/  Health IT Dashboard  /  2016 Report to Congress on Health Information Technology Progress

Official logo of the United States Department of Health and Human Services

Report to Congress

November 2016

2016 Report to Congress on Health IT Progress: Examining the HITECH Era and the Future of Health IT

This annual report is submitted pursuant to Section 3001(c)(6) of the Public Health Service Act and section 13113(a) of the HITECH Act

Prepared by:

The Office of the National Coordinator for Health Information Technology (ONC)
Office of the Secretary, United States Department of Health and Human Services (HHS)

Submitted To:

U.S. Senate

The Honorable Lamar Alexander, Chairman, Senate Committee on Health, Education, Labor, and Pensions
The Honorable Patty Murray, Ranking Member, Senate Committee on Health, Education, Labor, and Pensions

The Honorable Orrin G. Hatch, Chairman, Senate Committee on Finance
The Honorable Ron Wyden, Ranking Member, Senate Committee on Finance

The Honorable Thad Cochran, Chairman, Senate Committee on Appropriations
The Honorable Barbara A. Mikulski, Ranking Member, Senate Committee on Appropriations

The Honorable Roy Blunt, Chairman, Senate Committee on Appropriations, Subcommittee on Labor, Health and Human Services, Education, and Related Agencies
The Honorable Patty Murray, Ranking Member, Senate Committee on Appropriations, Subcommittee on Labor, Health and Human Services, Education, and Related Agencies

U.S. House of Representatives

The Honorable Kevin Brady, Chairman, House Committee on Ways and Means
The Honorable Sander Levin, Ranking Member, House Committee on Ways and Means

The Honorable Harold Rogers, Chairman, House Committee on Appropriations
The Honorable Nita M. Lowey, Ranking Member, House Committee on Appropriations

The Honorable Tom Cole, Chairman, House Committee on Appropriations, Subcommittee on Labor, Health and Human Services, Education and Related Agencies
The Honorable Rosa DeLauro, Ranking Member, House Committee on Appropriations, Subcommittee on Labor, Health and Human Services, Education and Related Agencies

The Honorable Fred Upton, Chairman, House Committee on Energy and Commerce
The Honorable Frank Pallone, Ranking Member, House Committee on Energy and Commerce

The Honorable Lamar Smith, Chairman, House Committee on Science, Space, and Technology
The Honorable Eddie Bernice Johnson, Ranking Member, House Committee on Science, Space, and Technology


Statutory Requirements

Executive Summary


The Evolving Health IT Landscape

Critical Actions to Advance Health IT Use and Information Flow



Appendix: Health IT Progress Update


Statutory Requirements

Section 13113(a) of the American Recovery and Reinvestment Act of 2009 under Title XIII of Division A, part of the Health Information Technology for Economic and Clinical Health (HITECH) Act:

(a) REPORT ON ADOPTION OF NATIONWIDE SYSTEM.—Not later than 2 years after the date of the enactment of this Act and annually thereafter, the Secretary of Health and Human Services shall submit to the appropriate committees of jurisdiction of the House of Representatives and the Senate a report that—

The Secretary of Health and Human Services (HHS) submitted the first report required by section 13113(a) on January 17, 2012 with subsequent submissions on June 21, 2013, October 9, 2014, and February 29, 2016. This report is the annual update to the previous submissions.

Executive Summary

Progress in the HITECH Era

Individuals and stakeholders within the health sector rely on information. Complete, accurate, and actionable information enables patients to obtain the care they need and to manage their health, providers to make timely and accurate diagnoses, public health entities to conduct electronic immunization reporting and disease surveillance, and researchers to advance science by finding effective treatments for cancer or pursuing precision medicine.

Prior to 2009, most hospitals, doctors' offices, and other health facilities captured information on paper and shared this information primarily using fax machines, presenting numerous challenges in our increasingly digital world. For example, patients visiting an emergency room or a new physician's office without an updated medication list could easily encounter adverse events stemming from drug allergies or harmful drug interactions. Clinicians, care teams, and researchers needed to undertake time-consuming retrospective medical record abstractions to understand whether specific treatments or interventions improved health outcomes. Sharing information with public health officials or measuring health outcomes at the practice level or community level was complex.

Recognizing that the delivery and the efficiency of health care could be improved through stronger integration of an electronic health information infrastructure, Congress passed the Health Information Technology for Economic and Clinical Health (HITECH) Act as part of the American Recovery and Reinvestment Act of 2009 (ARRA), launching an unprecedented effort to spur the adoption and use of information technology (IT) throughout the health system.

