As a fan of the relational database, and the inventor of the relational model, the late Ted (Edgar F.) Codd, Joel Ryba drafted a brief set of rules that he believes an HIE must comply with to be completely effective.
Whether you implement stone carvers with chisels, paper and fax, peer-to-peer electronic exchange, federated repository, or a centralized repository; HIE quite simply must support these tenets to be effective.
When Dr. Codd introduced his rules for relational database management systems in 1985, it was in response to the market starting to introduce products that they said were RDBMS but actually were not.
So in order to protect the relational model, which he introduced in 1970, Codd threw down the gauntlet, defining what a real RDBMS should be.
And his rules stuck.
Today, we have the same issue of older products being packaged as health information exchange IT.
Thus, Joel Ruba felt it was necessary to put out a list of rules that an HIE must meet to be effective.
Here are the 16 rules of HIE:
- Assured Delivery Rule – must be able to reliably message between source and destination and confirm delivery. Exceptions must alert an operator and store the message(s) for reprocessing.
- Abstraction Rule – must support multiple versions of standard interfaces like IHE and HL7 as well as optionally support non-standard interfaces.
- Patient Data Locator Rule – ability to locate patient records.
- Data Integrity Rule – ability to manage patient data by data source.
- Query Rule – ability to Query/Pull from other provider(s) as a single record (individual provider stable record or consolidated on-demand document).
- On Demand Consolidation Rule – Ability to consolidate patient data from multiple sources into a single view.
- On Demand Aggregation Rule – ability to aggregate data (counts, sums, averages) for single patients or across multiple patients meeting a selection criteria.
- Provider Directory Rule – ability to locate a provider (legal entity like hospital or group practice or an individual clinician) for push messaging and if necessary transform their local facility identifier into a generic address or identifier or into another facility’s local identifier.
- Direct Push Rule – ability push a single record and selectively send data to comply with HIPAA minimum necessary requirement.
- Access Control Rule – ability to control access based on patient consent and data recipient roles.
- Subscription Rule – ability to ‘Subscribe for PUSH’ based on the subscribers rights to the patient data.
- Audit Rule – Effective HIE must Log all transactions to an audit log.
- Audit Reporting Rule – ability to Report against Audit data.
- Clinical Reporting Rule – ability to report clinical data across patients for population health use cases as well as be able to locate patients meeting a clinical profile across all data sources when all data on the patient may come from multiple sources and may be stored in an equivalent federated manner.
- Interoperability Rule – ability for providers to seamlessly initiate and terminate exchange from their native environment.
- Customizable Business Rules Rule – ability for processes to be monitored for compliance to business rules to report or alert for exceptions.