Short-term Forecast: Experts Speak up on ONC's RFI, RFPs, and the Year Ahead

by Ruth Carol

David Brailer and industry experts comment on ONC’s busy year and tell the Journal what they expect in the one to come.

Late in 2004 the Office of the National Coordinator for Health Information Technology (ONC) requested input from the healthcare industry on how best to develop and adopt nationwide health information exchange. The request for information (RFI) drew more than 500 responses totaling nearly 5,000 pages.

Summarizing the responses into the 80-page report released this past spring served two purposes, says David Brailer, MD, PhD, national coordinator for health information technology. First, it was a mechanism to get federal leaders from across numerous agencies to agree on what role the federal government should play in facilitating deployment of a national health information network (NHIN). “Second, we wanted to stimulate dialogue, discussion, and a solution-oriented approach out in the market,” Brailer told the Journal.

Shortly after releasing the report, ONC announced that it would issue a series of three-year government contracts focused on four key areas identified in the RFI responses: EHR certification, data standards, NHIN architecture, and privacy and security. “The contracts flow directly out of what the RFI called for,” Brailer says. In the case of EHRs, the RFI “called for us to think about a mechanism to standardize EHRs, so we have a request for proposal on certification.”

Brailer predicts that by the end of the coming year the fundamentals of interoperability will be very close to being in place, beginning with a national road map for standards. “We’re going to have the first wave of product certification out. We’ll have functioning prototypes for a national architecture, and we’ll at least have a forward-going agenda for privacy and security,” he says.

In three years, when the contracts are nearing their end, Brailer expects that there will be fully fledged institutions in the market to bring about a standards process. He further expects commercially functioning architectures as well as significant advances in security and privacy. “By then we’ll also see policies from the government and private sector that will push toward closing the adoption gap,” he concludes.

Meanwhile, the Journal of AHIMA spoke with other industry experts to get their reactions to ONC’s busy year, as well as what they expect in the year ahead.

Clay Shirky
Professor, Interactive Telecommunications Program, New York University, NY

Consensus is building around the need for standards and interconnectivity as well as the need for some degree of decentralization, says Shirky. “The question is essentially how should the healthcare system that exists today be moved into a world with a higher degree of connectivity where we can preserve both security and patient privacy.”

He applauds ONC’s approach to resolve these issues by involving multiple participants operating in multiple regions through the RFP process. “The healthcare industry has been plagued by a number of one-off versions whereby a system is put into place by a local entity but can’t be extended to its neighbors, much less nationwide,” Shirky notes.

Although it’s unlikely that a framework will be agreed upon within a year, Shirky predicts progress will be made in developing an infrastructure. He is optimistic that there will be broad agreement regarding transport standards, because there is a growing consensus that the Internet is capable of managing secure point-to-point transactions and several working examples already exist. Additionally, Shirky expects significant progress on some key data markup standards—such as identifying patients and being able to move a list of medications or lab results—because there are several existing medical vocabularies that will allow standardization of the terminology.

“The good news about the history of network adoption,” Shirky notes, “is that when you standardize enough for people to begin having a conversation, the subsequent standardization becomes much easier because people can see what their differences are.”

Rita Bowen, MA, RHIA, CHPS
Chief Privacy Officer, Erlanger Health System, Nashville, TN

Eighty-five percent of the respondents to the RFI expressed concerns about the loss of privacy and security, notes Bowen. This underscores the strong public concern regarding data confidentiality. ONC’s response acknowledges that privacy and security are fundamental principles that must be built into the business and technical requirements of health information exchange.

Among the biggest privacy and security issues are how to identify a patient and how to subsequently link the patient’s information among providers, Bowen says. Half of respondents to the RFI indicated that a unique patient identifier was necessary; half said that it wasn’t. Another key issue is controlling access to patient information once it is located and made available. Bowen also notes that some respondents feel patients should be able to opt out of data exchange. The trade-off, she says, is that networks will lose effectiveness if consumers withhold information.

Bowen sees a role for HIM professionals as patient advocates, ensuring that consumer privacy and security are guarded. “We have to set up [information exchange] so that the providers and vendors can innovate and create efficiencies and improve care through the use of technology but still maintain a level of privacy for the patient,” she says. HIM professionals can also help others understand that the definitions for data elements must be the same regardless of where the information comes from, Bowen adds.

Marc Overhage, MD, PhD
CEO, Indiana Health Information Exchange, Indianapolis, IN

Although he’s unsure of how much progress the RFP projects will have made a year from now, Overhage is optimistic that within that timeframe there will be a consensus on standards to be used. The RFPs also promise potential answers around patient privacy issues, he says.