Since the passage of the HITECH Act, the health IT* landscape has dramatically evolved. Hospitals and health care providers are using health IT at unprecedented levels. In 2008, only 17 percent of physicians1 and nine percent of hospitals2 had at least a basic electronic health record (EHR). In 2015, 96 percent of hospitals2 and 78 percent of physician offices use certified EHR technology.3 In short, a significant majority of individuals in the United States now have a digital footprint of their health and care experience, generating new sources and uses of this electronic health information every day.

Figure 1: Possession of Certified EHR Among Office-Based Physicians1 and Hospitals2

Figure 1 depicts the percent of office-based physicians and hospitals who possess a certified electronic health record. 78 percent of physicians have a certified electronic health record. 96 percent of hospitals have a certified electronic health record.

SOURCE: (1) Centers for Disease Control and Prevention, National Center for Health Statistics, National Electronic Health Records Survey; (2) ONC/American Hospital Association (AHA), AHA Annual Survey Information Technology Supplement
NOTES: A certified EHR is EHR technology that meets the technological capability, functionality, and security requirements adopted by the Department of Health and Human Services. Possession means that the provider has a legal agreement with the EHR vendor, but is not equivalent to adoption.

This rapid digitization of the health system was the result of many factors, including extensive collaboration among clinicians, hospitals, technologists, patient and consumer advocates, and experts from all over the country, as well as extensive financial support from the Medicare and Medicaid EHR Incentive Programs. This transformation was also supported by programs authorized by the HITECH Act. The Regional Extension Center program provided technical assistance to more than 120,000 health care providers, helping them adopt and meaningfully use certified health IT. HITECH funding, including awards made under the State Health Information Exchange (HIE) Program, created and expanded HIE-related infrastructure–both in the technical sense of services and infrastructure, and in the legal sense of governance, consent, and policy structures to support it.

Achieving an Interoperable Health System

This progress, where an extraordinary amount of electronic health information and infrastructure now exist that the country lacked merely a decade ago, has set the stage for a transition in focus to the seamless and secure flow of this health information – also known as interoperability – to improve the health and care of individuals and communities. Specifically, these advancements have laid the groundwork for progress on a range of national health priorities, including delivery system reform, the Cancer Moonshot, combating the opioid epidemic, the Precision Medicine Initiative, clinical innovation, and protecting and advancing public health. To achieve these and other health priorities, HHS is focused on three priority areas:

1. Promoting common standards to facilitate the seamless and secure exchange of data, including through the use of standardized, open application programming interfaces (APIs)§;
2. Building the business case for interoperability, particularly through delivery system reform efforts that change the way the Centers for Medicare & Medicare Services (CMS) pay for care to reward quality over quantity of services; and
3. Changing the culture around access to information through: combating information blocking; ensuring that individuals know they have a right to access and transmit their health information and that providers know they must provide access to the individuals; and reminding health care providers that they are legally allowed to exchange information in the course of treatment or coordinating care.

In 2016, HHS and other federal agencies have implemented a wide range of actions in these priority areas to bolster the person-centered foundation for a learning, interoperable health system that has developed over the past seven years. HHS will continue to work with public and private sector partners in the months and years to come to ensure that people, organizations, and communities can easily access actionable electronic health information when and where it matters most.


A variety of sources, platforms, and settings generate electronic health information that can inform health goals, behaviors, and decisions. The secure and seamless flow of this information is foundational to many national priorities:

The Evolving Health IT Landscape

The impact of the dramatic increase in health IT adoption since passage of the HITECH Act goes beyond digitizing paper health records. The rapid adoption of health IT has facilitated increased use of functionalities that have real-world clinical impacts. For example, clinical decision support (CDS) can alert health care providers to evidence-based clinical guidelines at the point of care, facilitate an enhanced diagnosis or treatment path, and alert providers to potentially harmful drug interactions.4, 5 Systematic reviews have found that 84 percent of academic studies examining health IT functionalities required under the Medicare and Medicaid EHR Incentive Programs had a positive or mixed positive effect on quality, safety, and efficiency of care.6 Health IT has also improved communication among health care providers, as well as increased sharing electronic health information with their patients and their caregivers, by facilitating the electronic exchange of health information.

