Skip to main content
PMC home page
Journal of General Internal Medicine logoLink to Journal of General Internal Medicine
. 2013 May 21;28(12):1663–1666. doi: 10.1007/s11606-012-2313-0

Potential Unintended Consequences of Health Information Exchange

Gilad J Kuperman 1,2,, Julie J McGowan 3
PMCID: PMC3832705  PMID: 23690236

ABSTRACT

Accountable models of care delivery demand that health care provider organizations be able to exchange clinical data about the patient. The “Meaningful Use” program is helping to advance health information exchange by requiring physicians and hospitals to exchange clinical data about patients in order to qualify for incentive payments for electronic health records. Early studies demonstrate that the ability to exchange clinical data among provider organizations has the potential to improve clinical care. However, as with any technology, there is a risk of unintended consequences from health information exchange. This manuscript outlines seven aspects of health information exchange that, if not managed properly, may lead to unintended consequences. These categories are: (1) the desire for complete, accurate and timely data for decision making, (2) data management and presentation, (3) assuring routine use of health information exchange, (4) consideration of patient perceptions and concerns, (5) reputational and financial concerns, (6) technical issues and (7) administrative aspects of health information exchange. Education about the capabilities and limitations of health information exchange, along with checklists to support proper implementation and assure that systems are being used as planned, can mitigate risks and help to realize the promise of this powerful technology.

KEY WORDS: medical informatics, continuity of care, technology assessment

INTRODUCTION

In response to impending changes in health care payment models, provider organizations are developing innovative models of delivery to improve the effectiveness and efficiency of health care.13 A key characteristic of the new delivery models is improved care coordination4 enabled by electronic health record (EHR) systems that allow providers to have access to their patient's data from other sites where the patient may have received care. Emerging models for health information exchange include (1) the ability to access community-wide patient record data via a health information exchange organization, for example, when the patient is being seen in an emergency department different from where he or she usually receives care;5 and (2) the direct transfer of the patient’s clinical data from one EHR to another, for example, as part of referral, discharge or transition of care.6 The Stage 2 final rule issued on August 23rd, 2012,by the Centers for Medicare & Medicaid Services (CMS) to implement the Medicare and Medicaid EHR Incentive Programs (referred to as “Meaningful Use”) will further promote the exchange of clinical data through three measures that require the transmission of a “summary of care record” in at least 50% of transitions, for 10% of those to be electronically exchanged, and for at least one transmission to be to a receiving provider who uses a different EHR system than the sender. 7

Emerging evidence suggests that the availability of health information exchange capabilities can improve care.811 However, as health information exchange becomes increasingly feasible and its use is increasingly incorporated into routine care, it is important to consider to what extent negative unintended consequences may result. Unintended consequences can accompany the implementation of any technology,12 and provider organizations that seek to realize the benefits of health information exchange should consider, and proactively put into place, approaches to minimize potential associated risks.

We present seven categories of potential unintended consequences of health information exchange and their root causes, and discuss some approaches to risk mitigation. The categories were ordered based on their potential impact on patient care. Categories one and two could directly impact patient outcomes; categories three and four could have an impact on outcomes secondarily; and categories five, six, and seven could impact organizations that provide care. The categories are congruent with a socio-technical model that has been developed to help guide the implementation of health information technology projects more generally, and takes into account considerations of data, human–computer interaction, clinician workflows, technology, regulatory pressures and local administrative concerns.13 The findings in this article are a product of the Health Information Exchange Unintended Consequences Workgroup, which was sponsored by the Office of the National Coordinator for Health Information Technology (ONC). The final report of the Workgroup can be found at http://www.healthit.gov/policy-researchers-implementers/reports.

COMPLETE, ACCURATE AND TIMELY DATA

Ideally, a physician would have access to complete, accurate and timely patient data to support optimal decision making. Health information exchange capabilities will reduce the extent of data fragmentation, but will not eliminate it entirely. Directed transmission of a summary record at the time of transition will provide data that the previous provider felt to be relevant, but may exclude data that the recipient would have hoped to receive. Even community-wide health information exchange will not include 100 % of the patient’s data because technical, financial or other barriers may limit the participants in the exchange and the kind of data that is exchanged. Idiosyncrasies, such as the timeliness of data from various sources, may not be apparent to the users of the data. It may not be clear how far back in time the available data goes. The level of data completeness and data quality in electronic systems, which may be well understood in a local environment, may be less clear when aggregating data across sites. Provider organizations need to assure that physicians and other clinicians are educated about the nuances of the health information exchange capabilities.

