Episode 2.1 - Interview with Jay Nakashima, Executive Director, eHealth Exchange

Show Notes

Welcome to Season 2 of eHealth Legal Pulse! 

In this episode, Steve Gravely interviews Jay Nakashima, the Executive Director of the eHealth Exchange, about the eHealth Exchange and the Trusted Exchange Framework and Common Agreement (TEFCA). They discuss the history and evolution of the eHealth Exchange, the challenges and benefits of interoperability, and the role of TEFCA in facilitating data exchange for non-treatment purposes. Jay highlights the importance of trust and collaboration in building a network of healthcare organizations that exchange data using the same principles. He also emphasizes the potential of TEFCA to improve public health exchange and payer-provider connectivity.

Transcript

00:05
All right. Well, hello, everyone. This is Steve Gravely. I want to welcome you to an episode of my eHealth Legal Pulse podcast. And today I am really excited. We are launching our new format for 2024, where I'll be introducing colleagues and friends of mine in the health it space and talking about various subjects that might be of interest to you. I hope they are. Today we're joined by Jay Nakashima. Jay is the executive director of the eHealth Exchange, and we're going to talk about the eHealth exchange, about Jay, about TEFCA, and whatever else comes to mind. So with that, I'm going to start by asking Jay to introduce himself and tell our listeners a little bit about himself and about the eHealth exchange. Jay? 

01:06
Yeah, well, thank you, Steve, for having me. So first, I'll tell you a little about me. It's all about me today. So, my name is Jay Nakashima. I'm the executive director of eHealth Exchange, and I've been working in health IT now for about 30 years. And I've worked for providers, I've worked for payers, I've worked for EHR vendors, now six years with the e-health exchange nonprofit network. But it strikes me that when I look back and I realize that no matter which job or which company I was with or company type, I always worked on or gravitated towards interoperability. 

01:52
So with the payers, I was always focused on EDI exchange, trying to get rid of the paper with EHR vendors, I was always working on trying to get data to move from one EHR to another, always with a heavy focus on lab results, which was the first kind of hie exchange, then with providers trying to exchange full medical records, typically to try to help with transitions of care and make sure that patients were gracefully moving from one care setting to another. I think Steve will have some great characterizations of eHealth exchange that I won't have because he's actually been with eHealth exchange or servicing it for much longer than I have. 

02:47
Steve was involved in eHealth Exchange way back in the beginning when it was called the National Health Information Network, NHIN, or when it started out as an HHS ONC project. I think that started way back around 2006 or so, and I joined around 2018. So at one point, eHealth Exchange, as I understand it, moved from being an ONC project to a permanent, nonprofit, public private collaborative. But at any rate, it's a network. So it's a group of healthcare organizations that have all agreed to exchange data using the same trust principles, the same rules of the road. And we currently have about 330 signatories. And that might be a large health system, it might be one of five federal agencies, it might be one of 60 state or regional HIEs. And we currently facilitate the exchange of about 20 billion transactions annually. 

04:02
And unlike the EDI clearing houses, we facilitate the exchange of rich clinical information that is typically patient specific to help providers who are making treatment decisions at the bedside. Chair side, table side. And we're quickly moving into expanding how we help public health agencies in all 50 states. And then we're working on some exciting things to expand payer and provider connectivity in more standardized, reliable ways. 

04:46
That's fantastic, Jay. 

04:49
Yeah, but Steve, you go way back with. Did I. What did I miss? 

04:53
Oh, yeah, way back. No, it's a great summary. I mean, you're right. What is today? The eHealth Exchange did begin very modestly back in 2006, 2007 as a contract activity within the office of the national coordinator. And it was an effort to demonstrate whether what we now call the eHealth Exchange was even feasible. At that point, we didn't know if it was even feasible. And so ONC awarded nine grants to nine different organizations and then very rapidly turned around and awarded six additional grants. So we had an initial group of 15, and one of those was a company called Med Virginia. It doesn't even exist anymore. And it was an early-stage health information network in Virginia, where I live. And the CEO of Med Virginia, volunttold me to lead up this DURSA work group. 