Increased Flow of Health Information

Hospitals and physicians are now exchanging more electronic health information than ever before. In 2008, 41 percent of all hospitals electronically exchanged health information with outside health care providers. These rates have since doubled. In 2015, more than eight in ten (82 percent) non-federal acute care hospitals electronically exchanged laboratory results, radiology reports, clinical summaries or medication lists.7 Moreover, of the hospitals that electronically send, receive, find, and integrate information, approximately nine out of ten report that they routinely had clinical information needed from outside sources or health care providers available at the point of care, which is about double the national average.8

Figure 2: Percent of non-federal acute care hospitals that electronically exchanged clinical information with ambulatory care providers or hospitals outside their organization: 2008-2015

Figure 2 is a line chart showing the percent of non-federal acute care hospitals that electronically exchanged laboratory results, radiology reports, clinical care summaries, or medication lists with ambulatory care providers or hospitals outside their organization from 2008 to 2015. Results for each year are as follows: 2008, 41 percent; 2009, 45 percent; 2010, 44 percent; 2011, 50 percent; 2012, 58 percent; 2013, 62 percent; 2014, 76 percent; 2015, 82 percent.

SOURCE: ONC/American Hospital Association (AHA), AHA Annual Survey Information Technology Supplement.
NOTES: *Significantly different from previous year (p < 0.05). Exchange was assessed using survey questions asking respondents whether their hospital electronically exchanged or shared the following four types of clinical information: radiology reports, laboratory results, clinical care summaries, and medication lists.

Electronic health record systems have also transformed one of the most fundamental elements of health care: prescribing and dispensing medications. Prior to 2005, virtually all prescriptions were handwritten by health care professionals. These paper prescriptions could get lost or misread. With electronic prescribing (e-prescribing), health care professionals communicate clearly and directly with pharmacies. 8, 9 An e-prescribing system can lower costs, improve care, and save lives by reducing medication errors and checking for drug interactions. In the past 10 years, the number of e-prescriptions transmitted on the Surescripts network rapidly increased. Since 2012, e-prescriptions have nearly doubled to 1.41 billion.10 Ninety-eight percent of chain pharmacies and 88 percent of independent pharmacies are enabled to accept e-prescriptions on the Surescripts network, and 900,000 health care professionals use the network.11 Moving from paper-based prescribing to electronic prescribing of controlled substances (EPCS) also enables health care providers to make use of enhanced security features that technology affords. Prescribers can be authenticated before prescribing a controlled substance and prescriptions may be transmitted to pharmacies securely without risk of alteration or diversion. By June 2016, 87 percent of retail pharmacies and 18 percent of e-prescribing providers were enabled for EPCS.12

Increased Access to Health Information

The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule requires covered health care providers and health plans to provide individuals with access to their health information. This access is vital to their health. Research demonstrates that when individuals have access to, and use, their electronic health information, they feel a greater sense of trust in how their health information is being managed and in how providers are protecting their rights as a patient.13 Digitizing the U.S. health system has also empowered individuals to be more in control of decisions regarding their health and well-being. Accessing one's electronic health information is much easier than obtaining paper records. Individuals with electronic access to their health information can monitor chronic conditions, better adhere to treatment plans, find and fix errors in their records, and directly contribute their information to research. In 2012, only one-quarter of hospitals provided patients with the ability to electronically view their information; today, 95 percent of hospitals have this capability. The ability of patients to download their information increased from 14 percent in 2012 to 87 percent in 2015; and the ability to transmit information has increased from 12 percent in 2013 to 71 percent in 2015.14

Figure 3: Percent of non-Federal acute care hospitals that provide patients with the capability to electronically view, download, and transmit their health information, 2013-2015

Figure 3 is a bar chart that represents the percent of non-federal acute care hospitals that provide patients with the capability to electronically view, download, and transmit their health information for 2012, 2013, 2014, and 2015.  View has 24% for 2012, 40% for 2013 (a significant difference from 2012), 91% for 2014 (a significant difference from 2013), and 95% for 2015 (a significant difference from 2014).  Download has 14% for 2012, 28% for 2013 (a significant difference from 2012), 82% for 2014 (a significant difference from 2013), and 87% for 2015 (a significant difference from 2014). Transmit has 12% for 2013, 66% for 2014 (a significant difference from 2013), and 71% for 2015 (a significant difference from 2014). View, download, and transmit has 10% for 2013, 64% for 2014 (a significant difference from 2013), and 69% for 2015 (a significant difference from 2014).

SOURCE: ONC/American Hospital Association (AHA), AHA Annual Survey Information Technology Supplement: 2013 – 2015.
NOTES: *Significantly different from previous year (p < 0.05). Data regarding "Transmit" and "View, Download, and Transmit" were not collected in 2012.