Overhage notes that the sustainability of health information exchange models was not addressed in the RFI responses and is only alluded to in the RFPs. “As an investor or healthcare provider being asked to participate, I would want to know there’s a value proposition,” he points out. While the government may help support networks to get them started, it can’t afford to underwrite the cost of operations. Creating the value may involve realigning healthcare reimbursement, Overhage suggests. For example, the doctor who uses e-prescribing doesn’t benefit from its use, but the pharmacy, health plan, and patient do. One option is to capture the savings generated through health IT to support implementation of the technology.

Next, Overhage says, a critically felt issue should be coupled with the value proposition to generate funding necessary to implement the technical approach—for example, tackling a state Medicaid program experiencing financial disaster or care in the emergency room. He cautions that overly optimistic expectations can backfire and lose support for health IT. “We’re at risk of overselling this if we don’t temper our confidence and enthusiasm with a dose of realism,” he warns.

Lorraine Fernandes, RHIA
Senior Vice President, Healthcare Practice, Initiate Systems, Chicago, IL

Fernandes was surprised that half the respondents to the RFI advocated the use of a unique patient identifier, which she doesn’t believe will be developed for use in this country. A unique health ID would be a huge undertaking with a large price tag, long timeline, and significant privacy concerns, she says.

Fernandes wasn’t surprised by the privacy and security issues raised with regard to patient matching, but she notes that maintaining privacy and security is a concern in any endeavor. Some responses to the RFI showed a lack of knowledge of current successes in patient matching, she notes. “There are databases today doing patient matching with very large populations,” she says. She points to technology used throughout the Canadian provinces by large insurance companies and a pharmacy benefit manager and e-prescribing collaborative.

Fernandes feels that the RFI report demonstrated enough consensus to move forward with patient matching. She expects that the RFP projects will likely employ probabilistic matching for patient identification. This time next year, RHIOs in their infancy will be using some form of probabilistic patient matching, she predicts, and the results from the Connecting for Health record locator service demonstration project—which uses a probabilistic algorithm as one component—will be available. So a multitude of large-scale demonstration projects using this technology will be coming to fruition, she says. In the near future, the discussion will turn from how to use the technology to the accuracy and performance of probabilistic algorithms and how they scale with a network’s architecture and technology.

Ed Hammond, PhD
Professor Emeritus, Community and Family Medicine, Department of Biomedical Engineering, and Adjunct Professor, Fuqua School of Business, Duke University Medical Center, Durham, SC

Competition among the various groups that have developed standards is the major barrier in reaching a consensus for data standards, according to Hammond. Although he didn’t see any unique solutions come out of the RFI report, Hammond does view the RFPs as a move in the right direction, bringing together the major players in government and industry to obtain standards harmonization. “We need to work together as a country to produce the standards that produce the networks that let us create the systems. That’s where the competition should lie,” he asserts.

In the next year, there needs to be consolidation in the creation of standards, says Hammond. Then the whole concept has to be “sold” to the users, who should see a clear economic benefit in adopting a system. To be successful, any new system must make life easier for the user, and it must be easy to implement, he notes.

Hammond points to certification, support, and maintenance as other issues that need to be addressed. There has to be a balance between keeping the standards up to date and changing them so frequently that vendors find it impossible to comply, he adds.

Resolving terminology is also on Hammond’s list. “We need to define the master set of data elements and a unique value set for these elements. We need to name both data elements and value sets with common terminology,” he says, adding, “The blending [of the two] should be done at the national level and not require mapping to occur at each provider site.”

Mark Leavitt, MD, PhD
Chair, Certification Commission for Health Information Technology

The RFPs, as part of a larger strategy that includes the formation of the American Health Information Community (created by Health and Human Services to facilitate the nationwide transition to EHRs), is a cohesive strategy that will accelerate the adoption of health IT, says Leavitt. “It’s going to change the direction of the industry and overcome many of the barriers that have held us back for so long,” he says, citing conflicting standards as the biggest barrier.

Historically, providers have been reluctant to adopt health IT because of risk and insufficient financial incentives, Leavitt explains. Vendors have been forced to sell in a costly marketplace and expected to present multiple demonstrations with lengthy RFPs. Payers have been reluctant to help fund health IT because they aren’t sure that it will deliver the expected improvements. ONC’s certification contract is an important step because certification can reduce a provider’s risk, accelerate the marketplace by allowing vendors to put more money into product development, and make it easier for payers to determine which products can deliver the benefits, says Leavitt.

