Questions on Health Information Exchange? Some answers.

Answers to HIE Questions

Brian Ahier
Chair of the Technology Workgroup of Oregon’s HIT Oversight Council, Blogger at O’Reilly Media.
Read his blog and follow him on Twitter: @ahier

On last week’s MU Live! webcast, well known blogger and HIT Evangelist, Brian Ahier joined us to talk about exchanging heath information. Here’s a recap of some of the questions that he addressed from our listeners.

Question: How would you find out what your state is doing?

Answer: Contact your REC or State HIT Coordinator. You can find a list of state contacts here. HITECH Answers Members can also find this and other resources on the Health Infomation Exchange page.

Question: Who will be providing the HISP for direct functionality for ambulatory providers to meet their stage 2 Meaningful Use HIE exchange criteria? Most statewide HIO’s are connected primarily to hospitals and ERs. Do you think the market will meet those requirements through deals with EHR vendors?

Answer: Most states will be using consulting services and contracts with vendors to develop and execute plans in each state. The cooperate agreements for grant funding with each of the states requires that they make possible connectivity for all providers in their states for them to meet the health information exchange requirements of meaningful use. The states will either provide, contract for, or enable organizations to provide HISP services to providers. The market is evolving quickly but the top KLAS HIE vendors that provide connectivity between EHRs are Medicity, Axolotl, Relay Health and ICA.

The Tiger Team has recommended Two Factor Authentication for remote access to EHRs for Stage 2 Meaningful Use.

Question: Will HIEs have to move to the same level of authentication since they provide remote access to much of the same data?

Answer: I think that eventually two factor authentication will be ubiquitous with exchange. As we see more adoption of e-prescribing of controlled substances, you could have a scenario where an institution uses one form of two-factor authentication for access to their HIO, and an application that’s doing the e-prescribing of controlled substances is using another, different factor. Santa Cruz HIE has implemented two factor authentication within their exchange framework and others are currently making plans to move in that direction.

Question: You mentioned AAFP’s Direct messaging project. Are there currently any HISP’s that providing Direct project messaging as a service for any provider?

Answer: There is not yet a national HISP set up for all providers, but vendors such as Medicity, Axolotl, Surescripts, Verizon, and Covisint are working to stand up national networks. As each state is enabling HISP services it is likely that there will develop a hub and spoke model. Ideally, market forces would be enough for vendors to connect every payer, provider, and patient in the country. However, HIOs will only be sustainable when there are enough provider connections to create business value, so state funding through the grant program is designed to accelerate HISP standardization and EHR connectivity.


HIE – Health Information Exchange (verb)
HIO – Health Information Organization (noun)
RHIO – Regional Health Information Organization
HISP – Health Information Service Provider
CCD – Continuity of Care Document