himss hie common practices survey - amazon s3s3.amazonaws.com/rdcms-himss/files/production/... · a...
TRANSCRIPT
2011 HIMSS HIE
Common Practices Survey
HIMSS Health Information Exchange
HIE Common Practices Workgroup
Bi-Annual Survey
May 2012
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 2
Table of Contents Executive Summary .................................................................................................................................... 4
HIE Terminology .................................................................................................................................... 4
Principle Findings ....................................................................................................................................... 5
Responder Overview ................................................................................................................................... 6
Responders Organizational Demographics (Questions 1-14) ................................................................. 6
Entity Formation & Organizational Description (Questions 15-32) ....................................................... 7
Participation Agreements, Governance and Funding (Questions 33-50) ............................................... 9
Data Exchange Activities .......................................................................................................................... 10
Exchanges Providing HIE Services (Questions 51-56) ........................................................................ 10
HIE Services (Questions 57-62) ........................................................................................................... 11
Scope of Exchange Activity (Questions 63-68).................................................................................... 14
Technical Aspects of the Organization (Questions 70-82) ................................................................... 15
Privacy, Security and Standards ............................................................................................................... 17
Privacy & Security (Questions 83-86) .................................................................................................. 17
Data Management & Standards (Questions 87-93) .............................................................................. 19
Participation in ONC Initiatives............................................................................................................ 21
Lessons Learned & the Next Horizon ....................................................................................................... 21
Interoperability and Other Services (Questions 94-102) ...................................................................... 21
Top Five HIE Industry Issues and/or Concerns (Question 103) ........................................................... 22
Privacy & Security (30 percent) ....................................................................................................... 23
Financial Sustainability & Costs (21 percent) .................................................................................. 23
Conflicting and/or Rapidly Changing Policy (20 percent) ............................................................... 24
Lack of Patient/Provider/Stakeholder Integration (13 percent) ........................................................ 25
Data or Interface Shortcomings (12 percent) .................................................................................... 25
Lack of a Qualified Health IT Workforce (4 percent) ...................................................................... 25
Conclusion ................................................................................................................................................ 26
Acknowledgements ................................................................................................................................... 27
HIE Committee Common Practices Workgroup .................................................................................. 27
HIMSS Staff.......................................................................................................................................... 27
Appendix A: Survey Methodology ........................................................................................................... 28
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 3
Appendix B: Survey Questionnaire Tool .................................................................................................. 30
Primary Information.............................................................................................................................. 30
Location Information ............................................................................................................................ 30
HIE Entity Formation & Organizational Description ........................................................................... 31
Participation Agreements & Oversight ................................................................................................. 31
Funding & Operations........................................................................................................................... 32
Data Exchange Activities ...................................................................................................................... 32
Technical Aspects of the Organization ................................................................................................. 33
Privacy & Security ................................................................................................................................ 34
Data Management & Standards ............................................................................................................ 34
Lessons Learned & the Next Horizon ................................................................................................... 35
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 4
Executive Summary
The HIMSS Health Information Exchange (HIE) Common Practices Workgroup spearheaded the 2011
HIMSS HIE Common Practices Survey project for the purpose of gaining insight into practices common
to health information exchange organizations and networks operating in the United States. The original
survey project was completed in 2009, with results presented in the 2009 HIMSS HIE Common
Practices white paper.1 The data collection for the current survey was conducted between January and
May 2011. The primary intent of this paper is to provide insight and awareness of general
characteristics and activities of HIE organizations that the reader many encounter when working with
their local and state HIE organization.
HIE Terminology
In 2008, the Office of the National Coordinator for Health Information Technology (ONC) engaged in
discussions with the health IT industry to define certain terms, among which were the terms “HIO” and
“HIE.”2 Health Information Exchange (HIE) is defined as “the electronic movement of health-related
information among organizations according to nationally recognized standards,” and as such, it is
considered an action or verb. A Health Information Organization (HIO), on the other hand, is defined as
“an organization that oversees and governs the exchange of health-related information among
organizations according to nationally recognized standards;” in other words, an HIO is the organization
that performs the data sharing, a noun. In this survey, we have adopted the more commonly accepted
industry use of the term “HIE” to represent both the action of data sharing and those organizations
responsible for it.
The 2011 HIE Common Practices Workgroup agreed to take a more liberal approach to inviting
participants than what was used for the 2009 survey, adopting a broader definition of what constitutes an
“exchange.” The 2009 survey sought to exclude organizations that were not actively engaged in the
sharing of data, as well as organizations that had limited their data sharing to within their organizational
family. For the 2011 survey, we invited all organizations that are sharing data between organized
entities, even if those entities may be held within the structure of a larger organization. In addition, we
invited organizations to respond while they were still in the formative stage and had not yet started data
sharing activities, including State-Designated Entities (SDEs) which may have been forming to facilitate
exchange within the state, but may not have been planning HIE services of their own.
1 http://www.himss.org/ASP/ContentRedirector.asp?ContentID=76001
2 The National Alliance for Health Information Technology Report to the Office of the National Coordinator for Health
Information Technology on Defining Key Health Information Technology Terms. April 28, 2008.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 5
Principle Findings
This white paper presents findings from the survey as reported by the survey’s participants, and is not
intended to represent all HIE organizations. We recognize and embrace the fact that HIE organizations
by nature are not alike and will vary across their business models, service offerings and overall technical
strategies. All information developed and discussed in this paper was compiled by the authors based
strictly on the survey responses, all of which were self-reported by the HIE organizations that
participated. No additional attempts were made to verify responses. The findings outline common
themes, trends and issues as reported by the survey’s participants.
Below is a summarization of some of the more interesting findings from the 2011 survey.
Many more HIEs The 2011 survey had 38 responders, an 81 percent increase over the
2009 survey.
Few HIE closures Only two HIEs that responded in the 2009 survey have closed.
Increased
production mode
More than 50 percent of responders were in production mode.
Broader geographic
penetration
Nearly 80 percent of the responders indicated that they covered both
rural and urban geographies.
Quality still leads Quality of patient care was listed as a reason for formation of the HIE
100 percent of the time.
Payer involvement
dropping
Payer/health plan participation dropped from 76 percent in 2009 to a
reported 42 percent in 2011.
Healthcare reform
important
The ACO payment model was already being cited as a primary driver
for HIE.
Participation fees
remain popular
Subscription fees and membership fees topped the list of revenue
sources from operations.
Financial sustainability
increasing
More than half of the HIEs reported having achieved financial
sustainability through revenue from operations. However, many
HIEs indicated that they still routinely seek grant funding to expand
operations and services.
HIE services expand
Services offered continued to be focused on the core HIE functions of
MPI, record locator and results distribution; however, CCD/CCR
exchange and secure messaging were also being widely used.
Bi-directional exchange
gaining ground
Bi-directional exchange was also gaining in momentum, being
performed by more than two-thirds of responders.
Architecture strategies
mixed
Federated and hybrid federated architectures were used by all but two
of the responders, who reported using a centralized architecture.