Moving Forward

The digital health infrastructure and huge volume of electronic health information that now exists provide ever-increasing new opportunities to empower individuals, improve care delivery, modernize public health, and advance research and scientific discovery. To plan for this next era in health IT, the Office of the National Coordinator for Health Information Technology (ONC), in consultation with partners across the federal government, developed the Federal Health IT Strategic Plan 2015-2020 (Federal Health IT Strategic Plan), which outlines the commitments of agencies that use or influence the use of health IT to expedite the availability of high-quality, accurate, secure, and relevant electronic health information for stakeholders across the nation. ONC also initiated a complementary planning effort with public and private partners to set a clear path for seamless and secure data flow with A Shared Nationwide Interoperability Roadmap (Nationwide Interoperability Roadmap). These plans recognize the important shift from adoption and use of EHRs through the Medicare and Medicaid EHR Incentive Programs as the focus, to a focus on using health IT as a tool to our ultimate goal of supporting individuals and their health outcomes. Federal agencies will also apply a more comprehensive and integrated use of federal payment, procurement, and policy levers to make electronic health information easily accessible and usable across the care continuum.

While this report primarily focuses on the actions taken by HHS, there are many examples of progress throughout the federal government. For example, the Department of Defense's (DoD) new state-of-the-market EHR, MHS Genesis, is scheduled for its initial deployment in February 2017. MHS Genesis will utilize certified health IT and common, federally-recognized interoperability standards. Additionally, the Department of Veterans Affairs (VA) is enhancing Veterans Health Administration facilities' data and technology capabilities to ensure the availability of clinically actionable, patient-centric data. The VA and DoD have also enhanced interoperability though the Joint Legacy Viewer, which allows VA and DoD clinicians to view their patients' entire medical history from both systems. Additionally, the VA has begun health IT modernization efforts that focus on assisting clinicians in providing more comprehensive, patient-centered care using modern technological tools. These are just a few of the many examples of federal efforts beyond HHS to advance the seamless and secure flow of electronic health information across the country.

Private sector partners are also critical to achieving the shared vision outlined in the Federal Health IT Strategic Plan and Nationwide Interoperability Roadmap. This year HHS announced interoperability pledges from the broad communities most affected by electronic health information exchange. These stakeholders include companies that provide 90 percent of hospitals their EHRs, large health systems including the top five largest private health systems in the country–with facilities in 47 states–and more than two dozen professional associations and stakeholder groups.

Interoperability Commitments

1. Consumer Access: To help consumers easily and securely access their electronic health information, direct it to any desired location, learn how their information can be shared and used, and be assured that this information will be effectively and safely used to benefit their health and that of their community.
2. No Blocking/Ensuring Transparency: To help health care providers share individuals' health information for care with other providers and their patients whenever permitted by law, and not block electronic health information (defined as knowingly and unreasonably interfering with information sharing).
3. Standards: Implement federally recognized, national interoperability standards, policies, guidance, and practices for electronic health information, and adopt best practices including those related to privacy and security.

These plans and commitments reflect the coordinated approach underway to write the next chapter of the nation's health IT story.

Critical Actions to Advance Health IT Use and Information Flow

Public and private sector efforts should together drive toward a health system where electronic health information flows seamlessly through easy-to-use technology solutions that present actionable information when it is needed most. This section describes actions undertaken by HHS in 2016–building on work throughout the HITECH era–to achieve seamless and secure data flow by promoting common, federally-recognized standards, building the business case for interoperability, and changing the culture around access to information.

Promoting Common, Federally-Recognized Standards

Standards help individuals, health care entities, public health agencies, health IT products, and medical devices consistently and accurately find, send, receive, and integrate electronic health information. Use of common technical standards and specifications are necessary for electronic health information to move seamlessly and securely. Much of the content of clinical records – including laboratory test results, clinical measurements (e.g., blood pressure), test orders, medical problems, and drug names – is structured and suitable for standardization. Using data elements consistently and reliably allows for collecting information for individual health needs as well as for reuse of that information to drive decision support, quality measurement and reporting, population health management, public health, and research. Pilot testing and aligning standards activities with clinical care delivery and business needs can help accelerate their widespread adoption, allowing health IT to be more usable and efficient.

