An Interview with Dr. William Yasnoff: The Future of Health Information Infrastructure

We recently sat down with Dr. William Yasnoff, a national leader in health informatics, to get his thoughts on the future of Health IT, especially around the critical problem of moving patient data throughout the healthcare ecosystem.


Just to get started, could you walk me through your background and what you focus on now?


I’m a physician, and I have a doctoral degree in computer science. More specifically, I’m a computer guy who went to medical school with the idea of applying computers to medicine, and I’ve spent my entire professional career developing large scale, first-of-their-kind health information systems.

I was medical director of AMA/Net at the American Medical Association in the late 80s. This was AMA’s first online electronic information system for physicians. Interestingly, it failed because there was no Internet, and we couldn’t reconcile the variable telecommunications charges with our customers’ desire for a fixed fee, unlimited usage service. We provided reference information, literature, news, etc., for physicians.

I then went on to develop the first successful state immunization registry in the state of Oregon in the 90s, which is still operating successfully today, funded by the Centers for Disease Control. They recruited me to Atlanta, where I spent five years developing the field of public health informatics, including co-editing the textbook in the field and organizing the first national meeting and consensus conference. Then, in 2002, I was called to the Department of Health and Human Services in Washington, DC., to work on national health information infrastructure (NHII) — I was the first full-time Federal official to be involved. With two years of hard work, including organizing a consensus conference around that issue, I was able to push the issue to the President and get the Office of the National Coordinator created in 2004. I then left the government, started my own consulting firm, NHII Advisors, and have been an independent consultant ever since. In 2006, I organized the nonprofit Health Record Banking Alliance to promote the idea of patient-controlled, community-based repositories of electronic health records, as a potentially successful approach to deal with the problem of an effective health information infrastructure, and have been working on that ever since, as well.


That’s quite a fascinating background. So that we can jump straight into my favorite subject–Health IT–I’d like to ask you to walk me through the way you’d characterize the last five years of HIT, the way the landscape is shaping up and where you see it going over the next few years?


In my view, the overarching objective of the Office of the National Coordinator and of health IT is to ensure the availability of comprehensive electronic patient information when and where it’s needed. One of ONC’s problems is that this goal has not been clearly and repeatedly articulated.

In order to accomplish this goal, there are essentially two big things needed. Number one, all the information has to be electronic because you obviously can’t electronically move information that’s on paper. Ideally, you want it encoded. Having electronic images of pieces of paper is clearly not going to solve the problem. You want all providers to adopt and use electronic records.

The second issue is that beyond having all the information in electronic form, there has to be an effective and efficient mechanism to aggregate an individual patient’s records for a provider regardless of the provider’s location. When the patient presents for care, you need to be able to gather up all the patient’s records from everywhere into a coherent whole for presentation to the provider with tools that allow effective access to a potentially large body of information.

Over the last few years, with respect to the electronic health record issue, the ONC has created a certification effort, which is not ideal, but at least there is a baseline of certification for electronic health record (EHR) systems, so providers know that they’re getting a system that has certain capabilities. More recently, there’s been a substantial subsidy for the use of EHRs through the so-called Meaningful Use program. That program has accelerated the adoption of electronic health records, although I would argue that based on the data I’ve seen, the majority of physicians in the US who are office-based physicians still do not have EHRs. Overall, the incentives have helped, but we’re still a long way from the goal line.

In the second area, which for convenience I’ll call Health Information Exchange (HIE)–moving health information around so that you get a coherent complete record for each patient–the record has been pretty dismal. The HITECH Act allocated over half a billion dollars to the states to work on the problem of health information exchange, but the data clearly indicate that those efforts are failing. In fact, perhaps the single most telling and useful measure of the progress of Health IT is the number of patients who receive their care in the presence of comprehensive electronic records from all sources. When I started at HHS in 2002, that number was zero. Today, in 2013, that number is still zero.

The consequences of the failure to deliver comprehensive records while we are simultaneously seeing more and more physicians using EHRs is that health care costs are going up instead of down, as promised and predicted. The reason is very simple — we do not pay for care, but rather for documentation of care. EHRs are a wonderful tool for improving documentation of care; and therefore, it’s entirely expected and reasonable that as EHRs proliferate, there will be higher payments for care because the care will be documented better.