In a year’s time, Leavitt expects to see the six prototypes funded through the RFP contracts begin to emerge. But “the real vision of a network that seamlessly interconnects systems will start to emerge three years out,” he predicts, as the contracts finish.

Joe D’Antonio, MEng, MBA
Senior Manager, Healthcare IT Division, Siemens Medical Solutions, Malvern, PA

Certification must be viewed as a fair and affordable process that does not put undo burden on vendors, says D’Antonio. “Certification can’t discourage innovation or be a barrier to entry into the market for new companies,” he says.

A top priority in the coming year is an accurate patient-identification standard, within and beyond a local data exchange network, says D’Antonio. Moreover, greater use of integration profiles, not just standards in themselves, is an important next step. “Currently, there are many standards that are implemented by vendors but in variable ways so that true interoperability is not achieved,” D’Antonio adds.

Vendors need sufficient lead time to align their products to emerging content and standards work. Most vendors are looking for as much time as possible to adapt their activities for certification, he says. “While I believe standards-based interoperability will enhance the overall EHR market and create better products,” D’Antonio says, “we need to be sure that the consumers—the people purchasing EHRs—also see the value of standards-based interoperability.”

D’Antonio predicts that progress will be made in interoperability within the next year. Among the advancements he expects is a certification pilot and subsequent refinement based on feedback. He also expects the year to bring demonstrations of multivendor interoperability at events such as the HIMSS 2006 interoperability showcase.

Laurie McBrierty
Vice President, HIM Solutions, QuadraMed Corporation, Reston, VA

Certification standards for the ambulatory EHR will provide guidelines for the minimal critical data set for EHR systems, says McBrierty. She views the initial focus on ambulatory EHRs very positively because it has been a less monitored area to date and so much variation exists. McBrierty suggests that vendors not in the ambulatory arena should still pay attention because inpatient EHRs will be the next focus of certification work.

In the next year the industry should be developing standards to define key data content, says McBrierty. “We need a standard data set that defines each data element; for example, patient name, patient type, medical service, and so on,” she says. A global, accepted definition of these items is vital for interoperability because many EHRs currently identify data by different names. That causes vendors, and often the clients, to spend a great deal of work figuring out if the various systems are actually talking about the same data element.

Vendors will benefit from the certification road map by knowing what is expected of them in software development and when they are expected to meet those expectations, McBrierty says. “It would help to know where the standards are going and what the timeline is for implementing them, because it takes significant development time to get new standards into the software, and then delivered and implemented at the client site,” she says.

The RFI and the RFPs

ONC’s RFI confirmed significant private-sector consensus on fundamental issues. The majority of respondents maintained that an NHIN should:

  • Be a centralized architecture built using the Internet, linked by uniform communications and a software framework of open standards and policies
  • Reflect the interests of all stakeholders and be a joint public-private effort
  • Be patient-centric, with sufficient safeguards to protect the privacy of personal health information

There was also consensus that:

  • A governing body of public and private stakeholders should oversee the determination of standards and policies
  • Incentives will be needed to accelerate deployment and adoption of an NHIN
  • Existing technologies, federal leadership, prototype regional exchange efforts, and certification of EHRs will be critical enablers

Finally, respondents identified the following key challenges:

  • Obtaining additional and better-refined standards
  • Addressing privacy concerns
  • Paying for the development, operation, and access to the NHIN
  • Accurately matching patients
  • Addressing discordant inter- and intra-state laws regarding health information exchange

ONC’s resulting request for proposals (RFPs) address these issues directly, promoting work in four areas:

  • EHR certification, focusing on the development of criteria that address EHR functionality, interoperability, security, and reliability features
  • Data standards, calling for the development of a harmonization process to achieve a widely accepted and useful set of standards
  • NHIN architecture, for the development and evaluation of a prototype for an Internet-based NHIN architecture that would maximize the use of existing resources to achieve widespread interoperability among healthcare software applications, particularly EHRs
  • Privacy and security, focusing on the development of solutions to address state and business privacy and security practices that may pose challenges to interoperable health information exchange

ONC issued the RFPs in June, and proposals were due in July. Announcements on contract awards were slated for the end of September, after this issue had gone to press. For more information, see the ONC Web site at

Ruth Carol ( is a Chicago-based freelance writer specializing in healthcare issues.

Article citation:
Carol, Ruth. "Short-term Forecast: Experts Speak up on ONC's RFI, RFPs, and the Year Ahead." Journal of AHIMA 76, no.9 (October 2005): 42-44,46,48,50.