ONC has initiated key actions to accelerate the use of common standards, such as publishing the Interoperability Standards Advisory (ISA)–a single resource for those looking for federally recognized, national interoperability standards and guidance. The ISA provides the industry with a single list of the standards and implementation specifications that can fulfill specific clinical health information interoperability needs. It reflects the results of ongoing dialogue, debate, and consensus among industry stakeholders when more than one standard or implementation specification could be used. The ISA also documents known limitations, preconditions, dependencies, and security patterns among referenced standards and implementation specifications when they are used to fulfill specific clinical health IT interoperability needs.

The 2015 Edition final rule also advances the movement toward common standards and the criteria needed for their certified use in health IT products.15 It builds on past rulemakings to facilitate greater interoperability for several clinical health information purposes and enables health information exchange through new and enhanced certification criteria, standards, and implementation specifications. Another feature of the 2015 Edition final rule is its capacity to update the ONC Health IT Certification Program to make it more open and accessible to other types of health IT and settings beyond those eligible for the Medicare and Medicaid EHR Incentive Programs. These modifications support the use of the ONC Health IT Certification Program by a variety of HHS programs, as well as private entities and associations. These updates will improve access for health care providers across the care continuum to the technical standards that form an essential foundation for interoperability and help ensure that key information is consistently available to the right person, at the right place, and at the right time.

The 2015 Edition final rule has a strong focus on the interoperable exchange of data, including through the use APIs such as those built using Fast Healthcare Interoperability Resources (FHIR) (see text box) and new transparency and accountability provisions. The final rule also enhances the ONC Health IT Certification Program by including provisions for more rigorous testing of health IT exchange capabilities, establishing explicit requirements for in-the-field surveillance and transparency of health IT, and by making granular information about certified health IT publicly available through an open data certified health IT product list (CHPL).

Application Programming Interfaces (APIs): An API is a software application function that can be invoked or controlled through interactions with other software applications (apps). APIs are the means by which apps communicate and exchange information across systems.

Fast Healthcare Interoperability Resources (FHIR): Health Level Seven International (HL7) developed the FHIR standard for electronic exchange of health care information. FHIR API access seeks to provide seamless transmission of electronic health information from a health system to consumers or the app that the consumer chooses. FHIR is suitable for use in a wide variety of contexts – mobile phone apps, cloud communications, EHR-based data sharing, and server communication in large institutional health care provider organizations.

ONC also encourages community-driven, user-focused innovation to allow individuals and health care providers to access, easily and securely, electronic information and direct it to any desired location. Additionally, ONC promotes collaboration on these efforts through the Interoperability Proving Ground, a dynamic user-generated platform of health-related interoperability projects across the nation and around the world. For example, in March 2016, ONC launched a three-part strategy to connect and accelerate a FHIR-app ecosystem that will spur the development of market-ready, user-friendly software apps for consumers and health care providers. The strategy seeks to leverage the growing interest in an industry-wide approach to open, standardized APIs. The strategy has three goals:

1. Help consumers get and use their data;
2. Improve user-experience and utility for individuals and clinicians; and
3. Coordinate open information about EHR app solutions.

The strategy included two software app challenge contests that aim to catalyze the development and near-term availability of market-ready, platform-agnostic, software apps based on the openly available FHIR standard. The ONC Consumer Health Data Aggregator Challenge focused on improving individuals' ability to easily and electronically access their health information from different health care providers using a variety of different health IT systems. The ONC Provider User Experience Challenge focused on demonstrating how data made accessible to apps through APIs can enhance health care providers' experience with health IT by making clinical workflows more intuitive, specific to clinical specialty, and actionable. ONC announced winners for Phase I of these challenges–based on written plans and specifications–in July 2016, and expects to announce winners for Phase II–based on prototypes–by the end of 2016. ONC also awarded funding in June 2016 for the App Discovery Site, an open source tool to make it easier for developers to publish their FHIR-based apps and for users to discover and compare them.

Additionally, in May 2016, ONC announced the High Impact Pilots and Standards Exploration Awards – funding opportunity announcements to advance the use of interoperability standards, particularly in the categories of comprehensive medication management, laboratory data exchange, and care coordination. The Move Health Data Forward Challenge, which incents development teams to create an open API that enables consumers to authorize the movement of their health data to destinations they choose, launched in May 2016 as well. This challenge supports ONC's work on the identification and testing of standards for matching patients to their data across clinical and claims data sets, and the incorporation of algorithms that can be used to reliably perform patient matching in these contexts.