PHRs on the increase Two-thirds of the HIEs planned on interoperating with PHRs or
offering their own PHR services.
Privacy and security
top concerns
Privacy and security concerns surpassed financial sustainability
concerns in the minds of the survey’s respondents.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 6
Responder Overview
Responders Organizational Demographics (Questions 1-14)
A total of thirty-eight responders participated in the 2011 HIMSS HIE Common Practices Survey, which
was an 81 percent increase over the 2009 survey.
The most common HIE entities responding to the survey were local, regional and federated non-
geographic multi-stakeholder organizations. Six of the responding organizations also noted that they
were the State-Designated Entity (SDE) for state-level HIE (see Figure 1).
Figure 1: Responding Organization Type.
Responders were located in California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Indiana,
Iowa, Kentucky, Massachusetts, Maryland, Michigan, Missouri, Montana, North Carolina, Nebraska,
New Mexico, New York, Ohio, Oklahoma, Oregon, Rhode Island and Washington. Three more states
participated in this survey than in the 2009 survey.
There were twenty-three new responders to the 2011 survey, and the fifteen repeating responders
reported their organizations were still in operation. Six responders from the 2009 survey did not
respond; however, external verification indicated that all but two were still in operation. Seven
responders were 2010-2011 startups, which is not surprising given the Meaningful Use HIE criteria and
increased funding availability from ARRA/HITECH grants during that time.
58%
5%
5%
16%
3%
13%
Local, regional or federated multi-stakeholder organization that provides HIE services
Integrated Delivery Network (IDN), medical group practice, or similar organization that provides HIE services only to its own stakeholders and within its own organizational boundary
Governmental HIE organization or initiative (city, county, state, federal)
Non-profit organization that is the State Designated Entity (SDE) for State-Level HIE
Integrated delivery system providing HIE services inside and outside its boundaries in multiple states
Other
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 7
As observed in the 2009 survey, a majority (66 percent) of individuals responding to the survey listed
their positions as CEO, CIO, Executive/Managing Director or Chairman/President. Other positions
cited included Director of Informatics and some state-level positions.
The majority of responders were actively exchanging data in either production or pilot mode (see Figure
2), and eleven of the non-production HIEs were under contract to begin data exchange activities by the
end of 2011. Population coverage was mixed between regional, non-geographically related and state-
wide, with only four responders indicating multi-state constituencies.
Figure 2: HIEs Exchanging Data (Production vs. Pilot Mode).
One interesting statistic was that nearly 80 percent of responders indicated that they covered both rural
and urban geographies, which supports the notion that HIEs have successfully performed outreach into
the rural areas where health IT advancement may be lacking. Another reassuring statistic revealed that
84 percent of responders indicated covering large medically and/or economically under-served
populations. This is especially important for the prevention of a further digital divide, and will operate
to directly reduce health disparities within these communities.
Entity Formation & Organizational Description (Questions 15-32)
The majority (82 percent) of the respondents indicated that they operated as not-for-profit organizations,
with the remainder being mostly governmental entities. Only two organizations indicated that they were
private-sector for-profit entities. When all respondents were asked why their HIEs were formed, the top
three reasons included:
Improve the quality of healthcare delivery / Improve patient safety (100 percent).
Need to share information across healthcare stakeholders in community (89 percent).
Decrease healthcare costs (87 percent).
Yes 51%
Yes, in pilot mode (real/production
data) 3%
Yes, in pilot mode (test data)
24%
Planned for 2011/2012
19%
No 3%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 8
With the new regulations clarifying how Accountable Care Organizations (ACOs) are expected to
operate, it should be noted that fourteen respondents had also listed preparation for or participation in
ACOs as a primary reason for HIE operation, and 66 percent of respondents cited Meaningful Use
requirements for interoperability as another driver for initiating HIE activities. Three organizations—
located in the states of Oregon, Colorado and Maryland—indicated that their HIEs were formed as a
result of a governor’s executive order.
In preparing for start-up, many organizations followed a pattern for organizational development which
included:
Developing a business case (81 percent).
Creating an operating budget (76 percent).
Developing a contingency plan (59 percent).
Thirteen respondents (only 34 percent) indicated that they had created a three-year capital budget before
initiating operations, which is consistent with the last survey (38 percent). In future surveys it would be
useful to determine the rationale for organizations’ apparent short-term attention to capital budgets. One
possible explanation could be a planned shift of expenses from capital to operational budgets. An
example of this may be the selected technical strategy, such as using software-as-a-service (SaaS) or
other outsourcing models, which typically have fewer up-front capital costs. However, these are
speculations and should be further researched.
HIE stakeholders most often cited included provider organizations, such as hospitals and Integrated
Delivery Networks (IDNs), at 92 percent, followed closely by primary care physicians at 87 percent and
specialty physicians at 76 percent. Other notable stakeholders included:
Private/payer health plans (42 percent).
State government agencies (37 percent).
Technology vendors (34 percent).
Federal government agencies (29 percent).
Quality improvement organizations (24 percent).
One notable change from the 2009 survey was the decreased role that payers and health plans were
playing in new HIEs as reported by this group of participants, dropping from the 76 percent reported in
2009. Likewise, technology vendors were also playing a less active role in the HIEs to which they
furnished software and services, dropping from the previously reported 57 percent.
Start-up initiatives continued to vary across the HIEs, with 74 percent of the respondents indicating that
their HIEs were, at least in part, community-initiated activities, as compared to those which originated
from a single entity, such as a provider, payer or other organization. This focus on community-based
initiation was consistent with the 2009 survey results. State and federal initiatives also contributed to
HIE formation as would be expected (see Figure 3).
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 9
Figure 3: Attribution for the Formation of the HIE.
Although 63 percent of responders indicated not following an established HIE implementation model or
guide, five responders notably identified Healthbridge of Cincinnati, OH, as a leading model that was
followed during planning and implementation. Twenty-one percent of responders indicated that they
followed the Markle “Connecting for Health”3 strategy. HIMSS and eHealth Initiative (eHI) were also
noted as resources for information and tools to create and implement HIEs.
Participation Agreements, Governance and Funding (Questions 33-50)
Participation agreements were used by most (84 percent) of the HIE organizations. Governance was
conducted in a variety of ways, including directorship at 68 percent and membership class or group
representation at 16 percent. The makeup of HIE governance was typically composed of members from
the participating organizations (68 percent); funding organizations who did not directly participate in
exchange (11 percent); and other community interest participants who were not funders of the exchange.
HIE management was most often provided through a paid staff individual (68 percent), although
contractors (11 percent) and others, including unpaid volunteers, were used by a significant number of
HIEs.
Financial sustainability continued to be a high priority for HIEs. When asked about their primary
funding sources, over half of the responders reported having achieved financial sustainability through
revenue from operations. However, even many of those HIEs also continued to get grants and other
financial contributions (see Figure 4). Breaking down the types of funding received from operations,
subscription fees (53 percent) and membership fees (32 percent) topped the list of revenue sources, with
only 21 percent reporting that they collected transaction fees (Figure 5).