The predicted and expected savings from Health IT accrue from reducing the number of medical errors and the amount of duplication that results from incomplete records. Since the current approach to health information exchange has failed and patients do not have comprehensive records, we are not getting those benefits, and therefore, the costs are going up instead of down.


You mentioned that about half a billion dollars was allocated towards setting up mechanisms and infrastructure for health information exchange. Could you tell us what’s involved in that? What is the actual architecture and structure of what’s been tried and why haven’t the current efforts succeeded in your opinion?


First of all, money was essentially allocated by a formula to state governments. The state governments could spend the money themselves or could designate an organization to get the money within the state. That’s actually the first problem. Building these kinds of systems is difficult. It requires a high level of expertise both in health care and in computer science. Very few people really know how to do this and even fewer have been successful doing it. By giving the money to the states, you’re basically asking for the creation of 50+ teams of people who are capable of solving this very difficult problem. I don’t think it’s possible to assemble 50 such qualified teams in the United States.

More importantly, the architecture that’s been pursued for the health information exchanges is the “fetch-and-show” architecture, or the scattered model, where the electronic patient records are left where they happen to be created, as people get care hither and yon. Then an index is created in the community where people have gone for care, and when someone shows up for care, we go to the index, and then based on that index, we generate queries to all the places they’ve received care before, retrieve the records from those care episodes, integrate them in real time into a coherent whole, and deliver them to the point of care.

This architecture has not worked. It’s too complicated. It’s too prone to error. More importantly, this architecture can never work. For example, it doesn’t allow you to efficiently search the distributed data, which is absolutely necessary if you’re going to get any of the public health or research benefits of having this information. We’ve had a combination of under-qualified teams working on the problem and pursuing an architecture essentially dictated by ONC that is extremely complicated–very, very difficult to make operational–and which in fact, can never work. I should also mention that it’s impossibly expensive and has no financial sustainability model. Naturally, this approach hasn’t worked.

In 2007, I published a paper describing a quantitative framework for evaluating health information infrastructure progress in communities. Frankly, I started this work in 2005 because I was very dismayed reading press release after press release where communities would announce having had one meeting with relevant stakeholders and declare that they were the leading regional health information organization in the country, which is silly. At that time, there were no established or validated criteria for measuring progress. We created those criteria and validated them in the four leading communities. Basically, there are four simple criteria that comprise our evaluation system.

One, ‘Do you have all the information on everyone?’ If you have half the information on half the population, you would receive a 25% score in that measure. The second criterion was, “Is everyone using the information?” or at least, “Does everyone have access to it?” If you have all the physicians using the information, but none of the patients, you would get 50% credit. If all the patients had access to it and all the physicians had access to it, you would get 100%. The third criterion was, “What is the information being used for?” If it was being used for all the purposes it should be used for, not just clinical care, but also quality improvement, research, public health, and health care operations, you would get full credit. If it was only being used for one thing, you would get partial credit. Then, the fourth was, “Is it financially sustainable?” That’s also a measure of whether it’s generating value.

We combined these four measures into a single percentage result, and the community that was furthest along scored 78 out of 100. Even the most advanced communities still had quite a way to go before they could declare completion.

There are a number of communities that are relatively advanced. Indianapolis is usually cited as one of these. Even in those communities, no one has as yet received their care in the presence of all their records. Not a single person. They do not have all the information for everyone. They do not have everyone using it. In Indianapolis, to the best of my knowledge, the patients do not have any access to the information at all. They are moving towards financial sustainability, and they may have even achieved it, but I would argue that even in a very advanced community, like Indianapolis, they have a long way to go. Further, Indianapolis does not use a fetch-and-show architecture. They actually have a central repository, and that’s one of the things that has allowed them to make progress.


I see. What percentage of HIEs use the fetch-and-show model?


I don’t know, but of the operational HIEs, I think most of them do not use the fetch-and-show model because they found that it just doesn’t work. The issue that is problematic about using a central repository without patient control is trust, because if the patients don’t control the information and who gets to see it, the question becomes who does control the information? Now, assuming it’s not the patient, you have to think about who are the available parties who can make the decision about who gets to see the information. Clearly, the government would not be an appropriate party for that. The employers are not appropriate. The insurance companies are not appropriate. The hospitals are probably not appropriate. The physicians may be appropriate, but it’s not clear that they’re organized in such a way that their decisions can really be made in a coherent way in a community.