Additionally, a physician may wish to incorporate patient data received via health information exchange into his or her EHR. In some cases, this requires the use of automated patient matching algorithms that rely on demographic data such as name, address and date of birth. Physicians will need to be aware of the performance characteristics and idiosyncrasies of these matching algorithms so they can appropriately interpret the data received via health information exchange.14

DATA MANAGEMENT AND DATA PRESENTATION

While the lack of access to patients clinical data is a barrier to optimal care, a flood of data may overwhelm the clinician’s cognitive capabilities and also may not support optimal care. Data that are retrieved via a health information exchange capability must be appropriately filtered, sorted, aggregated, summarized and presented if they are to be useful for clinical care.15 Presentation methods for data received via health information exchange must take into account the large amount of data that may be retrieved. Additionally, there should be optimal approaches for integrating such data into the local EHR.

Meaningful Use requires the physician or hospital to use “certified” EHR technology to receive the incentive payments. The 2014 Edition EHR Certification Criteria,16 announced by ONC at the same time that CMS announced the Stage 2 final rule, identifies standards for the representation of such data types as problems, medications, allergies, laboratory results, immunizations, and transition of care documents. The increasing use of these standard terminologies by vendors will allow data from multiple sources to be more effectively processed, and thereby better aggregated and organized. However, presentation of such data to the physician will be complex and user preferences should be taken into account. Further research is needed into optimal methods for summarization and presentation when an individual patient has a large amount of data contained in multiple records.

ROUTINE USE OF HEALTH INFORMATION EXCHANGE

Health information exchange will only have a positive impact on care if it is integrated into the workflow and used routinely. In the emerging health care environment, new roles and new workflows are being created. In accountable care models, care managers are increasingly being used to coordinate care, and such managers may require access to health information exchange capabilities as part of a population management environment. For example, a health information exchange may be expected to provide a care manager with an active notification that a hospital admission or emergency department visit has taken place, and then provide access to the details of the encounter.17 For clinicians at the point of care, the methods for accessing data via health information exchange should fit easily into the workflow, and appropriate education about the capability should be provided. EHR vendors will need to work with clinicians to understand the most effective ways of integrating the health information exchange into routine use. Additionally, if the health information exchange capabilities do not provide a sufficient amount of the patient’s data to assist clinical decision making, or if the physician does not have confidence in the accuracy of the data for any reason, the physician may not see the health information exchange as a helpful resource and may not incorporate it into routine use in clinical practice.

If health information exchange capabilities are not viewed as helpful in the clinical environment, they may not be extended beyond their earliest stages and the potential value of health information exchange may not be realized. Sound implementation design principles, structured incentives to encourage use, and education to orient physicians to the strengths and limitations of health information exchange are needed to ensure routine and optimal use of the capability.

PATIENT PERCEPTIONS AND CONCERNS

When clinical data are being exchanged among providers, patients must have confidence that their electronic data is being managed securely and treated confidentially, while understanding the advantages of having their information available to the physicians that are caring for them. If patients believe that their data are not being used appropriately or are not being managed securely, they may not participate actively and fully in their care nor engage with their providers in shared decision-making approaches. If patients do not understand the nuances of health information exchange, for example, who is allowed to view the data, their rights regarding correction of misinformation or limiting what information is exchanged, and the rationale behind consent models, their confidence in the underpinnings and the soundness of health information exchange may be shaken.

The Meaningful Use Stage 2 final rule requires that more than 5% of a physician’s patients send secure electronic messages on relevant health issues to their physician. This new mode of interacting with patients electronically, in addition to other meaningful use requirements, such as providing patients with access to their electronic health information, summaries of their clinical visits and pertinent educational materials, will require educating patients to assure they make best use of these capabilities and to lessen their concerns. Outreach campaigns to patients—locally, regionally and at the national level—are critical to educate patients as to the role of health information exchange as an enabler of optimal care, and to reassure them that their health data will be kept private and managed securely, and based on the patient’s choice.

REPUTATIONAL AND FINANCIAL CONCERNS

As heath information exchange becomes more prevalent, a provider organization may reasonably have concerns about the extent to which the increased access to its data may have negative financial or reputational consequences. For example, a provider organization may feel that it is at risk for losing patients to a competitor because the patient’s data can easily be transferred. A provider organization may feel that health information exchange could allow other organizations to use its data for competitive analysis or marketing purposes. Also, another provider organization may have concerns that inappropriate release of its data by another party may put the organization in a bad light, even if the other party was legally obligated to keep the data private and secure. Meaningful use will help to allay some of these concerns, because it requires EHR users to conduct privacy and security risk analyses. State privacy laws and the Health Insurance Portability and Accountability Act (HIPAA) dictate the allowable uses of data transferred for clinical reasons. Health information exchange organizations that provide access to a community-wide patient record usually create data sharing agreements—with concomitant compliance programs—that govern allowable uses of the data. Continuing compliance training is essential to assure that all such agreements are understood and followed.

