While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The Nationwide Health Information Network: Most people have at least heard of this idea, even if they don’t know it by name.
The Federal Health Architecture (FHA) — essentially, the effort to help agencies build the bridges that will let them connect their internal systems to NHIN — has received less fanfare, but that’s changing.
It is this middle territory that consumes Vish Sankaran. As director of the Health and Human Services Department’s FHA program, he spends his days working with people across government to make those bridges a reality. So far, seven agencies have demonstrated the first bridges, using the CONNECT application interface collaboratively defined by federal agencies and private-sector participants. Those demos began in the late fall and continue.
While this achievement admittedly took a lot of nitty-gritty technical finagling, Sankaran says the ultimate success of these efforts hinges more on the fact that health IT touches us all personally: “We all know someone who has applied for disability benefits; we know a wounded soldier; we know a kid with cancer. We all are connected to this, not just as a government technology initiative but also as patients. And the more we can communicate what we do in human terms and make people understand why we are doing it, I think this is going to gain more traction.”
FedTech Managing Editor Vanessa Jo Roberts talked with Sankaran about how the government’s effort to create outfacing network links is going and what agencies are doing to encourage broader use of electronic health records.
FedTech: To start off, can you talk a little bit about the cross-agency collaboration behind the CONNECT initiative and the drivers bringing so many agencies together?
Sankaran: There are three major drivers. First, consistent processes: Each time an agency needs to exchange data with another organization, it must create things from scratch.
Second, they want to reduce the amount of time and cost of creating a gateway for exchanging information. If each agency has to build this from scratch, the cost is going to be high. But if they share it, if they do it once and repurpose it across the agencies multiple times, the overall cost will be less. And at the same time, that also reduces the time to market. If there is one organization where they can provide feedback, where their voice is heard and where their needs are advanced, they are very encouraged to participate. That organization is FHA.
Third is the business need for federal agencies to exchange data with other entities to enhance services for citizens. Healthcare, as we know, is local; it is not just within the federal government. The Nationwide Health Information Network has to be something that can be used to communicate between federal agencies and also with state, local and tribal entities and with the private-sector entities.
Agencies see this collaboration more like risk mitigation and also something that is scalable at the national level. As an example, look at the Veterans Affairs Department and the Defense Department, which have facilities all around the country. From a cost and manageability perspective, it’s better to have a national strategy that will allow them to get information out to their partners in a consistent manner. They see CONNECT and NHIN as a way to communicate within the broader healthcare space.
FedTech: How does the Federal Health Architecture program relate to the Nationwide Health Information Network initiative?
Sankaran: The role of the Office of the National Coordinator for Health IT is to lead the public- and private-sector efforts to promote health IT interoperability throughout the United States. And the Nationwide Health Information Network is one of ONC’s major initiatives. It coordinates development of NHIN to join the different health information exchanges, the integrated delivery networks for Kaiser and Johns Hopkins and so on, the different pharmacy networks, the federal agencies, the labs, the providers, the payers and many other stakeholders.
To build something of that scale, a network of networks, you need to have a governance structure in place. You also need to build the trust fabric, the right set of policies and an operational infrastructure. But also, we need to define the standards and the specifications that each of them is going to use to build the solutions on each of their ends, so that once they have a standardized gateway of communicating out to the network they will have interoperable standardized information flowing between the different stakeholders.
The Nationwide Health Information Network is the initiative within the Office of the National Coordinator to define these specifications — the governance, the trust, the policies and the operations. FHA supports the ONC’s initiatives by bringing together federal agencies to ensure their participation in national activities such as NHIN.
Became program director for the Federal Health Architecture in 2007
Began work in the Office of the National Coordinator for Health IT in 2004, as a technical adviser in the Health and Human Services Department organization
Founded his own software services company
Was director of IT and product operations for healthcare applications services provider CareScience (since acquired by the Premier healthcare alliance)
Holds a bachelor’s degree in engineering from Bharathiar University in India
Under FHA, we have a consortium of over 20 federal agencies that all have health-related activities. In 2007, the ONC brought all the health leaders and the federal CIOs together and said, “OK, we are planning to move forward with NHIN. Do you want to be a proactive participant?” They all came under the Federal Health Architecture umbrella and said, “OK, FHA, you manage this for us. We will tell you what our requirements are.” And, at the national level, that’s how we moved forward.
FHA built the software for them once. Each agency started implementing it, and the agencies that have recently completed demonstrations are the three major federal healthcare providers — DOD, VA and the Indian Health Service — and the Social Security Administration, the Centers for Disease Control and Prevention, the National Cancer Institute and the National Disaster Medical System. NDMS is used by entities that are deployed during a disaster; they are really checking out CONNECT for the next hurricane season.