When you have a central repository that is not controlled by the patients, it requires the establishment of an organization that has a level of trust beyond any existing institutions that we have in our society. This is one of the real disadvantages of the HIE– that by failing to focus on patient control of information, they essentially set up a trust requirement for themselves that in our society, I think, is actually impossible to achieve.


That’s an interesting critique. That’s a great segue to your work with health record banks. Could you tell us a bit about what you set up there and what your organization does?


The Health Record Banking Alliance is a nonprofit organization that I started in 2006. I want to make it absolutely clear, for the record, that I do not and have never received one single penny of compensation from the Health Record Banking Alliance for the thousands of hours that I’ve put in. The reason I started the Alliance was because I realized that this scattered fetch-and-show model was being promoted as the solution to developing an effective health information infrastructure, and that it was clear to me then as it is now, that it could not work. I felt it was essential that there be a national infrastructure that really could work.

When you look at Health Record Banks, community based, patient- controlled repositories of electronic health records–they solve the key problems that have stymied the HIEs, which are pursuing this fetch-and-show model. They solve the privacy problem by putting control of the information in the hands of the patient, so that in essence, each person can set their own privacy policy. Certainly, in the US, I can’t imagine any privacy policy, no matter how complex, that would be agreeable to even a majority of people in the US,  except one in which each person gets to set their own privacy policy.

The second thing that patient control does is solve the stakeholder cooperation problem. If you’re setting up an HIE in the community, you go to various stakeholders who have information and say, “I’m setting up an HIE. Will you please participate?” and they can say “yes” or they can say “no.” If they say “yes,” they can say “no” later, which obviously would disrupt your effort.

When the patients are in control, it’s the patients that are requesting the information. Under HIPAA, if the patient requests the information, everyone has to provide it. Furthermore, although it’s not as well known, if the information is in electronic form and the patient requests it in electronic form, it has to be provided in electronic form. It is a myth that in response to a HIPAA request, you can take electronic information, print it on paper, and hand it to the patient. That is not consistent with the regulation. Essentially, health record banks force all the stakeholders to cooperate at the beginning and to continue to cooperate indefinitely in providing information. This is very important because this is a big problem.

Finally, the health record bank model allows you to have financial sustainability, since by forcing the stakeholders to cooperate so you can get all the information, you can actually create value, and then the value of the records themselves can be used to support the infrastructure.

In fact, the records themselves are sufficiently valuable to actually subsidize the electronic health record systems of outpatient physicians. This way, you can either pay outpatient physicians for depositing information, or you can just give outpatient physicians free electronic records, which makes it, of course, much more likely that they will adopt such a system, particularly combined with the current incentives. The health record bank approach actually solves all the difficult problems that the HIEs have run into. That’s the approach that I’ve been advocating along with folks who have been members of the Health Record Banking Alliance over the past few years.


Interesting. You mentioned the idea of patients setting their own “privacy policy.” How does that consenting process work in practice?


The way it works is that the patient indicates who gets to see which parts of the information in their record. Of course, that could be a very complicated and difficult process if you don’t find ways to make it efficient because a given patient may have tens of thousands of pieces of information in their records and you don’t want them to have to indicate who gets to see each specific piece of information because that would obviously be incredibly tedious and impractical.

What you need to do is start with a reasonable default set of permissions. What I typically recommend is that when someone signs up for a health record bank account, they indicate who their providers are, and that the default is that the folks who are their current providers get access to all the data all the time. In addition, you want people to indicate whether they want to allow emergency access to the data. Then, if a bona fide emergency provider wants access to the record and they declare that there is an emergency and the patient is actually present, then, because the patient has agreed to this in advance, they would have access to the information. That’s an easy default that people understand and they can just say, “yes.”

My expectation is most people will just stick with the default. Then, if they want to, they can take certain pieces of information and hide them if they feel that it’s necessary, or more likely, they can take their information and make it available to trusted family members who may be assisting in their care. I think it’s important that patients have the capability to control their information down to the data item level, so that they can take a particular data item and say, “I don’t want this to be available.”