3 http://www.markle.org/health/markle-connecting-health-collaboration
0%
10%
20%
30%
40%
50%
60%
70%
80%
13%
0%
11%
74%
13%
5%
24%
One primary "key" provider
One primary "key" payer/employer
One primary "key" vendor/consultancy who acted to coalesce the community
Community initiated (several providers and/or other interested parties)
Outgrowth from an existing data sharing operation (e.g., registry)
Community action group composed of consumers/patients
Other (ONC HIE/HITECH, research, state legislation, federal funding, etc.)
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 10
Figure 4: HIE Funding Sources.
Figure 5: Reported Revenue Sources from Participants.
Data Exchange Activities
Response data for questions 51 through 68 was calculated based on the 37 responders who were
exchanging data in either production or pilot mode at the time of this survey, as determined by responses
to question 9, “Is the HIE still actively exchanging clinical data?”
Exchanges Providing HIE Services (Questions 51-56)
Of the responders, twenty-eight (74 percent) had already implemented health information exchange
services, six were planning implementation later in 2011 and the remaining four were still in a startup
mode. Of those HIEs that were exchanging data, the responses revealed that the majority (96 percent) of
HIE implementations took place after 2004. The year 2009 represented the greatest number of HIE
implementations, with 24 percent of the total HIE implementation activity.
0%
10%
20%
30%
40%
50%
60%
70%
In-kind resources
Financial contributions
Grants Contracts and cooperative agreements
Cash loans / Services credit
Sustained funding
55% 55%
68%
37%
8%
45%
0%
10%
20%
30%
40%
50%
60%
70%
Membership dues/fees Subscription service fees Transaction fees Third party org fees
36%
61%
24%
15%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 11
The consistent progression in new HIEs implementing exchange activities from 2006 to 2011 makes
sense when considered against the establishment of the National Health Information Infrastructure
(NHII) architecture in 2003, followed by ONCHIT in 2004 (see Figure 6). However, the drop-off
between 2009 and 2011 was unexpected, especially given the state stimulus for the purpose of HIE
development. Since the survey was administered at the beginning of 2011, it is possible that a number
of start-up HIEs simply did not respond to the survey, and that their implementation activity will be
captured in the future. Another possibility is that HIE community start-ups failed to gain a foothold
because of the introduction of the SDEs, instead adopting a wait-and-see approach.
Figure 6: Year of Implementation of HIE Services.
Among the operational HIEs, 76 percent indicated use of a primary vendor, and 19 percent indicated a
home-grown application with many participating vendors. Of the ten HIEs not yet operational, four
indicated that they had either made a prime vendor choice or were moving toward one. The two leading
vendors named by those HIEs indicating the use of a primary vendor were Axolotl (25 percent) and
Medicity (11 percent). Fifteen other vendors were also mentioned either as prime vendors or as
participants in a home-grown exchange, including ECW and EPIC, which are EHR vendors that offer
HIE services. Other HIE service vendors mentioned included MIRTH, HealthUnity, Browsersoft,
Microsoft, Medlink, InterSystems, MISYS, Relay Health, InteHealth, ACS, ICA, MedPlus and Orion
Health.
The majority (64 percent) of reporting operational HIEs began pilot exchange of healthcare data
between January 2009 and April 2011, with several others expected or contracted to begin pilot
operations before the end of 2011.
HIE Services (Questions 57-62)
Of the basic data exchange and sharing services offered by the surveyed HIEs, the two most common
services cited were member organization interoperability and master patient index/record locator
services. Both services were either currently provided or contractually committed to be offered in 2011
by 73 percent of the responders. MPI was also indicated as a core service offering by 71 percent of
0
1
2
3
4
5
6
7
8
2006 2007 2008 2009 2010 2011
3
4 4
7
4
2
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 12
responders in the 2009 survey, indicating that a majority of HIEs were still focused on aggregation of
data by patient. The least cited offering was the ontology/vocabulary normalization service (16 percent).
The list of common HIE services was greatly expanded from the 2009 survey, which is indicative of the
increased sophistication of HIEs. We added participation in the national initiatives (NwHIN CONNECT
and the Direct Project) to the list, and refined other categories from the previous survey, using what have
become the more commonly used terms for those services (see Figure 7).
Figure 7: Data Exchange Functions Incorporated into HIEs.
When asked which clinical products and services the organization currently provided or was
contractually committed to offering in 2011, the top four responses were all “push” messages4 and
included lab results delivery (81 percent), discharge summaries (70 percent), radiology results (65
percent) and clinical documentation (62 percent; see Figure 8 “clinical services” in blue). The 2011
percentages represented an approximately 20 percent increase over the same percentages reported in
2009, which is a clear indication that HIEs are gaining in not only broader membership, but in the types
of data being handled.
The clinical data services categories were in stark contrast to the financial and administrative services,
where only ten of the exchanges reported that they were or will be providing non-clinical services. The
most cited non-clinical exchange services were administrative services, ACO services, and
enrollment/eligibility (see Figure 8 “financial/administrative services” in red). This confirms our
observation from the first study that most data exchange conducted in HIE organizations is still oriented
toward patient care. We do expect this number to rise, however, as HIEs continue to search for broader
4 “Push” messages are those that are sent unsolicited from a data source to a data recipient. Examples include laboratory and
other types of results, messages between providers and patient summary documents.
0% 10% 20% 30% 40% 50% 60% 70% 80%
Direct Project
NwHIN CONNECT
Information exchange with SLHIE
Provider indexing services
Master Patient Index (MPI) and record locator services
Ontology/vocabulary normalization services
User authentication & authorization services (security)
Standards harmonization support services
CCD/CDR production/sharing services
Secure messaging
XDS registries for document location
Query
Member organization and interoperability services
30%
27%
43%
38%
73%
16%
30%
65%
65%
65%
38%
65%
73%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 13
revenue-producing business opportunities, and as payers come to see HIE as a source for the quality data
they need to demonstrate outcomes to their customers.
Figure 8: HIE Clinical, Financial and Administrative Services.
A large number of responders (38 percent) were not engaging in data quality and research activities,
although many indicated that they were committed to doing so before the end of 2011. Most of those
(thirteen respondents) indicated they would be reporting immunizations to the state registries.
Syndromic surveillance, public health reporting and quality indicator reporting were the next most
frequently indicated types of reporting (see Figure 9), consistent with the expectations of Meaningful
Use.
0% 10% 20% 30% 40% 50% 60% 70% 80% 90%
Patient appointment scheduling
Telehealth / Telemedicine services
Claims
EMT/1st responders reporting/notes
Enrollment / Eligibility
Accountable Care Organizations (ACO) service
Medication alerts
Registry products and services
PHR/Patient-reported data
Administrative data exchange
Radiology image delivery/viewing
EHR products and services
Dictation transcription results delivery
ePrescribing
Immunization / Syndromic surveillance / Public health …
Consultations and referrals
Emergency visit documentation
Community viewer/portal services
Medication history
Clinical patient notes & documentation
Radiology results delivery
None
Discharge summaries
Lab results delivery
8%
8%
11%
16%
16%
16%
19%
22%
24%
24%
27%
35%
38%
41%
43%
49%
49%
49%
54%
62%
65%
68%
70%
81%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 14
Figure 9: Other HIE Services.