06:04
And I said, what is a Dursa? So that's how it all got started. Everything starts somewhere, right? 

06:12
Wow, that's fascinating. Yeah. And I don't know how you guys did it. Back in 2006, the men and women who tried to get x number of federal agencies and big health systems and state and regional HIEs to agree to one contract they were all going to sign without markup or red lines. That's a lot of trust. 

06:37
It was. Well, and actually that's a really important concept. It was a lot of trust. We had a DURSA workgroup, and each of the 15 organizations had two seats at the table, a lawyer and a business person. So we had a core group of 30. They were able to invite others. I mean, sometimes we had upwards of 100 people on our phone calls, but the core group was 30. And I give ONC a lot of credit. They had us meet in person four times a year, and then we met monthly, virtually. And what's interesting is that group really did bond, and there was trust that drew out of that, and I sort of look back and say, that's where we really started to transition. We started off as a group of strangers, and then we bonded through this work group. 

07:36
We wrote the Dursa, and we all knew each other, and we all sat around and argued about this, that or the other, and then came up with a consensus, and it was reflected in the document. And now people say, okay, yeah, I'll sign the DURSA. And so it's fascinating to me how we've evolved in 15 years from where we started to where we are now. So, Jay, you mentioned, I mean, so much of what you said is fascinating. We'll probably have to have you back. But you mentioned the word interoperability, which you and I use a lot, because we work together all the time and other people use it, too. But I'm curious, what's your definition of interoperability? 

08:26
That's a great point. It really is an overused words with a lot of assumptions there. But off the top of my head, I think it refers to the concept that data can move from one system to another system. Number one, it can actually get there. The receiving system won't spit it back out or reject it. But number two, the data in that system that's received, that's sent, is actually usable. So if I were working at hospital Main street hospital, could my system receive data from another health system? And not only can my hospital get that data in the front door, but then, as needed and as appropriate, could I feed that to all the different systems within my hospital? The data warehouse, an app, a web portal, the EHR, various financial systems? Or are those receiving systems going to choke on the data? 

09:39
And so if it's interoperable, it's going to be able to move around and then it's going to be usable. 

09:44
Yeah, that's super helpful. I think most people don't appreciate that just because you have one EHR, maybe Epic or Cerner, if you're a hospital, probably one of those two, although you may have another one. If you're HCA, you have meditate, but people don't realize that those different vendors don't automatically talk to each other. Right? 

10:08
Right. 

10:11
Obviously, eHealth Exchange, as far as I know, it's the health information network that's been around the longest. There are others now, and eHealth is helping them talk to each other. I want to shift gears to the latest and greatest experiment, I guess, in this called TEFCA. 

10:31
Right. 

10:32
And don't go too deep into the history, but just for the benefit of the audience. TEFCA means a trusted exchange framework and common agreement. TEFCA. It was mandated by Congress all the way back in 2016, believe it or not, as part of a huge federal law called the 21st Century Cures act. Cures. And President Obama signed it in December of 2016 in the closing days of his administration. And it directed the HHS secretary and ONC to develop or designate an entity to create this thing called TEFCA. So that's a little bit of the legislative background. Jay, eHealth was one of the first five organizations to be designated by ONC as a qualified health information network. That happened in December of 23. So very recent. Maybe you could talk about to our audience a little bit about what led you to want to do that. 

11:45
It was a lot of work and a lot of time. So why don't you share with the audience your thoughts about being a TEFCA QHIN? 

11:54
Yeah, yeah, that's a great question. There were a variety of reasons why we wanted to participate in, you know, of course, the biggest thing was our mission. So we're a know founded for the public good. And we thought, hey, if Congress went out of its way to write this into the Cures Act and to say that it was going to designate these networks as having the US government's good housekeeping seal of approval, and if it had the potential to help with patient care and to reduce the burden on the US healthcare sector, then it was something we wanted to, you know, definitely involved a leap of faith. So there were, and even I at times said to myself, why would we do this? What are the benefits? What's the need? And can the government really pull this off? 