Standards are also critical to ONC's work with our federal partners to address critical issues that address a variety of communities across the care continuum. For example, ONC and the Substance Abuse and Mental Health Services Administration (SAMHSA) are currently engaged in work to establish standards to support streamlined data exchange between prescription drug monitoring programs (PDMPs) and health IT systems, which use different standards to communicate. This work will harmonize those standards, thus enabling the information contained within the state databases to flow directly into health care providers' health IT systems. Integrating PDMP data directly into the clinical workflow enables health care providers to easily review the data before prescribing or dispensing a prescription opioid.

ONC also works with partners to improve the coordination of health care and social services that support an individual's mental and physical health, independence and overall well-being. For example, ONC and CMS are collaborating on the electronic Long Term Services and Supports (eLTSS) Standards and Interoperability Framework Initiative, a public-private effort focused on identifying and testing standards to enable the creation, exchange and re-use of interoperable person-centered service plans for long term care.

Collectively, these efforts advance the shared nationwide effort to achieve an open, connected health system that enhances consumer access to their electronic health information; makes the health IT marketplace more transparent and data more accessible, including through public APIs; and reduces regulatory burden.

Protecting the Privacy and Security of Health Information

While the constantly evolving consumer health technology landscape is exciting, it also challenges federal efforts to facilitate market competition, protect consumer safety, and help safeguard information privacy and security.

With the ever increasing prevalence of sophisticated retail health technology such as exercise trackers, wearable health technologies, health social media, and mobile apps that help individuals monitor various body measurements, it is increasingly important for consumers to be aware of companies' privacy and security policies, including data sharing practices. In July 2016, ONC transmitted a required report to Congress, Examining Oversight of the Privacy & Security of Health Data Collected by Entities Not Regulated by Health Insurance Portability and Accountability Act of 1996 (HIPAA), to raise awareness and spur stakeholder engagement on these issues. The report, reflecting on the rapidly-changing mobile health environment, describes how the different entities that maintain and store identifiable health information are regulated with respect to maintaining privacy and security; identifies potential gaps in privacy and security protections for health information where HIPAA does not apply; and notes the need to fill those gaps to protect individuals and create a level and predictable privacy and security environment to foster innovation.

ONC is also taking action to reflect the changing landscape. In February 2016, ONC published a Federal Register Notice to solicit feedback on updating the voluntary Model Privacy Notice (MPN). The MPN, developed in 2011 by ONC in consultation with the Federal Trade Commission (FTC) and the HHS Office for Civil Rights (OCR), is a voluntary, openly available resource that allows developers to clearly convey information about privacy and security practices to their users. The MPN provides a standardized, easy-to-use framework for developers to follow. ONC plans to incorporate the public comments from the notice and input from FTC and OCR into an updated version of the MPN to make its guidance applicable to a broad range of consumer health technologies beyond personal health records.

Recognizing the importance for developers of mobile health apps to consider the legal implications early on in the design stage, ONC, the FTC, the Food and Drug Administration (FDA), and OCR collaborated to create a new web-based resource, the Mobile Health Apps Interactive Tool. This tool helps guide developers through a series of questions about the nature of their app, including its function, the information it collects, and the services it provides to its users. The tool then helps developers find information about applicable regulations.

Unfortunately, efforts to protect the security of electronic health information have not kept pace with rapid health IT innovation – particularly for smaller practices and organizations. A 2015 evaluation funded by ONC and the HHS Assistant Secretary for Preparedness and Response (ASPR) confirmed that insufficient numbers of small and medium-sized provider organizations participate in organizations through which they can receive actionable information about cyber threats or education about how to address known threats. To address these gaps, ONC and ASPR awarded seed funds for the development of an Information Sharing and Analysis Organization for the health and public health sector, with ONC focusing specifically on increasing the quantity of small to medium-sized provider organizations who participate in threat sharing. ONC and OCR also released the second version of their Security Risk Assessment Tool and updated guides. This free, open-source tool enables health care providers of all sizes to evaluate the security and cybersecurity risks of their own health care environments, so that they can identify areas for technical remediation, workforce education on security, or areas of resilience planning that need to be improved.