In addition to those listed above, eight of the respondents indicated offering one or more of the
following services:
Reporting on referral patterns.
Secure one-to-one messaging.
Automated electronic results and reports delivery.
Emergency department (ED) visit notification to primary care physicians.
Ability for clinicians to subscribe to notifications and alerts about patient events.
Scope of Exchange Activity (Questions 63-68)
When asked about their HIE transaction categories, responders reported that the majority of their
transactions were processed with physician office and hospital sites. Less than 5 percent of transactions
were processed for government reporting, public health and immunization registries (see Figure 10).
Figure 10: Reported HIE Transaction Types.
0% 5% 10% 15% 20% 25% 30% 35% 40%
None of these listed services
Quality indicator reporting
Public health reporting
Immunization reporting (state/federal agencies)
Syndromic surveillance reporting (state/federal agencies)
Chronic disease management
Population health monitoring
Academic research
Data evaluation and performance measurement
Links established with quality reporting agencies
38%
27%
30%
35%
27%
19%
16%
24%
22%
11%
0% 5% 10% 15% 20% 25% 30% 35% 40%
Immunization registry
Government reporting
Public health
Nursing home / Long-term care / Rehab facility
Behavioral health
Payers / Third party administrators
Other
Emergency room outpatient
Outpatient / Clinic
Inpatient
Specialty care physician office / medical practice
Primary care physician office / medical practice
3%
3%
5%
11%
14%
14%
14%
27%
27%
30%
35%
38%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 15
HIEs still processed the majority (two-thirds) of their transactions as pushed messages from the data
suppliers (still primarily hospitals, reference laboratories and pharmacy data suppliers). However, other
types of transactions were gaining in popularity, such as portal inquiries and transaction inquiries, which
accounted for nearly one-third of the volume.
Bi-directional exchange has also gained momentum since the 2009 study. A majority (73 percent) of the
responding HIEs reported that they either used bi-directional as the exclusive exchange mode or had a
mixed environment. For those HIE organizations that indicated exclusively one-way communication, 60
percent reported that bi-directional data exchange was planned (see Figure 11).
. Figure 11: Scope of Reported Exchange Activity.
Sixty percent of the responders indicated that they measured HIE exchange activity, which was down
significantly (80 percent) from the 2009 survey. We are not clear on the specific reasons for this drop,
other than the simple fact that several of the responders were still not exchanging data in a production
mode. Of those that did measure exchange activity, transaction volume was the predominant measure at
86 percent, which is consistent with the previous survey. However, multiple measures were also used,
as shown in Figure 12.
Figure 12: HIE-Reported Metrics.
Technical Aspects of the Organization (Questions 70-82)
Technical architecture plays a significant role in the ability of HIEs to perform certain services. When
asked about their consideration of architecture prior to startup, 82 percent of the survey participants
indicated that their organization considered system architecture before the HIE was organized. Most
One-way 14%
Bi-directional 30%
Mixed 43%
Not Disclosed 14%
72% 74% 76% 78% 80% 82% 84% 86% 88%
Number of entities sending/receiving data
Number of providers sending/receiving data
Number of transactions
Number of patients
82%
82%
86%
77%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 16
participants (61 percent) indicated that their HIE used a hybrid system architecture, followed by
federated architectures at 29 percent and centralized architectures at 8 percent. The majority (71
percent) of survey responders indicated the use of outsourced hosting to facilitate data exchange
activities, whereas 26 percent chose to host at their own facility.
HIEs are typically required to maintain very high availability, often in the “three 9s” or “four 9s”5 range
(99.9 percent to 99.99 percent availability). To ensure high levels of service and systems redundancy in
the event of failure, HIEs employ various means of achieving business continuity. The most often cited
business continuity features are shown in Figure 13.
Figure 13: HIE Business Continuity Strategies.
HIE services require movement of significant amounts of data through secured public and private
networks. Most (84 percent) respondents identified high-speed Internet access as being the minimum
requirement for participating in the HIE, and more than half of the respondents indicated that a VPN was
required. Some HIEs, however, did allow for lower speed connectivity (see Figure 14).
Figure 14: HIE Network Requirements.
5 Service Level agreements often include provisions for availability of “up-time” which are typically expressed in
percentages over a period of time, such as a week or month. The terms “three 9s” and “four 9s” are colloquial, indicating
99.9 percent and 99.99 percent respectively. For example, 99.9 percent up-time over one week means that the system can
be unavailable for no more than ten minutes; 99.99 percent up-time would be one minute unavailability in one week.
0%
10%
20%
30%
40%
50%
60%
70%
80%
Disaster recovery site
Storage Area Network (SAN)
Mirrored or RAID disk
architecture
Hot-failover servers
High availability
servers
Not disclosed
71% 66%
53% 55% 53%
11%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90%
Not disclosed
To be determined
Phone line
Redundancy
>56 kbps capacity
VPN
Internet access
3%
3%
5%
8%
16%
55%
84%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 17
The majority of responding HIEs reported the use of service-oriented architecture (SOA) either partially
(42 percent) or entirely (21 percent). Only 8 percent of respondents denied SOA use, while 32 percent
did not provide information on their utilization of SOA.
Less than half (47 percent) of the responders indicated that they used open-source products in providing
HIE services, and 34 percent reported that their choice of technical architecture was the result of which
vendor was chosen to implement the HIE. When asked to identify which key technology vendors
supported the organization’s health information exchange activities, 21 percent indicated Axolotl; 11
percent indicated IBM or Mirth; and 5 percent indicated Medicity (see Figure 15).
Figure 15: HIE Use of Key Technology Vendors.
Current trends in HIE development strategy tend to favor buy over build. However, the majority (53
percent) of respondents reported using a mixed strategy, both buying and building components of their
HIE services.
Privacy, Security and Standards
Privacy & Security (Questions 83-86)
All but one of the thirty-two respondents that provided information on security controls and strategies
indicated their HIE employed a minimum of two security controls and/or strategies. Role-based
authentication, auditing and log review, encryption of data during transmission and disaster recovery or
business continuity planning were the most highly utilized security practices among HIE respondents
(see Figure 16).
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Other Not disclosed IBM Mirth Medicity Axolotl
50%
24%
11% 11%
5%
21%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 18
Figure 16: HIE Security Strategies.