Here’s an example of why that’s important: Let’s say some piece of data is generated in error. A lab reports a result that is wrong. An easy way for a patient to deal with that is just to say, “Ok, I know that result is wrong. Of course, I’m going to try to get the lab to send in a correct result, but I don’t want anyone to see that result because I know that it’s wrong. The lab told me that they reported someone else’s data as mine, so I don’t want it to be reported.” There are legitimate reasons why people would want to suppress information other than the fact that they just want to keep it private.


How exactly does the patient go about making these privacy decisions? Is this available through a web interface?


Typically, it’s available through a web interface. Any kind of system in any community where you want to include everyone has to be very simple and easy to use. I think that we have to recognize that not everyone has convenient access to the web, although there is access in public libraries. I think to the extent possible, it’s helpful to have telephone-based interfaces, although obviously that could be very tedious if you’re trying to do something complicated, but also mobile phone interfaces, which I think in the long run are going to be the typical way that people interact with their own information. And it’s not just necessarily smart phones. You could have mobile phone interfaces using text messaging that allow individuals to control many of the functions of their health record bank account as well.


Thanks for the overview. Are there health record banks that are active or being piloted right now? What do those look like?


Unfortunately, there’s no example in the US of a large scale operational health record bank that works in the way that I’ve described. There are a couple of pilots in Washington state in very small communities, which in my view are too small to be financially sustainable by themselves. But the folks there are working hard at it. There is, of course, Microsoft HealthVault, which is the right architecture, and there’s also Dossia, which is a health record bank sponsored by a national consortium of employers for their employees.

The national efforts are very, very difficult because when you do this on a national scale, it’s problematic to get enough connectivity to information sources to be able to accumulate a valuable set of information on any one person. That’s a difficult problem. The other very difficult challenge is to get to a critical mass of the population across the whole country. The reason a critical mass of the population is important is the following: Think about the process in a physician’s office. If I’m a physician in my office, and 10% of the people walking in the door have health record bank accounts, and let’s say the health record bank accounts have pretty good information in them, it’s really going to be a nuisance for me to deal with that 10% as process exceptions in my office to make sure that I identify them and access their health record bank accounts. That situation really becomes a difficult thing for me to manage as I operate my practice.


You mean a split workflow.


That’s right. What will induce me to change my office procedures is when a majority of the people walking in the door have health record bank accounts–more likely a super-majority. When 70% or 80% of the people walking in the door have health record bank accounts, now it makes sense for me to change my procedures, so that I access the health record bank information of people who come into my office. When you work nationally, it’s very unlikely that you will ever get that majority or super-majority of patients walking into a given office that essentially have the information in your system.

I think this is another important reason why working in communities is so very important. It allows you to achieve the two critical masses that you need to achieve. One, is a critical mass of information on each person, and you can achieve that more easily in the community because a community has a smaller number of information sources and you can hook all those up. You can also work with the providers in the community. Two, if you get all the information sources in the community plugged in, it’s also easier to push in the community to get a critical mass of the population to sign up for your system, thereby providing an incentive for the providers to change their practices to actually use the information in the system. Of course, if the information in a health record bank is not used, it is not going to really help in terms of patient care or efficiency.


Interesting. Will the various health record banks in such a system be able to communicate with each other?


In the system I envision for health record banks, each person has a single health record bank account in a single health record bank. If they don’t like that health record bank, they can roll their account over to another health bank, but you wouldn’t want to allow people to have multiple health record bank accounts because that defeats the purpose. In terms of health record banks talking to each other, it’s not absolutely essential for that to occur, because in theory if they all have compatible interfaces, any provider could access any patient’s information in any health record bank, and then when they are finished with the encounter, they would make the deposit into that particular health record bank, using that same direct connection.

Each health record bank could have their own website, and depending on the patient, the physician would go to the website for that health record bank. However, there could be a situation where it would be useful for the health record banks to be connected. For example, let’s assume that you have a health record bank in community A, and someone from out of town comes to community A for care. Their record is in health record bank B. You could easily access the records from health record bank B directly via the web, but it might be that for deposits, as a physician, you only are a recognized depositor with your local health record bank. What you could then do is make the deposit of this out-of-town patient’s information into your local health record bank. The local health record bank would recognize it as being from health record bank B, which is out of town and would just take that deposit and forward it through the health record bank network to health record bank B. You could imagine a system like that as well.

