AHIMA supports the use of policy to ensure the soundest, most reliable, and responsible use of health information for public health. Health information (HI) professionals have extensive knowledge and expertise to contribute in developing these policies. To ensure public health is bolstered while protecting the privacy, confidentiality, and security of a patient’s health information, AHIMA believes that public policy must:
As public health surveillance systems increasingly pull data from electronic health records (EHRs), policy must work to ensure that the health information in those records is accurate and timely to address public health needs. Surveillance systems must also ensure they have timely health data from a number of sources, including hospitals and health systems that participate in syndromic surveillance. The value of coded data should be acknowledged for public health initiatives, and accurate coded data must be prioritized to address public health needs.
Public health surveillance systems must be funded at an adequate level to ensure data is available in a timely manner to permitted public health agencies.
Adopt modern technical standards and requirements to enhance interoperability, decrease unnecessary reporting duplication, and ensure data is consistent, comparable, and meaningful across the US and internationally.
Public health surveillance systems must encourage the adoption and implementation of modern standards, such as Fast Healthcare Interoperability Resources (FHIR), and deploy application programming interfaces (APIs) to strengthen interoperability and reduce duplicative work faced by healthcare organizations, which are often required to report the same data in different formats based on local, state, and federal requirements. Standards for data collection and reporting processes are needed to ensure data is consistent, comparable, and meaningful. Policy should also support the flow of public health information across borders to ensure robust and targeted public health responses.
Leveraging modern standards and new technologies may increasingly lead to public-private partnerships to conduct public health surveillance. Policy must ensure that data holders clearly and conspicuously communicate what information will be collected, maintained, and analyzed. They must also make clear how the data may be processed, disclosed, and shared, and whether the information will be de-identified.
Policy must safeguard patient privacy, including the de-identification of data whenever possible; prohibit attempts at re-identification of de-identified public health data; encourage strong security, privacy, and confidentiality standards within any public health institutions or system; promote privacy protections for contact tracing initiatives; and offer methods to engage and inform patients on the use of their patient health information. Policy should also promote appropriate data minimization and retention policies.
Public health response and planning in the US relies on accurate, standardized, timely, and accessible health information that can be used to protect the health of populations. Public health surveillance systems today are often viewed as antiquated and suffer from underfunded and outdated systems that delay responses to public health threats. Under-functioning public health systems put the public at risk of disease outbreaks, such as measles, pandemics, COVID-19, and chronic threats, such as the opioid epidemic.
One concern is the lack of standardization and incompatibility of public health data collected across different surveillance systems; across local, regional, and federal agencies; and across geographic borders. During the COVID-19 pandemic, data collected and reported across the US has been found to be inconsistent and incomplete, hampering health officials’ ability to understand factors that place certain populations and communities at increased risk.
While it is necessary to have a well-functioning, fully funded public health system, patient privacy must be protected and safeguarded. Current methods used by American public health departments to produce de-identified data sets are not always successful in preventing patient re-identification. The CDC states that systems need to be modernized to ensure systems and data are secure. Public health and patient privacy are compatible goals that can be met through clear policy guidance.
This includes patient misidentification due to the lack of a national strategy around patient identification. The rise in patient-generated health data is an additional challenge that must be addressed to ensure accurate and complete data in EHRs.
Hospitals and other health organizations often face varying reporting requirements from local, state, and federal public health authorities, resulting in duplicative work and wasted resources.
Lack of consistent and adequate federal funding across a number of public health surveillance systems, including the National Notifiable Disease Surveillance System (NNDSS), Electronic Case Reporting (eCR), Syndromic surveillance, the Electronic Vital Records System, and Laboratory Information Systems (LIMS) has created a system that is not timely, secure, or sufficiently expansive. This decreases the capacity of such surveillance systems to perform research and accurately respond to public health threats. Lack of sustained funding for public health surveillance systems has also left these systems less secure than they should be.
The rise in artificial intelligence, including sophisticated algorithms and use of machine learning, has increased the risk that de-identified data stripped of identifiable demographic and health information could be re-identified.
More complete, timely, and accurate public health data will provide policymakers with the opportunity to promote health equity in ways that are culturally respectful.
Want to read the full statement or share it with your colleagues?
January 5, 2021
AHIMA calls for the incoming administration to consider the implications of health information as they begin to implement new health policies in 2021.
AHIMA Advocacy in Action - Public Health
January 22, 2021
"The American Health Information Management Association (AHIMA) is pleased to see the executive order released on Thursday from President Biden entitled, “Ensuring a Data-Driven Response to COVID-19 and Future High-Consequence Public Health Threats.”
June 25, 2020
In a letter to Senator Lamar Alexander, AHIMA urged Congress to take swift action to address the issue of patient misidentification and its implications for public health data and described the need for a national strategy to prioritize what social determinants of health data is relevant for public health purposes.