Patient privacy consent methods utilized by responders covered the full range of traditional “opt-in” and
“opt-out” practices. Opt-in practices and opt-out with no affirmative documentation requirements were
the methods of choice, but opt-out practices with affirmative documentation requirements came in at a
close second (see Figure 17). State law largely defines consent practices, and 90 percent of the “other”
responses involved state-specific practices or variations due to multi-state coverage area. By
comparison, the 2009 survey showed a combined total of only 60 percent of the HIEs using opt-in or
opt-out consent models.
Figure 17: Patient Privacy Consent Methods.
Consent granularity laws are in the early stages of development, and EHR applications are developing
behind those laws. Consequently, with patient adoption lagging and limited technical capacity, the lack
of consent granularity revealed in the survey results was not surprising. HIEs will follow the trend of
federal regulation for establishment of consent models, and at the time of this survey, many states were
out ahead of the federal government in creation of regulations governing the patient’s right to consent.
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Other
Disaster recovery / Business continuity plan
Encryption of data during transmission
Encryption of data at rest
Auditing / Logs / Review
Single sign-on
Two-factor authentication
Role-based authentication
Entity authentication
Federated individual user authentication
Centralized individual user authentication
Security risk analysis
0%
88%
91%
66%
91%
0%
28%
88%
63%
50%
47%
75%
None 3%
Opt In 29%
Opt Out - no affirmative
documentation required
29%
Opt Out - affirmative
documentation required
21%
Other 18%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 19
The resulting differences in consent requirements will make interstate exchange more challenging.
Unless there is a clear national call for a specified level of granularity, EHR and HIE vendors may likely
opt to provide only a very minimal level of consent granularity that is consistent with nationally
accepted norms.
Respondents indicated very strong support of ARRA and HITECH requirements, with business
associate provisions and breach notifications utilized by over 90 percent of the thirty-three organizations
responding to this question. Supporting the accounting of disclosures was a practice exercised by almost
80 percent of the responding organizations, and providing patient access to a copy of their EHR was
practiced by almost 60 percent.
Data Management & Standards (Questions 87-93)
The twenty-one HIE organizations that provided information on data management strategies indicated a
high utilization (71 percent) of code set translation and normalization techniques for data management
within their exchanges. The use of data filtering and language normalization strategies were reportedly
about even, but still fell short of 50 percent (see Figure 18).
Figure 18: HIE Data Management Strategies.
Only 24 percent of responders reported the use of just one data management strategy within their
exchange, an indication that the majority of HIE organizations had outlined multiple strategies which
would better serve their data quality requirements. Implementation of multiple strategies supports
typical HIE business drivers and value propositions and should, in the long run, improve HIE
sustainability. In a related question, almost three-quarters of survey participants indicated that their HIE
organization utilized a health information management position to manage or monitor their data.
Of the 32 participants who provided data standards information, the highest percentages of responders
(81 percent) indicated the support of ICD-9 and LOINC within their data encoding standards. NDC,
RxNorm, CPT-4 and SNOMED comprised about 50 percent of the responding HIEs’ employed
standards, while HCPCS and ICD-10 standards were used by just over one-third of the responders (see
0% 10% 20% 30% 40% 50% 60% 70% 80%
Other
Privileged data
Data filtering
Data correction process
Export & registration of data objects/data staging
Language normalization
Code set translation & normalization
10%
19%
38%
19%
24%
43%
71%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 20
Figure 19). With ICD-10 coding mandates rapidly approaching in 2014, it will be imperative for all HIE
organizations to support this data encoding standard in addition to the ICD-9 version.
Figure 19: HIE Data Encoding Standards.
As expected, all thirty-one survey participants who responded to the messaging standards question
identified Health Level Seven (HL7) as a standard supported by their HIE. The other choices yielded
less than half of the total responses, with the National Council for Prescription Drug Programs (NCPDP)
showing the strongest support at 42 percent (see Figure 20).
Figure 20: HIE Messaging Standards.
The “Other” category revealed some common messaging standards, including the Healthcare Services
Specification Project (HSSP), which is a combination of HL7 standard messages, coupled with Object
Management Group (OMG) frameworks and Integrating the Healthcare Enterprise (IHE) reference
implementations. The lack of direct use or support for the American National Standards Institute’s
Accredited Standards Committee X12 (ANSI ASC X12) was not surprising, since most HIEs do not
engage in the financial EDI messaging.
In a related question, less than one-third of respondents indicated that they supported or used the
Council for Affordable Quality Healthcare (CAQH) CORE EDI messaging profiles, while the remainder
0% 10% 20% 30% 40% 50% 60% 70% 80% 90%
Other
LOINC (Logical Observation Identifiers Names and Codes)
HCPCS (Healthcare Common Procedure Coding System)
CPT-4 (Current Procedural Terminology)
RxNorm (Standardized nomenclature for clinical drugs)
NDC (National Drug Code)
SNOMED (Systemized Nomenclature of Medicine)
ICD-10 (International Classification of Diseases)
ICD-9 (International Classification of Diseases)
3%
81%
34%
53%
50%
44%
56%
34%
81%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Other
MDMI (OMG Model Driven Message Interoperability)
ANSI ASC X12 (American National Standards Institute's …
NCPDP (National Council for Prescription Drug Programs)
DICOM (Digital Imaging and Communication in Medicine)
HL7 (Health Level Seven)
26%
13%
35%
42%
26%
100%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 21
either indicated that they did not or were unsure. A little more than half of the responders also indicated
the use of IHE profiles.
Participation in ONC Initiatives
When asked about their participation in the various ONC initiatives, HIE organization survey
participants indicated the highest participation in the Federal Direct Project, with the Standards and
Interoperability (S&I) Framework close behind. Slightly more than one-third of responders also
indicated involvement in one of the federal CONNECT initiative pilots (see Figure 21).
Figure 21: HIE Participation in ONC Activities.
Lessons Learned & the Next Horizon
Interoperability and Other Services (Questions 94-102)
At the time of the 2011 survey, 68 percent of the survey participants had plans to interoperate with
PHRs, and two-thirds of respondents indicated the current or future use of a PHR vendor in accordance
with ONC’s direction for Meaningful Use. The most popular PHRs reported at the time of this survey
were Google Health6 and Microsoft’s HealthVault; also mentioned were Life Link, AHIMA, Relay
Health and SpinnPHR. Other survey participants revealed plans for gateway services which will enable
the patients to connect to the PHR of their choice and several HIE organizations stated that their PHR
interoperation plans were still in development.
Most responders said they had no plans for interoperating with data banks, but 8 percent already allowed
some patient access to the HIE, and another 47 percent said they had future plans for this service. Of the
three responders allowing patient access to the HIE, each had a different policy on which services the
patient was allowed to access. One respondent stated that their HIE did not originate any data, so it
could only be retrieved by the patient’s provider upon request. This respondent recognized that certain
circumstances, such as a provider retiring, might convolute this process, so an alternative solution using
6 The Google Health API was retired in January 2012. See http://googleblog.blogspot.com/2011/06/update-on-google-health-
and-google.html.