13:06
And the reality is the government could not have pulled it off. But eHealth Exchange and other similar networks went out of our way to be very collaborative and to make this successful part of our decision was definitely, hey, this would be a favor to, you know, they have really stepped forward and tried to make healthcare operate better in the US. And so we can definitely help out ONC and throw our hat in the ring, you know, everyone I've spoken to has indicated that there's been significantly more interest in TEFCA than was originally expected. The real promise of TEFCA is, number one, the credibility of the US government, which will hopefully help with trust. But to drill down on that, I think it's the promise of new use cases. 

14:10
So I don't have the stats right in front of me, but within eHealth Exchange, I'll bet you something crazy, like 98% of the data that we facilitate the exchange of is exchanged for treatment purposes. So that means you've got a clinician who's probably at the hospital bedside or at a chairside or a tableside in an office saying, hey, I need this patient's history so I can make a safer, more informed clinical decision. But what that means is that very little data, relatively, is being exchanged for public health purposes and being exchanged for healthcare operations purposes and being exchanged for HIPAA payment purposes. So we're really hoping that the credibility of the US government will help us in the industry exchange more data as appropriate for non-treatment purposes. 

15:19
Yeah, that's a really important point, Jay. I mean, you're right, the exchanging for treatment is something we've been doing now, but it has been hard to move beyond that. And there are lots of reasons for that. Some technical, some policy, some legal, some just people's reluctance to embrace new use cases. But do you think that ONC and the federal government will help make progress in those areas? 

15:48
You mean in the non treatment exchange? Yeah, I think they will, but it's not a slam dunk. I mean, HIPAA was written for a variety of reasons, and it's been around now for two plus decades or whatever. Ballpark. And a big part of it is to provide additional protections to patients to help with privacy and security. But without an act of Congress, some of those well-meaning and well-written requirements in HIPAA can't just be overridden by TEFCA. So TEFCA has to operate within the confines of existing law. And one of those big existing laws is HIPAA. So, luckily, we won't be able to just ignore HIPAA and exchange data kind of willy nilly. But that also means that it's not going to be super easy to change the way that we exchange data. 

16:49
Yeah, that's a really important point. You know, Jay, as you all know, HIPAA is permissive. So HIPAA applies to covered entities and their business associates. Most people think of that as healthcare providers, but there are more. But HIPAA tells those covered entities what they're allowed to do with the protected health information they have. It's not mandatory. And so you're right, you do see different health systems and different providers and different health plans have different interpretations of what they want to share and what they might require before they share. That's not something HIPAA was really designed to fix. So I agree with you. I think it will be interesting to see how TefrA might help folks move beyond their reluctance to share information as we move. 

17:57
Probably. I'm sure you can speak to this much more eloquently and with more authority. But HIPAA, as I remember it, has this concept of minimum necessary. So if one healthcare organization asks another healthcare organization for data and the stated purpose of use is healthcare operations, maybe it's for quality reporting or whatever, it's difficult for those two computer systems to negotiate what's the minimum necessary if it's three in the afternoon or three in the morning? Those IT systems are not always designed to figure out what the minimum necessary is. And so I think TEFCA is going to struggle with that. 

18:47
No, I think you're right, that's so true, because there is no minimum necessary requirement under HIPAA for treatment. And so for treatment, no one has to make that decision. And I do think it's going to require some type of standards body to come up with standards, and then the software developers have to write code. You and I lived through this with COVID I mean, we're now three years post Covid. Hard to believe, maybe four, depending on who you talk to. But you and I remember in the height of COVID when we were part of conversations with the Office of Civil Rights within Health and human services, because public health agencies were asking for information, not for treatment, but for public health surveillance and intervention. 