TECHNICAL ISSUES

If health information exchange capabilities are to become part of the routine health management infrastructure, they must be reliably available. Since a disturbance in one part of a data network may disrupt activities elsewhere, robust technical approaches are needed to assure that the data exchange technology is stable. Health information exchange infrastructures are more complex than individual provider organizations’ health information technology systems, because multiple participants are involved. Upgrades and maintenance must be coordinated across a set of providers. Organizations that support health information exchange activities will need to be explicit about their downtime procedures and disaster recovery approaches, and participants in exchange activities will need to be familiar with these details. In environments that use a central data repository model for health information exchange, the data contained in the repository may be able to be used as part of a provider organization’s disaster recovery plan.

ADMINISTRATION OF HEALTH INFORMATION EXCHANGE

Administrative aspects of health information exchange include the governance activities that determine and enforce privacy and data sharing policies (including authorization, access controls and auditing policies, as well as breach and compliance policies), the adherence to regulatory requirements and other business aspects of exchange activities. For instance, Meaningful Use Stage 2 core objectives require hospitals to include the capture and reporting of syndromic surveillance data to health departments as a core function, requiring administrative consideration by the health care organizations. Provider organizations need to assure that they understand the administrative obligations that come with participation in health information exchange.

SUMMARY AND RECOMMENDATIONS

The capability to exchange health information among multiple stakeholders will be a critical enabler of innovative care delivery models. It is a critical component of Meaningful Use Stage 2. Such exchange may be done in different ways, and the details of the various approaches currently are being refined. No matter how the exchange is accomplished, there are potential unintended consequences that, if not recognized and addressed as early as possible, could hinder progress. Increased awareness of the possibility of these consequences is necessary.

There are a number of approaches that provider organizations should consider to mitigate the risk of unintended consequences from participation in health information exchange initiatives. Clinicians should be educated about the limitations, as well as the strengths, of the data exchange capabilities. Provider organizations should strive to assure that data retrieval via health information exchange fits well into the clinician’s workflow and presents information in the most helpful format. Optimal data presentation may vary by provider type; for example, a care coordinator may need a different view than the physician. The organization may need to work with its EHR vendor and/or with a health information exchange organization to find optimal approaches to these challenges. Provider organizations should participate in programs designed to increase awareness of health information exchange among patients.18 Physicians and other providers need to incorporate privacy models for health information exchange into their regular privacy and security training activities.

Health information exchange activities are complex multi-phased initiatives. In the design phases, best practices should be identified, especially with respect to workflow and data presentation. In the implementation phases, established technical practices should be followed to mitigate the risk of data transmission errors. In the ongoing operational phase of such initiatives, health information exchange activities should be monitored to understand whether expected benefits are being realized and what mid-course corrections might be needed.

Research areas to mitigate the risk of unintended consequences from health information exchange include, but are not limited to, optimal approaches to patient matching across sites, summarization of the patient’s data from multiple sources and optimal integration of data from external sources into local workflows.

Clinicians expect information technology not only to automate their local workflows, but also to serve as a window onto the world of the patient’s data. Health information exchange capabilities are being developed to advance this vision. As with any promising technology, the risk of potential side effects must be anticipated.

Acknowledgments

Funding/Support

Dr. Kuperman and Dr. McGowan are supported in part by Task Order HHSP23337003T from Westat under Contract HHSP23320095655WC from the Office of the National Coordinator for Health Information Technology.

Acknowledgement

We gratefully acknowledge the contributions of the other participants in the Health Information Exchange Unintended Consequences Workgroup.

Conflict of Interest

The authors declare that they do not have a conflict of interest.