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Don't know / No response
CONNECT Direct Project S&I Framework Initiatives
45%
26%
45%
39%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 22
a PHR was being developed. Another respondent indicated that only demographics and eligibility data
were accessible to the patient, and the third respondent stated that a written request must be made to the
HIE for the release of the record in paper form, given that they did not allow electronic access at that
time.
Of the twenty respondents indicating the use of other applications through the HIE organization, 80
percent revealed mobile devices as the primary tool. Remote monitoring equipment was used by a little
over half of the responders, social media and networking resources were used by 35 percent, and video
conferencing and Internet2 services were used by 25 percent of the responding HIE organizations (see
Figure 22).
Figure 22: Other Applications and Devices Used by HIEs
Top Five HIE Industry Issues and/or Concerns (Question 103)
Thirty-two responders provided additional details on areas of concern within the HIE industry, from
which several themes were easily identified (see Figure 23).
Figure 23: Observed Barriers to HIE Success.
0%
10%
20%
30%
40%
50%
60%
70%
80%
Other Video conference / Internet2
Social media / Networking resources
Remote / Home monitoring equipment
Mobile devices
15%
25%
35%
55%
80%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Insufficient qualified staff
Data or interface shortcomings
Lack of provider/patient/stakeholder buy-in
Conflicting and/or rapidly changing policy
Financial stability or costs
Privacy & security
13%
42%
45%
71%
74%
100%
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 23
The following is a high-level look at the specific issues identified by survey participants.
Privacy & Security (30 percent)
Lack of policy standards.
Impact on data sharing (both intrastate and interstate).
Inconsistency of consent laws.
Lack of national Data Use and Reciprocal Support Agreement (DURSA).
Granularity issues.
With federal mandates for exchange pushing the rate of HIE development, and data exchange
capabilities improving at a rapid pace to meet this need, the lack of a legal framework to govern
standards and services was seen as a significant barrier to HIE success. While a movement to form a
national Data Use and Reciprocal Support Agreement (DURSA) began in 2006, the ONC had yet to
issue a final formal template agreement for the country to adopt. The DURSA agreement would bind
data exchange participants into trust relationships that protect the confidentiality and security of the
health data exchanged. Without this national agreement, other privacy and security issues emerged as
barriers, such as interstate sharing of data, inconsistencies in privacy and consent laws and significant
differences in policies and standards.
The technical and policy issues regarding granularity of consent discussed previously have far-reaching
effects, as demonstrated in the free-text responses given by 20 HIE survey participants. Thirty-four
percent of responders specifically listed consent-related issues in their top five barriers to HIE success.
However, as mentioned before, the technical and procedural aspects of granular consent were
improving. On the policy front, HIPAA created a baseline standard that states had built upon with more
stringent guidelines resulting from the states’ specific privacy regulations. In June 2010, the ONC
charged its Health IT Policy Committee with making privacy and security recommendations in relation
to Meaningful Use Stage 1. Within the Health IT Policy Committee, the Privacy and Security “Tiger
Team” was created to explore the issues set forth by the ONC. In their August 2010 final
recommendation, the “Tiger Team” recognized the importance of “meaningful consent” and the
applicability of granular consent, but they stopped short of making a formal granular consent
recommendation. Their reasoning cited the current inability of the EHR industry to implement granular
consent, coupled with the national need for more study on the impact of using granular consent.
Financial Sustainability & Costs (21 percent)
Lack of accurate ROI data.
Insufficient public funding.
Adverse effects of policies.
High interface costs.
Vendor pricing issues.
Those respondents that discussed financial sustainability and cost barriers noted interface costs, vendor
pricing and the lack of accurate and objective ROI data as key issues that HIEs must face in their
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 24
struggle to attain financial sustainability. The services offered through these HIEs did not index directly
to HIE revenues. Public support for HIEs had not yet reached a critical mass, so expenses did not reflect
a true competitive HIE market as found with other health IT vendor market sectors. Another concern
cited for the lack of financial sustainability was a focus on programs and exchange activities that
effectively bypassed the need and business case for HIEs.
Conflicting and/or Rapidly Changing Policy (20 percent)
Meeting Meaningful Use requirements.
Implications of the PCAST report.
Federal mandates of state or federal HIEs in addition to local HIEs.
Future stages of Meaningful Use requirements.
Health reform integration.
Threat of potential requirement to sequester patient record information.
Closely related to the adverse effects of policies contributing to the financial sustainability and cost
barrier was the conflicting and/or rapidly changing policy landscape. The ARRA / HITECH Act created
state-level HIE governance entities, which many states actually used to create state-level HIEs, or state-
designated entities (SDEs.) These governance entities and state-level HIEs in some cases may have
challenged local HIEs, and may have actually hindered regional and local HIEs from expanding their
market both functionally and territorially. While this varies by geographic location, an unintended
consequence of competition (or perceived competition) across HIEs occurred in some areas. Even with
state-level entities having the best intentions in facilitating exchange within the states, stakeholders in
some cases became confused about overall strategy and purpose, and consequently were slow to join
existing regional HIEs.
To add to this landscape, the Affordable Care Act, enacted just one year later, complicated HIEs’ place
by instituting another entity (SDE or SLHIE) which had very specific goals and functionality criteria
required for success. These constant changes forced HIEs, no matter how far along in their
development, to continually reassess and redefine their organization’s role in order to continue to
demonstrate value to their constituents while looking for a long-term sustainability model. While all the
policies sought worthwhile goals, they resulted in a moving target for HIEs that further added to their
challenges in creating a robust business.
Meaningful Use requirements identified to date have proven a challenge for some HIEs due to the extent
of actual exchange requirements, as well as the available alternatives that may be easier and less costly
for providers to adopt (e.g., use of Direct to push data instead of the local HIE). In addition, Meaningful
Use requirements at the time of this survey were yet to be finalized for Stage 2 and Stage 3, leaving
more uncertainty for the role of HIE organizations. These and other efforts are believed to have slowed
adoption and participation in HIE organizations, in some cases because of their impact on stakeholder
and provider confidence in the national HIE strategy.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 25
Lack of Patient/Provider/Stakeholder Integration (13 percent)
Maintaining stakeholder involvement.
Demonstrating value to providers.
Lack of EHR adoption despite CMS incentives.
Low trust and confidence in data exchange.
Unclear purpose of a PHR to the general public.
Lack of patient, provider and/or stakeholder integration was a barrier directly resulting from the rest of
the identified barriers. While the value of a patient’s involvement in their own care and wellness has
been clearly demonstrated in many studies, the translation of that value to the practical use of PHRs is
still largely ignored by providers as well as patients. As the barriers previously cited are resolved, this
crucial uptake and “buy-in” to the value of HIEs and HIE-tethered PHRs will dissipate as well. Through
more consistent policymaking, privacy and security standards, data and technology advances, and
availability of a qualified health IT workforce, the public’s hesitancy to participate in and support HIEs
is anticipated to diminish.
Data or Interface Shortcomings (12 percent)
Interoperability issues.
Lack of top-level domain for health data routing.
Lack of standardization of clinical nomenclature into LOINC or SNOMED.