19:43
And the people they were asking, the hospitals and providers, they wanted to give the information, but they didn't want to unintentionally violate HIPAA. And remember, we had a bunch of calls, finally resolved itself in favor of public health agencies saying when they made a request, what we're asking for is the minimum necessary information. And that gave the providers and the covered entities sufficient protection that they were willing to share. I'm sure you remember all that. Yeah, but I mean, you're right, it's a huge issue. And when HIPAA was written, well, the law was written in 1996, not even this century. The privacy rule was finally adopted in 2002, I think. So 25 years ago, a lot of what we're talking about didn't even exist. 

20:47
Right? And back then, were lucky to be exchanging claims and eligibility. And you're right, in 96, there was no privacy component. 

21:00
Right. 

21:00
And it wasn't as imperative then. But with the amount of data moving around now, it's super important. And despite the breaches, I read about seven days a week and the various trade publications, we haven't had a lot of super big ones that have caused Americans to distrust the way data is exchanged. And hopefully that continues. 

21:35
We've all gotten notices that Equifax was breached or somebody else was breached. But you're right. If you review the settlements that OCR enters into, more often than not, it's a lost laptop. It's something else that it's not a massive data hub that was attacked by nefarious agents from a foreign country. That really isn't happening, although we all worry about that. Hey, Jay, in the few minutes we have left, let me ask you this. We'll try and work these in what part of TEFCA are you the most excited about? Now that you're a Chuhan and we're starting to do this for great, know. 

22:22
It's really the public health exchange. And the rules, the TEFCA rules of the road for public health exchange are not yet final, but we're hopeful that we will see those in March, next month of 2024. And it's really astounding that even though we had a pandemic, what, three, whatever, years ago, that we really haven't figured this. You know, during the pandemic, which this was a day late and a dollar short, Steve, you probably remember that we partnered up with APHL, the Association of Public Health Laboratories, to better get electronic case reports, especially related to COVID, to better exchanged more broadly, exchanged in all 50 states. And this was back in the days and hours when were all actually in quarantine, going out in our front yards and spraying our groceries with bleach, and before the days of masks, and somehow we figured it out. 

23:31
And then also during the pandemic. But after the quarantine, we partnered with FDA so that they could better exchange adverse event data, especially related to vaccinations using FHIR R4. And that wouldn't have happened as quickly had it not been for the pandemic. And so I'm really hoping that TEFCA can help the nation better exchange data for public health purposes before we have another pandemic or catastrophic event. 

24:06
I think that's true. I hope you're right. I know you and I are working on that, and hopefully that happens. Now, I don't want to forget that. I want everyone to understand that eHealth exchange is a lot more than just TEFCA. I mean, eHealth Exchange was and is a massive network outside of TEFCA. So, putting aside TEFCA for a minute, what's the most exciting thing that you foresee for e-health exchange in the next year? 

24:34
Yeah, great question. So, besides TEFCA, I think it's the payer provider exchange. So we have joined Hl seven, Da Vinci, and we're leading an effort that's called Treviche. So think about like a catalyst. And we're working with payers and providers so that they can do a couple of things. Number one, providers can request prior authorizations within their natural EHR workflows and payers can streamline their corresponding process. And then number two, there's an initiative under Da Vinci called CDEX. CDEX. And that's clinical data exchange. And that's really to take the data exchange that's already happening today between payers and providers, but to really scale it and mature it so that everyone's using the same processes, the same policies to exchange that clinical data. So I'm most excited about our payer-provider exchange outside of TEFCA. And that might happen, or that will happen within TEFCA. 

25:51
I'm sure it's just a question of. 

25:53
Right, right. Because they have to prioritize. Well, no, those are great answers. We're about out of time. Jay, I want to thank you very much for taking the time to be part of our podcast. Hopefully you've enjoyed as much as I have, and we can have you come back for some more conversations. 

26:14
Wonderful. Well, thank you for having me. 

26:16
You bet. Well, thanks, everyone, for tuning in, and we'll see you on the next podcast.