FedTech: How does the government effort compare with what other entities have been doing?
Sankaran: We have close to 15 private-sector entities that are at the table along with the federal agencies. Each of them participated in defining the specifications, and then each of them took those specifications and built software solutions that allowed them to connect to the nationwide network. All of them are equal participants, equal stakeholders at the table. Though we all come at this from a different angle, the public and private sectors both have a lot to gain from health data exchange on a national level.
I can’t overstate the importance of getting the private sector, states and local communities involved. Though the work of the federal government is important, it’s critical to note that healthcare is local, and the nation’s long-term success in health interoperability will hinge upon our ability to build this from the ground up.
Our goal must be to build NHIN participation community by community, state by state — a bottom up approach. This can be done by providing the required guidance and support that will help build these communities today in a manner that allows them to be connected nationally without rebuilding the community infrastructure in the coming years.
The federal government must take a leadership role in helping build out this infrastructure, and we must work hand in hand with other constituents to make sure that what we’re all building makes sense and will continue to meet our needs in the coming years.
FedTech: How are agencies going to help citizens be more efficient in gathering and using their own data so that they don’t have to keep re-entering it?
Sankaran: That is the goal: to improve the patient experience. Through this we can improve the quality of healthcare in this country — that is a driving factor for us — while at the same time reducing the cost and also increasing access to care. So those are three driving factors that we talk about. But from a policy side, there’s a lot more to be addressed.
The main thing is to stimulate health record adoption. But just having electronic health records doesn’t mean they are interoperable, so we also have to stimulate interoperability, and we also need to make sure that we incentivize the use of EHRs to improve quality and efficiency of care.
FedTech: Was there anything unexpected that came about because of the CONNECT collaboration?
Sankaran: I think everyone believed in the power of collaboration. But collaboration has been more of a buzzword than a reality in most federal activities. The work we’ve achieved related to NHIN is a notable exception. Agencies came together in such a short timeframe and did something that is very tangible for their beneficiaries. As a few entities started demonstrating their capability, that gave encouragement to others who were waiting to see what was really going to happen.
In any industry, you always have early adopters and others who wait to see what is going to happen. But now, more and more agencies are stepping up to really move this forward.
FedTech: What challenges does FHA face in promoting NHIN participation?
Sankaran: One of the challenges for us is security. Whenever you talk about federal data, the government is required to follow FISMA, the Federal Information Security Management Act. In the federal government, we have FISMA, and the private sector is implementing HIPAA [the Health Insurance Portability and Accountability Act]. Now, the difference between the two is that FISMA has more security controls in it versus HIPAA. When you are trying to move data from a tight security domain to a less tight one, it is always a challenge.
FedTech: It restricts the information you might be able to release.
Sankaran: That’s correct. And then primarily the challenge is this: If you move data from a federal system, say at DOD, into a Google or Microsoft application in the private sector, that data is still considered federal data. And if it is considered federal data, then we are required to make sure that the receiving entity is implementing FISMA security controls.
Now, that is a challenge because it is expensive for a private-sector organization to implement all the security controls under FISMA. Consider a group medical practice being required to implement the security controls of a federal agency. It would be cost prohibitive.
FedTech: So is resolving this security dilemma the most crucial factor for success?
Sankaran: That is one of the most crucial ones from a federal perspective. But from a broader perspective, we also have to make sure there is value for the participants who are at the table — that is key with any adoption we do in the health IT space.
FedTech: What do you think are some best practices for making sure that agencies recognize the benefits?
Sankaran: I can put them into three buckets for you:
One: Focus on your citizens’ needs — on your beneficiary needs, if you are talking from an agency perspective. Whatever we do should be based on the citizens’ needs.
Let me give you an example. When the agencies began talking about the Connect project, the discussion was on whether we should explain this in so-called standards terms — do we need to implement this standard versus that standard — or should we talk in human terms, such as how this would help a wounded soldier or a disabled citizen. When we started focusing more on the citizens’ needs, it was much easier for us to explain the program to folks and for them to provide important feedback. So focusing on citizens’ needs is critical.
Two: Build practical solutions — solutions that organizations want and need. They will implement them. Don’t just think about building something because it’s cool and cutting edge. Build it because it serves the purpose.
Three: Look beyond your organization. More often than not, the challenges you face have been faced by other organizations. Learn from them and also actively participate and join collaborations because that can help you contain cost and speed your development process.
FedTech: Agencies are driven by their missions, and the missions are very distinct, even though the way to achieve them may not be. But that notion of distinct missions has sometimes prevented collaboration.