Data entry issues.
Need for more national-level standards.
Coordination between EHR vendors, state and local HIEs.
While there have been significant EHR advancements in recent years, the industry does not have a
credible nationally recognized strict set of reference implementations for standard interface messages.
Policy thus far has defined requirements for what needs to happen, but not how to achieve it. The
competitive result of innovators on every level of the health IT development spectrum is driving the
health IT movement, but not addressing this issue at a national level. Market competition is the ideal
environment for innovation and progress; however, policy demands and public health goals require
cooperation and the implementation of uniform standards to enable safe and secure exchange of health
data. The policy-instituted certification requirements of EHRs for Meaningful Use are a step in the right
direction, but significant progress will require the close collaboration of all stakeholders to drive true
interoperability. Until that time, HIEs will be faced with building many point-to-point interfaces with
the same vendors (and multiple versions of their products) because each vendor’s product includes data
and architecture nuances that require special handling.
Lack of a Qualified Health IT Workforce (4 percent)
Lack of skilled health IT staff available at small provider level.
Lack of availability of EHR interface staff for providers.
Limited trained workforce prepared to support national HIE.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 26
Surprisingly, the least cited barrier to HIE success was the lack of a qualified health IT workforce to
support the rapidly expanding health IT field. While this issue is being addressed through the HITECH
workforce training program and an increase in state grants for health IT education programs, the
significant shortage in workforce noted in HITECH to be an immediate barrier to EHR and HIE
implementation did not appear to be much of an issue to the HIEs participating in this survey.
Conclusion
The 2009 HIMSS Common Practices Survey was developed to gather an initial set of information about
HIEs and their development, governance, financing and architecture. This 2011 HIMSS HIE Common
Practices Survey sought to better understand HIE organizations through the use of a detailed survey
questionaire exploring the organization, service offerings, data exchange activities, privacy and security,
data management and lessons learned. The survey examined industry trends and common themes, as
well as current and future issues. As was true with the 2009 survey, all information developed and put
forward in this document was compiled by the authors based on the survey responses and no attempt
was made to verify responses. All survey information used in this report was self-reported.
This survey has identified many interesting trends and barriers to the future of HIE and its changing role
in healthcare delivery based on the responses of the survey participants. What seems certain from the
growing number of HIE entities, despite the barriers and challenges noted above, is that HIE will have a
definite place in the future of health IT. As more stakeholders understand the value of the utility of HIE
and adopt an attitude of sharing data for the betterment of patient care and safety, HIEs will find
sustainability and will even prosper. While exchange of data between stakeholders will continue to be
an early win for HIE organizations, more effort will be placed on the high value gained from
aggregation of a patient’s longitudinal record and its use in disease management. Finally, stakeholders
who come together with a shared vision of creating a common data architecture and a shared repository
of community information which can be leveraged at the local and regional level (as well as at the
national level) will all benefit. These common goals will improve overall and individual patient care
quality, while managing costs to remain competitive.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 27
Acknowledgements
HIE Committee Common Practices Workgroup
This white paper was developed under the auspices of the 2011-2012 HIMSS Health Information
Exchange Committee. Special acknowledgment and appreciation is extended to David Minch and
Helen Hill for serving as primary authors of this paper. The HIE Committee Common Practices
Workgroup members and student interns who participated in development of the white paper are:
Helen Hill, FHIMSS
Henry Ford Health System
David Minch, FHIMSS
John Muir Health
Veronica McCoy, RHIA
Project Intern
Ashley Swain, MS
Project Intern
Steven Ton
Project Intern
HIMSS Staff
Pam Matthews, RN, MBA, CPHIMS, FHIMSS
Senior Director, Regional Affairs
HIMSS
Julie Moffitt
Coordinator, Regional Affairs
HIMSS
The inclusion of an organization name, product or service in this publication should not be construed as
a HIMSS endorsement of such organization, product or service, nor is the failure to include an
organization name, product or service to be construed as disapproval. The views expressed in this white
paper are those of the authors and do not necessarily reflect the views of HIMSS.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 28
Appendix A: Survey Methodology
The purpose of this project was to determine practices and activities across HIE organizations, and to
determine significant changes in responder activities between the 2009 project and the 2011 project.
The HIMSS HIE Common Practices Workgroup reviewed and updated the 2009 HIE Common Practices
Survey questionnaire, based in part on comments from that survey analysis for use in this project effort.
The survey was administered between January and April 2011, utilizing an online survey tool. The
workgroup compiled a list of potential target HIE organizations from several industry publications.
Outreach methods for contacting targeted organizations included e-mail, general announcements in
HIMSS volunteer publications and personal contact by workgroup members. This outreach effort
resulted in thirty-eight organizations participating in the in-depth survey project. The attached report
reflects the information as it was reported in the survey by these participating organizations. All survey
results were self-reported and no effort was made toward additional verification of the survey data
received from the participants.
An online survey tool was used to administer the survey questionnaire, providing the ability to capture
data in a tab-delimited format for ease of import into statistical analysis software tools. When opened in
a table format, the header for each column was the question that was presented to the survey participant.
The corresponding rows represented the unique participants and their responses to each survey question.
In this 2-dimensional array format, an analyst can quickly identify trends in the survey results, allowing
further drill-down using statistical tools.
The breakdown of the questions into independent columns depended upon the available parameters for
that question. For simple Boolean questions, where the available responses were limited to only yes or
no or true or false, these parameters were represented as click boxes or radio buttons to the user, and
recorded as pre-defined strings in the dataset. It is self-evident that these types of questions are the
simplest to quantify and assess. However, only a few of the questions were captured using this highly
rigid method.
Another type of survey question allowed the user to “select all that apply.” These questions presented
the participant with a pre-defined list of available parameters to be selected by clicking the
corresponding checkbox. Many of these questions included an option entitled “Other,” which could be
selected by the participant to allow for free-text to capture responses that were not given as selection
options. This type of question produces two challenges. First, the survey tool produces a simple text
string which is the concatenation of all the options selected by the participant. The concatenated string
must subsequently be broken down into manageable fragments for accurate assessment by the analyst.
Second, when the “Other” option is utilized, the free-text responses cannot be predicted and require
individual analysis and aggregation. The challenges of these free-text responses are further elaborated
below.
In the most general terms, the greater the amount of survey rigidity (i.e., pre-defined options,
checkboxes or selection tools) the easier the survey analysis process will be. Consequently, increased
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 29
complexity and analysis difficulty will arise with increased response flexibility, due in part to the
unpredictability of responses.
The final type of question utilized was the open-ended, fully free-text question. These provided the
greatest flexibility for participant responses, but also posed the greatest challenge for the analysis team
when performing assessments. As the answers given in free text boxes cannot be readily predicted or
easily correlated, the use of computerized quantification or interpretation is greatly limited. Open-ended
survey responses require careful review by the analyst to fully assess and interpret the meaning of the
response.
