Different practices can form agreements to share patient data electronically on a secure, interoperable system.
These EHR data sharing and exchanges allow providers to easily access and share changes to patient records so providers from different specialties can readily use the same information. For chiropractors, these agreements represent an opportunity to view records created for their patients by another partnering clinic.
Your practice may potentially enter one of these exchanges with, for instance, a medical clinic or another chiropractic clinic. If one of your patients receives an X-ray test from their other doctor, the test would be noted in your patient’s record.
With clearer communication between different practices and specialties, holistic treatment becomes a closer reality for your patients.¹
A significant goal of EHR exchanges is promoting interoperability. These exchanges can be small or relatively large. Clinics that operate in partnership as a group or are part of the same chain may have their own agreements, while some exchanges are much bigger, spanning across the country.
One medical exchange in particular, the eHealth Exchange, operates nationally and connects the records of more than 100 million patients.¹
Because most vendors are working towards improving the interoperability of their EHR software, your EHR likely already has the capability to ‘talk’ to other EHR systems. Many providers are adopting interoperable EHR systems that are capable of interfacing directly with other EHR products.
Providers can use these systems as they create interoperable networks for record-sharing between themselves and clinical partners.¹
Creating a partnership
Finding another practice willing to participate is the first step to creating your own health information exchange. From there, you will need to determine if your EHR systems are compatible and interoperable.
Once you know the partnership is possible, you will need an agreement identifying each clinic’s responsibilities and showing how you both plan to secure patient information and minimize risks to patients. Be sure to have a legal professional review any agreement you are considering before you sign.²
Sharing agreements that permit another business entity or clinic to routinely access your clinic’s data must comply with HIPAA’s Privacy and Security Rules. Do your own research and consider hiring a healthcare law professional before creating a Business Associate Contract (BAC) or Business Associate Agreement (BAA).
You are responsible for exercising your own due diligence with any contract you sign, because requirements under the law for your clinic may differ depending on your own circumstances and location. Make sure that the agreement is beneficial for your practice and your patients.²
In general, your agreement should:²
- Protect patient privacy and information security
- Specify rights and responsibilities of each participant
- Fully comply with HIPAA and local, state and federal law
Preventing a data breach should be a major priority for your office, so a security risk assessment may also be necessary. Anticipating possible problems may help you prevent a bad outcome.³
The U.S. Federal Government has online resources to help providers follow HIPAA and use health information exchanges properly. You may also ask your EHR vendor for information about exchange options. Depending on where your practice is located, you may also join a local or state exchange that is already established. For many practices, multiple options are available.³
If you are interested in joining an exchange, you should do your own research to determine what is best for your patients and your practice.
¹Mace, S. “eHealth Exchange Simplifies Data Sharing.” HealthLeaders Media. http://www.healthleadersmedia.com/technology/ehealth-exchange-simplifies-data-sharing?page=0%2C2. Published: September 2016. Accessed: October 2016.
²stratishealth.org. “Participation Data Sharing Agreements.” Health Information Technology Toolkit. Stratis Health. https://www.stratishealth.org/documents/healthit/homehealth/3.Select/3-participation-data-sharing-agreements.doc. Published: March 2013. Accessed: October 2016.
³healthit.gov. “Chapter 7: Breach Notification, HIPAA Enforcement, and Other Laws and Requirements.” The Office of the National Coordinator for Health Information Technology. https://www.healthit.gov/sites/default/files/pdf/privacy/privacy-and-security-guide-chapter-7.pdf. Accessed: October 2016.