You can also have multiple health record banks in the same community competing as long as people don’t have accounts in multiple banks.  Then, you need another piece of infrastructure, which is a clearinghouse. Essentially, what would happen is that when a patient came for care, the physician would request the health record bank information from the clearinghouse, the clearinghouse would look to see which health record bank this patient had their account in, get the information and give it to the physician.  After the encounter, the physician would deposit the newly-generated information with the clearinghouse and the clearinghouse would then route the information to the proper health record bank. With the addition of a clearinghouse, you can have competing health record banks in a single community, which I think would be a good thing down the road.


Even in the former situation where someone’s coming in from out of town and the records are routed back to their hometown bank–this situation theoretically requires some kind of master index,though, right?


That’s right. You need to have an index somewhere indicating where people have their health record bank account. However, such an index has absolutely no personal health information. In fact, it doesn’t need to be protected in any way. The fact that I have a health record bank account at health record bank X says nothing about me.

This is in contrast to the scattered model, the HIEs, which requires an index in the community of where you’ve received care. That index is extremely sensitive because, for example, it might say that you’ve gotten care at a psychiatric hospital. That index has to be very carefully protected and cannot be readily available.


Given all of this, where do you see things going? There’s a lot of political momentum behind HIEs, but the situation is obviously mixed as those setups are facing their own problems.


First of all, let me say that I don’t care how much political momentum is behind HIEs, they still can’t work. I used to worry that somebody would make one of these systems work, but that’s just not going to happen. Let me clarify: You can actually implement a scattered model HIE that operates. The problem is it’s so expensive and unreliable that it just can’t be sustained, so I’m not really too worried about them succeeding. If people want to continue in that direction, fine, and they have continued in that direction–but it’s just leading to failure. I should also say that I published a paper last year, a simulation study, of a central versus distributed model and showed that the distributed model requires exponentially more transactions and is exponentially more likely to create errors from failed retrievals. If you think about it, if every system is running at 99% availability and if you have to retrieve a given patient’s records from 10 different systems, the 99% availability of each system becomes additive. Therefore, the overall availability of all 10 of those systems is going to be much less than 99%. Whereas, if you have a health record bank running at 99% availability, it’s availability will be 99%. The fact is that the distributed model is inherently unreliable, expensive, and it’s just not going to work. People can work on it as much as they want and as long as they want. My main concern is they’re doing this with my taxpayer dollars, which does not make me happy. If people want to do it with their own money, then that’s up to them.

The way I see this going is that this year many more HIEs are going to fail. The Beacon projects, which I assume you’re familiar with, the 17 or so Beacon projects are also going to fail, although they’ll try to spin their results to show that they’ve done something successful. Those models just don’t work. In fact, I want to specifically draw your attention to the recent RFI that was released by HHS on March 6th. This is the one asking for ideas about how to accelerate EHR adoption and HIE progress. I want to quote from that because it’s very revealing. It says:

The Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs and Office of the National Coordinator (ONC) for Health IT (HIT) Certification Program are increasing standards based health information exchange (HIE) across health care providers and settings of care to support greater coordination of health care services. However, this alone will not be enough to achieve the widespread interoperability and electronic exchange of information necessary for delivery reform where information will routinely follow the patient regardless of where they receive care.

In essence, the government has admitted defeat. They’ve admitted that what they’re doing is never going to achieve the original goal. The debate is over. It’s interesting because our piece in JAMA on this topic (3/13/2013 issue) was written and finalized before that announcement on March 6th. Essentially, the government is agreeing with our assessment that not only is this not working, but it can never work.

Let’s get beyond that. We, as critics, say that it is not working, so we agree with the government on that. Now the question is, Where do we go from here? I think that the HIEs, which are established organizations, need to convert themselves to health record banks. Actually, how to do this conversion is what we’re working on in the Health Record Banking Alliance now. In response to this RFI, we are developing a road map to guide HIEs in converting to health record banks. Actually, many of the things that the HIEs are doing in their current impossible quest for success are some of the same processes that are appropriate for a health record bank, but there are some important changes that need to be made as well. I predict that those HIEs that do not make those changes are going to disappear. The ones that do will be successful. I think that you’re going to see a health record banking future. I’m hoping that future is going to come very rapidly because this is a very important problem that we need to solve as a nation as quickly as possible.

Leave a Reply