REFERENCES

  • 1.McClellan M, McKethan AN, Lewis JL, Roski J, Fisher ES. A National Strategy to Put Accountable Care into Practice. Health Aff. 2010;29(5):982–990. doi: 10.1377/hlthaff.2010.0194. [DOI] [PubMed] [Google Scholar]
  • 2.Brennan T, Lee T. Risk Shifting in Health Care and Its Implications: Part 1. Health Affairs Blog. Health Affairs, August 24, 2011. http://healthaffairs.org/blog/2011/08/24/risk-shifting-in-health-care-and-its-implications-part-one . Accessed September 6, 2012.
  • 3.Brennan T, Lee T. Risk Shifting in Health Care and Its Implications: Part 1. Health Affairs Blog. Health Affairs, August 25, 2011. http://healthaffairs.org/blog/2011/08/24/risk-shifting-in-health-care-and-its-implications-part-two . Accessed September 6, 2012.
  • 4.Preferred practices and performance measures for measuring and reporting care coordination: a consensus statement. National Quality Forum, 2010. http://www.qualityforum.org/WorkArea/linkit.aspx?LinkIdentifier=id&ItemID=49506 . Accessed September 6, 2012.
  • 5.McDonald CJ, Overhage JM, Barnes M, Schadow G, Blevins L, Dexter PR, Mamlin B, INPC Management Committee The Indiana Network for Patient Care: A Working Local Health Information Infrastructure. An Example of an Infrastructure Collaboration That Links Data from Five Health Systems and Hundreds of Millions of Entries. Health Aff. 2005;24:1214–20. doi: 10.1377/hlthaff.24.5.1214. [DOI] [PubMed] [Google Scholar]
  • 6.Williams C, Mostashari F, Mertz K, Hogin E, Atwal P. From the Office of the National Coordinator: The Strategy for Advancing the Exchange of Health Information. Health Aff. 2012;31(3):527–536. doi: 10.1377/hlthaff.2011.1314. [DOI] [PubMed] [Google Scholar]
  • 7.Medicare and Medicaid Programs; Electronic Health Records Incentive Program—Stage 2. Centers for Medicare & Medicaid Services (CMS), HHS. August 21, 2012. http://www.ofr.gov/OFRUpload/OFRData/2012-21050_PI.pdf . Accessed August 23, 2012. [PubMed]
  • 8.Fontaine P, Ross SE, Zink T, Schilling LM. Systematic Review of Health Information Exchange in Primary Care Practices. J Am Board Fam Med. 2010;23:655–670. doi: 10.3122/jabfm.2010.05.090192. [DOI] [PubMed] [Google Scholar]
  • 9.Kaelber DC, Bates DW. Health Information Exchange and Patient Safety. J Biomed Inform. 2007;40:S40–S45. doi: 10.1016/j.jbi.2007.08.011. [DOI] [PubMed] [Google Scholar]
  • 10.Frisse ME, Johnson KB, Nian H, Davison CL, Gadd CS, Unertl KM, Turri PA, Chen Q. The Financial Impact of Health Information Exchange on Emergency Department Care. J Am Med Inform Assoc. 2012;19:328–333. doi: 10.1136/amiajnl-2011-000394. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 11.Kho AN, Lemmon L, Commiskey M, Wilson SJ, McDonald CJ. Use of a Regional Health Information Exchange to Detect Crossover of Patients with MRSA Between Urban Hospitals. J Am Med Inform Assoc. 2008;15:212–216. doi: 10.1197/jamia.M2577. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 12.Health IT and Patient Safety: Building Safer Systems for Better Care. Washington, DC: The National Academies Press; 2012. [PubMed] [Google Scholar]
  • 13.Sittig DF, Singh H. A new Socio-Technical Model for Studying Health Information Technology in Complex Adaptive Healthcare Systems. Qual Saf Healthcare. 2010;Supple 3:68–74. doi: 10.1136/qshc.2010.042085. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 14.Grannis SJ, Overhage JM, McDonald CJ. Analysis of identifier performance using a deterministic linkage algorithm. Proc AMIA Symp. 2002:305-9. [PMC free article] [PubMed]
  • 15.Feblowitz JC, Wright A, Singh H, Samal L, Sittig DF. Summarization of Clinical Information: A Conceptual Model. J Biomed Inform. 2011;44:688–99. doi: 10.1016/j.jbi.2011.03.008. [DOI] [PubMed] [Google Scholar]
  • 16.Health Information Technology: Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, 2014 Edition; Revisions to the Permanent Certification Program for Health Information. Office of the National Coordinator for Health Information Technology (ONC), HHS. September 4, 2012. http://www.ofr.gov/OFRUpload/OFRData/2012-20982_PI.pdf . Accessed November 15, 2012. [PubMed]
  • 17.Moore T, Shapiro J, Doles L, et al. Event Detection: A Clinical Notification Service on a Health Information Exchange Platform. Proc AMIA Annu Symp, 2012. In press. [PMC free article] [PubMed]
  • 18.HEALTHeLINK. Home/Patients. http://wnyhealthelink.com/Patients. Accessed November 15, 2012.

Articles from Journal of General Internal Medicine are provided here courtesy of Society of General Internal Medicine

RESOURCES