Building the Business Case for Interoperability

Beyond moving to technical standards that enable the flow of electronic health information, shifting payment models to those that pay for quality versus quantity of services is pivotal to building the business incentives that drive demand for interoperability. While the Medicare and Medicaid EHR Incentive Programs have often been a primary motivator for the adoption and use of certified EHR technology among specific groups of clinicians, these programs alone are insufficient to overcome barriers to seamless information flow. The traditional business environment does not adequately reward, and often inhibits, the exchange of electronic health information, even when exchange is technically feasible.16

Shifting to Value-based Care

Health IT plays a crucial role in supporting alternative payment models (APMs) that are person-centered and value-driven. Seamless interoperability will facilitate better monitoring of health outcomes, as well as efficient resource use and cost analyses, particularly for care provided across multiple systems and settings. Expanded use of health IT that combines beneficial decision supports and quality measures will help the nation to achieve continuous quality improvement. Health care providers that are increasingly accountable for patient outcomes and total cost of care will increasingly demand access to an individual's complete clinical record, laboratory results, and to broader health-related information, such as human services and other community-based information, required to effectively coordinate and manage the person's health. Improved interoperability will help physicians, nurses, other clinicians, and patients receive and communicate clinical care information to support comprehensive coordinated care delivery and meet the goals of APMs to improve the quality of care and lower costs.

In 2015, Congress passed the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), which emphasizes APMs and streamlines various CMS programs into a single framework to help most Medicare clinicians transition from payments based on volume to payments based on value. The Administration also set a goal to shift 30 percent of Medicare payments by 2016 and 50 percent by 2018 from fee-for-service to alternate payment models. Since CMS is the largest purchaser of health care in the United States, and its programs cover over 125 million beneficiaries, these steps will have a major impact.

In 2016, HHS announced a final rule to implement key provisions of MACRA in a new program called the Quality Payment Program. The Quality Payment Program advances Medicare's value-based transformation for hundreds of thousands of physicians and other eligible clinicians by tying these payments quality patient care. The Quality Payment Program has two paths, the Merit-Based Incentive Payment System (MIPS) and the Advanced APMs path. The final rule with comment advances information exchange in a number of ways, including by requiring use of certified EHR technology and by aligning to the 2015 Edition final rule certification criteria, which emphasizes interoperability, information exchange, security measures, and patients' ability to access their health information through use of APIs. In addition, the rule requires that APMs use certified EHR technology, among other criteria, in order for the model to be an Advanced APM.

Merit-Based Incentive Payment System (MIPS): A new Congressionally-mandated program for Medicare eligible clinicians that combines parts of the Physician Quality Reporting System (PQRS), the Value Modifier (VM or Value-based Payment Modifier), and the Medicare and Medicaid EHR Incentive Programs (also known as "meaningful use") into a single program in which eligible professionals (EPs) will be measured on: quality, resource use, clinical practice improvement, and use of certified EHR technology.

Alternative Payment Models (APM)*: Health care payment methods that use financial incentives to promote or leverage greater value – including higher quality care at lower costs – for patients, purchasers, payers and providers.

* Definition from Health Care Payment Learning and Action Network.

The federal government has also supported the shift to value-based care by collaborating with states to advance Medicaid and other state-based delivery system reform efforts. Medicaid reforms include Section 1115 Demonstration Evaluations that have created delivery system reform incentive payment (DSRIP) programs. The State Innovation Models (SIM) Initiative is providing financial and technical support to states for the development and testing of state-led, multi-payer health care payment and service delivery models that will improve health system performance, increase quality of care, and decrease costs for Medicare, Medicaid, and Children's Health Insurance Program (CHIP) beneficiaries–and for all residents of participating states. SIM has advanced interoperability specifically through the creation of new models of payment and care delivery that both require and reward the use of interoperable health IT. This initiative has also supported the creation of state-level health IT infrastructure that advances the ability of health care providers to succeed in value-based care arrangements.

ONC and the Center for Medicaid and CHIP Services are also working closely together to ensure that state Medicaid agencies have a unified approach to health IT across all their programs and data systems. This means that all relevant Medicaid planning activities have shared and aligned strategies for health IT systems and their governance. This includes State Medicaid Health IT Plans, State Innovation Model Plans, Medicaid State Plan Amendments, Medicaid Demonstrations/Waivers, and other relevant work. For example, CMS is collaborating with ONC to review all Section 1115 Demonstration Evaluations and Health Home State Plan Amendments (SPA) submissions for how they address health IT use, health information exchange and interoperability considerations required to sustain programmatic objectives. This coordinated approach also includes advancing adoption and use of interoperable health IT among all Medicaid providers (including long-term care and behavioral health) and Medicaid managed care organizations through standards, participation requirements and/or incentives. Finally, Medicaid program design will reinforce the requirement for electronic health information collection for performance feedback, quality improvement, and ideally for the basis of payment through the deployment of health IT toolkits and guidelines that are program/authority specific.

