other software. We also believe that provider-enabled APIs allow patients to control the manner in which they receive their health information while still ensuring the interoperability of data across platforms."

Dr. Ricky Bloomfield, the director of mobile technology strategy at Duke University pointed out two other features of the new documents on his blog: Meaningful Use Stage 3 will require 35 percent of all patients to receive a secure message in the course of care, and it will require providers to incorporate patient-generated data from a non-clinical setting into the EHR from 15 percent of patients.

"This is exciting," Bloomfield writes. "While patient-generated data can come in many forms, including manual entry by patients, this measure will only be achievable if we employ technologies that reduce or remove such barriers. Apple's HealthKit is by far the easiest-to-deploy tool to facilitate this data handoff currently, and it's available right now. We're hopeful an Android-equivalent will be available soon for patients with those devices."

CMS and ONC will be accepting public comments on the two documents through May 29th.