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 30
Appendix B: Survey Questionnaire Tool
The following is an abbreviated version of the tool used.
Primary Information
1. Please provide the following information: Organization Name Organization URL Primary Contact Title Address, City, State, Zip Phone Number E-mail Address
2. Please provide the name and contact information for the person completing the survey.
3. What is your HIE’s organizational type?
4. Did your organization participate in the HIMSS 2009 HIE Best Practices Survey?
5. Did your organization begin during the 2010-2011 period?
6. Would you and the organization you represent agree to be identified as survey participants in this study and in the resulting report?
7. Is your organization still in operation?
8. If the organization has ceased operations, please indicate the following:
9. Is the HIE still actively exchanging clinical data?
10. Are you under a contract to begin data exchange activities in 2011?
Location Information
11. Where is the primary office location of your organization?
12. HIE population coverage: Does your HIE cover a specific geographic region, or is it federated and not geographically bounded?
13. Please indicate your HIE’s primary covered population.
14. Does your HIE include a large medically and/or economically underserved population?
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 31
HIE Entity Formation & Organizational Description
15. What is the date the organization was founded?
16. What is the date of incorporation?
17. What is the organization type?
18. Indicate the HIE’s primary reason for operation.
19. Identify the lead stakeholder organization(s) for the HIE if there is a leading organization or group of organizations.
20. Identify the fiduciary/incubator for organization.
21. Prior to the organization’s start-up, please indicate which budgets were completed.
22. Does your organization currently maintain any plans and budgets?
23. Please indicate all the types of stakeholders who are currently participating in your HIE organization.
24. Please describe the “Community-based Safety-net Organization” stakeholder.
25. Please describe the “Long-term Post-Acute-Care Facilities” stakeholder.
26. Please describe the “Quality Reporting Organization” stakeholders.
27. Start-up initiative: Choose the type of initiative that best describes how the HIE was initiated or convened.
28. Are the initial founders still involved?
29. Did you pattern your organization’s implementation model after another HIE or another successful data sharing/exchange model?
30. If yes, please describe.
31. Did you follow a pre-established implementation guide for creating your HIE?
32. If yes, please describe.
Participation Agreements & Oversight
33. Does the organization use a participant agreement with the stakeholders?
34. How is your organization’s governance board structured?
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 32
35. Management: Is the organization managed by a paid individual who is part of the organization’s staff, or is a contactor managing the organization?
36. If “Neither,” please explain how the organization is managed.
37. Oversight: Individuals who perform the organizational oversight (e.g., board-level direction) are primarily from what type of organization?
Funding & Operations
38. Funding Sources: Specify current funding sources for your organization. (Please select ALL that apply)
39. Indicate types of fees charged by your organization.
40. Has your HIE received any planning grants?
41. If yes, please describe.
42. Are you now or will you be receiving any of the following HITECH/ARRA funding?
43. If you selected “State-level HIE funding” in the previous question, are you the State-Designated Entity (SDE)?
44. Are you involved in any other federally funded IT programs?
45. If you answered, “CMS Innovations,” please describe the specific award.
46. If grants and other beneficial funding were to be removed from the organization’s sustained cash flow, how long would the organization survive?
47. What are your budgeted operating expenses for the current fiscal year?
48. What are your projected capital requirements for the current fiscal year?
49. Have you deployed any measure to determine ROI and/or benefits realized from the data exchange?
50. If yes, please provide a brief description of the measurements and current results.
Data Exchange Activities
51. When did you begin implementation of HIE services?
52. Did you use a primary vendor to provide these services?
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 33
53. If yes, please name the vendor.
54. If no, please describe the approach.
55. When did you start pilot exchange activities?
56. What date did the organization begin production of clinical data exchange?
57. What basic data exchange/sharing services does your organization currently provide or is contractually committed to offer in 2011?
58. What clinical products and services does your organization currently provide or is contractually committed to offer in 2011?
59. What financial/administrative products and services does your organization currently provide or is contractually committed to offer in 2011?
60. What healthcare outcomes: Data quality and research products and services does your organization currently provide or is contractually committed to offer in 2011?
61. Are there other services that were not listed?
62. If yes, please describe.
63. Transaction Categories and Volume: Please indicate the types of transactions your HIE processes and, if known, the percentage of total transactions each category represents.
64. Inquiry and Push Transaction Volumes: Please indicate by percentage of total transactions moved through the HIE.
65. What is the scope of your organization’s current data exchange activity?
66. If one way, is bi-directional data exchange planned?
67. Does the organization measure its data exchange activity?
68. If yes, what measurements are used?
Technical Aspects of the Organization
69. Did you consider system architecture before the HIE was organized?
70. What is the overall architecture of the HIE?
71. Where do the organization data exchange activities operate from?
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 34
72. What business continuity features does the HIE have?
73. Indicate the organization’s network requirements to the end user.
74. Please describe the Internet access requirements.
75. What are the designed/contracted service levels for the HIE?
76. Is SOA (service-oriented architecture) used?
77. Are open-source software products used in providing HIE services?
78. If yes, please provide a brief description of which open source products and which open source functions.
79. If available, please provide the URL for a web site or other location where we could find a high-level architecture diagram showing your technical architecture.
80. Was the technical architecture a result of which vendor was chosen to implement the HIE?
81. Please list the key technology vendors supporting your organization’s health information exchange activities.
82. What was the strategy for development of your HIE services?
Privacy & Security
83. Select the security controls and strategy used for exchange of information through the HIE. (Please select ALL that apply)
84. Please indicate the patient privacy consent method used.
85. Please identify the granularity of consent.
86. Indicate the new ARRA/HITECH requirements that your organization supports or plans to support by the compliance deadline.
Data Management & Standards
87. What is the strategy for management of data within the exchange?
88. Do you have a person in a health information management position who is managing/monitoring the HIE’s data?
HIMSS Health Information Exchange 2011 HIE Common Practices Survey
© 2012 Healthcare Information and Management Systems Society (HIMSS) 35
89. What are the data encoding standards supported?
90. What are the messaging standards supported?
91. Is your organization using CAQH CORE (HIPAA X12 reference implementation guidelines) implementation guidelines?
92. Is your organization using IHE (Integrating the Healthcare Enterprise) implementation profiles?
93. Is your organization participating in any of the ONC initiatives?
Lessons Learned & the Next Horizon
94. Please provide a brief description of any pitfalls or lessons learned that may be helpful to others embarking on the establishment of HIE organizations.
95. Do you have plans to interoperate with PHRs?
96. If yes, please describe the type of PHR (payer’s PHR, vendor PHR, such as Google, etc.) and the approach that is being discussed.
97. Do you have plans to interoperate with data banks?
98. If yes, please describe.
99. Do you currently allow individuals (patients) to access the HIE?
100. If yes, what services are they allowed to access (i.e., PHR)?
101. If no, do you have plans to allow patients to access the HIE in the future?
102. Are you currently using or planning to use any of the following in your HIE?
103. Please list your top five HIE industry issues and/or concerns.