Imaginary Barriers: How HIPAA promotes bidirectional data exchange

NEMSIS-TAC and PWW produce definitive guidance on HIPAA – essential to aid the progression of MIH

The Health Insurance Portability and Accountability Act (HIPAA) is many things to us in EMS. As we know, it is the law that ensures that the protection of the patient’s information is their right and it is our job and responsibility. It is often used as a barrier, and mostly an excuse to withhold information. “It’s HIPAA” is an often-quoted line to avoid sharing what could legitimately, with appropriate protections, be shared for the benefit of patient treatment and EMS QA/QI.

In the current pandemic, refusal to share information has been further highlighted. EMS agencies nationwide have reported that hospitals and other healthcare providers refuse to share patient information with them, citing HIPAA concerns, including whether the patients EMS crews have encountered and delivered are COVID-19 positive. To help us out, shortly after the public health emergency was declared, the Office for Civil Rights (OCR) issued a COVID-19 Bulletin reminding healthcare providers of the many ways HIPAA permits them to share protected health information (PHI). This was also accompanied by significant guidance concerning disclosures of PHI to first responders. The guidance made it clear that facilities may – and should – share PHI with EMS agencies.

Bidirectional data exchange

COVID aside, misconceptions about HIPAA create artificial barriers to legitimate, approved bidirectional data exchange between EMS and other providers.
COVID aside, misconceptions about HIPAA create artificial barriers to legitimate, approved bidirectional data exchange between EMS and other providers. (Photo/Getty Images)

COVID aside, misconceptions about HIPAA create artificial barriers to legitimate, approved bidirectional data exchange between EMS and other providers. As a result, many healthcare systems are missing a critical opportunity to improve patient outcomes and advance evidence-based practices in prehospital care. To assist all those involved in the creation and safeguarding of patient information, the National Emergency Medical Services Information System Technical Assistance Center (NEMSIS-TAC) collaborated with Page, Wolfberg & Wirth (PWW) to provide an expert legal opinion regarding the bidirectional sharing of patient information between EMS and other healthcare providers.

In the newly released document, “Imaginary Barriers: How HIPAA Promotes Bidirectional Patient Data Exchange With Emergency Medical Services,” PWW provides evidence, precedence and legal opinion to help educate and encourage healthcare providers to appropriately share patient information with EMS. Their document lays out the reasons why HIPAA does not restrict, and how the law promotes, bidirectional sharing of patient information between hospitals and EMS agencies.

It remains a fact that many EMS practitioners today still have minimal access to medical information about the patients they treat. On scene, practitioners must frequently rely on family members and friends to piece together the patient’s medical history. Then, after transport, EMTs and paramedics face the stark reality that they may never know if their treatment made a difference.

In the era of treatment in place and/or ET3, the provision of information such as medications, allergies, recent hospitalizations and past medical history will assist with improved treatment and inevitably patient satisfaction (something else we should all measure). Without access to this information, EMS agencies are denied a meaningful opportunity to improve care, outcomes and the prehospital experience for their patients.

“Imaginary Barriers” identifies the ways and scenarios where information could and should be shared:

  • COVID Related Data Sharing. The NEMSIS/PWW document states, “The HIPAA Privacy Rule permits a covered entity to disclose the protected health information (PHI) of an individual who has been infected with or exposed to, COVID-19, with law enforcement, paramedics, other first responders, and public health authorities without the individual’s HIPAA authorization.”
  • Information Sharing. HIPAA also permits the sharing of other types of outcome data for treatment and healthcare operations purposes. According to the document, “OCR also issued recent Guidance about how HIPAA gives healthcare providers broad authority to coordinate with each other and share necessary health information to coordinate care for opioid patients. For example, providers may inform other caregivers about a patient’s opioid abuse after determining it is needed for treatment or that the patient poses a serious and imminent threat to his or her health through continued opioid abuse.”
  • Emergency Triage, Treat and Transport (ET3). Patient information exchange is also critical to the success of ET3. The ET3 Model calls for participants to submit an Interoperability Plan that demonstrates the ability to share patient data among key stakeholders and participants must demonstrate current participation in a health information exchange (HIE) or set out a plan to participate in an HIE during the model performance period. “Essential to the mission is the ability to share patient information among practitioners in EMS systems,” the document states. On the streets right now, when treating in place, this information could also aid both treatment and outcomes.
  • Healthcare Operations. The document also notes, “When an EMS agency transports a patient to a facility, that facility may provide health information to the EMS agency for any healthcare operations of the EMS agency. For example, if the EMS agency conducts clinical QA/QI on patients transported to a hospital, the hospital may provide outcome and disposition data to the EMS agency for the clinical QA/QI program. Both covered entities (the EMS agency and the hospital) had a relationship with the patient, and the PHI provided pertains to that relationship.”

MIH in the post-COVID-19 EMS landscape

The new normal is now just normal – we are not going back to where we were. Going forward, to evolve and not simply revolve requires clear, appropriately safeguarded and actionable data. While there may be obstacles, mostly technological, to enable the bidirectional sharing of patient information, HIPAA is not one of them. The new guidance contained in the “Imaginary Barrier” document is timely, should be read fully, and makes the arguments for us that this is for the good and benefit of the patient. Information sharing and bidirectional data is also an essential enabler to the underpinning tenets of post-COVID-19 EMS that truly make us mobile, integrated delivers of impactful healthcare.

Imaginary Barriers: How HIPAA promotes bidirectional data exchange: EMS One-Stop With Rob Lawrence

For an audio version of this article, listen below. 

Request product info from top EMS Field Data Software companies

Thank You!

By submitting your information, you agree to be contacted by the selected vendor(s) and that the data you submit is exempt from Do Not Sell My Personal Information requests. View our Terms of Service and Privacy Policy.

Join the discussion

Copyright © 2023 EMS1. All rights reserved.