Sankaran: That’s correct. But the more we talk about this, bring it to everyone’s attention, we have successes that we can share with others.
FedTech: Do you think agencies are surprised to find how much more they have in common than not when it comes to making data exchanges on NHIN?
Sankaran: People have started realizing this more and more. Although there are minor differences, the foundational issues are pretty much the same from one agency to another.
FedTech: Agencies would not have to replace legacy systems. That’s the whole purpose, really — as much as possible, correct?
Sankaran: Yes. Rip and replace is not a solution for us. The CONNECT gateway allows systems of all types to share data through NHIN. Too much money and effort have been invested in these legacy systems and custom-developed systems used throughout the federal government. CONNECT was built with the flexibility to accommodate that.
FedTech: Do you think that there is a lot of awareness of your work and the effort to improve healthcare?
Sankaran: We are getting there. We had our first discussions at the end of 2007. We started the projects in March of 2008, and this March we began the demonstrations. Within the last 12 months, we did a lot of things; we built something that we can share with people. It’s no longer talk; it is something that people can touch and feel.
Once we announced the open-source website, www.connectopensource.org, in early April, within two weeks from the date of release it had 20,000 unique hits. That’s something that the federal government enabled, and we expect the industry to really pick it up and move it forward. We have close to 900 people registered for downloading the solution. The critical aspect to your question is how do you communicate this, and that’s one of the reasons that we have started communicating not on technology terms but on human terms.
FedTech: We talked a bit about cybersecurity, but what about personally identifiable information and the privacy side of the security picture?
Sankaran: The federal security strategy is very much focused on harmonizing FISMA and HIPAA. It’s important to note that NHIN does not involve a centralized database or any type of storage that can be hacked. It’s not a large system that is being built. Data will reside within the participating organizations, and it must be protected as it is transferred over the Internet from one organization to another. That still needs to be resolved — to make it operational and trustworthy for the participants.
FedTech: How are you going to overcome this challenge?
Sankaran: What we have done is form the Federal Security Strategy for Health Information Exchange. It’s a working group where we brought all the federal agencies together to really explore our options. This will require a lot more attention because unless this is resolved, we really can’t move into production.
The good news is that there’s a great deal of overlap between the regulations for the federal government and for the rest of the healthcare industry. It’s now a matter of determining how alignment of these regulations can create rules of engagement where the process is acceptable for all, affordable to implement and still protects citizens’ privacy.
FedTech: Obviously part of that challenge is directly tied to data sharing and the ability to integrate systems. When you look explicitly at technology, what are some technologies or ways to help expose data, so that many people can use it?
Sankaran: In healthcare today, we are talking about interoperability. But in another 15 years or so, it will be a given. Products that come to market such as electronic health records or patient health records will be interoperable. We won’t have to build these bridge solutions.
If you look at what CONNECT is doing today, it is a bridge solution. That means you have legacy systems, and what you are expecting to do is to share information for the betterment of your beneficiaries. CONNECT was built as a kind of gateway to allow organizations to communicate with the external world.
FedTech: How important is innovation as a factor in this effort’s success, and what are some ways that government IT can better capture and harness creative prowess around this specific type of project?
Sankaran: We are encouraging the agencies, and they are also stepping up in these areas and building the backend network components. Even though we collaborated on the CONNECT gateway, the agencies still have to build their own adapters to link from their existing systems into the gateway. Many agencies have started working with each other on this part of the effort, too.
For example DOD is reaching out to the Telemedicine and Advanced Technology Research Center, one of its innovative R&D arms, to look at next-generation network adapters that could be used to connect to NHIN. So the best way to achieve innovations is simply to begin a two-way dialogue with organizations throughout the government and the private sector.
It’s about looking at all this and saying, “OK, this is something that we all — the industry, the private sector, the federal government, everyone — has to work toward collectively to achieve.” By working together, agencies will be exposed to new ideas constantly. And even when they have different stakeholders with different missions and might need to do some things slightly differently, at the same time they can borrow good ideas to get a better solution.
FedTech: So, whatever the best of breed that is out there?
Sankaran: Exactly. And that is a good thing that’s happening in the government: the not-invented-here syndrome is going away.
FedTech: Was there anything else you wanted to talk about before we wrap up?
Sankaran: Industry and others are excited that the federal agencies have come together to move the broader agenda forward. And as we move forward, one of the key things that I always remind my team and everyone else, including myself — I remind myself all the time — is that the policy should drive technology, not the other way around. So when we build this technology solution, it might be cool but if it doesn’t meet citizen needs and if it does not fully align with what the policy directions are, then it’s not going to go too far.