Additionally, the Transformed Medicaid Statistical Information System (T-MSIS) project, which began receiving data in January of 2016, for the first time aligns Medicaid enrollment, utilization, and quality data within a state and from different states in a single database with a published data dictionary. Historically, by contrast, quality data from state Medicaid agencies had been collected inconsistently and through multiple channels on varied timetables. All states are scheduled to contribute data to T-MSIS by the end of 2016, resulting with the largest, most comprehensive Medicaid data set available. This data is crucial to delivery system reform in terms of tracking outcomes, cost, utilization, benchmarking, risk-adjustment, and attribution for quality based payment initiatives. This single source will align previously fragmented reporting requirements to help provide foundational support for current and future delivery system reform activities.

Supporting Health Care Providers Using Health IT

Technical Assistance

Many health care providers still face challenges accessing and viewing individuals' electronic health information for a variety of reasons, including confusion about privacy and security considerations, cumbersome enrollment processes, or complex contracts with technology vendors. To help address challenges physicians and other clinicians experience with shifting from fee-for-service models to the emerging payment systems that reward more coordinated, more value-oriented care, CMS, with program support from ONC, committed to a $650 million-plus investment supporting 140,000 physicians for the Transforming Clinical Practice Initiative (TCPI). This initiative is designed to help clinician practices through nationwide, collaborative and peer-based learning networks that facilitate large-scale practice transformation and promote clinician practices in sharing, adapting and further developing comprehensive quality improvement strategies. Additionally, HHS and private, public, and non-profit partners launched the Health Care Payment Learning and Action Network to discuss, track, and share best practices on how to transition towards alternative payment models that emphasize value.

In 2016, CMS also released requests for proposals for $20 million of funding each year over the next five years for organizations to provide MACRA implementation technical assistance. This assistance will help eligible clinicians, particularly those in rural or underserved areas, to more easily transition to MIPS or APMs.

Community health centers play a similarly vital role in caring for vulnerable or underserved populations. In 2016, HHS announced more than $36 million in health IT funding that will impact over 1,020 participating health center organizations in all 50 States and Puerto Rico. Specifically, the funds will help health centers adopt and implement certified health IT; enhance comprehensive, integrated data collection, analysis, and reporting; meet the requirements of the Medicare and Medicaid EHR Incentive Programs; and improve clinical and operational quality, reduce health disparities, and improve population health through health IT.

Additionally, in September 2016, the Health Resources and Services Administration (HRSA) awarded more than $87 million in funding for 1,310 health centers in every U.S. state, the District of Columbia, Puerto Rico, the Virgin Islands and the Pacific Basin, to support health IT enhancements to accelerate health centers' transition to value-based models of care, improve efforts to share and use information to support better decisions, and increase engagement in delivery system transformation.

Guidance and Resources

Selecting, negotiating the purchase of, and maximizing the utility of an EHR can be a challenging undertaking for health care providers. ONC released a guide, EHR Contracts Untangled: Selecting Wisely, Negotiating Terms, and Understanding the Fine Print, to provide health care professionals with helpful tips and information about key parts of the process of negotiating and acquiring an EHR or entering into a contract related to health IT. This guide contains examples of certain contract terms as well as a description of issues that will help inform purchasers of these technologies, including small and rural health care providers. Along the same lines of assisting those acquiring EHR systems, ONC also transmitted a report to Congress on the feasibility of mechanisms to assist health care providers in comparing and selecting certified health IT. This required report is part of MACRA's goal of aiding health care providers in widespread use of health IT and electronic health information.

In 2016, ONC also released the Health IT Playbook, a web-based resource that provides practical technical and workflow assistance that health care providers and practices can use when implementing and optimizing health IT. Included within the broader Health IT Playbook is a Patient Engagement Playbook, an online tool to help clinicians better engage with their patients using health IT. ONC will review and update both the Health IT Playbook and the Patient Engagement Playbook on a regular basis in order to develop new content that addresses the struggles in the field and celebrates the success stories to scale up and replicate new and innovative strategies.

Beyond the Medicare and Medicaid EHR Incentive Programs: Supporting Health Care Providers and Vulnerable Communities

Unsurprisingly, health IT adoption and use among health care providers that were not eligible for the Medicare and Medicaid EHR Incentive Programs lag behind those providers that were eligible for the programs. Only eligible facilities (i.e., hospitals and Critical Access Hospitals) and eligible professionals (i.e., physicians and dentists, as well as some nurse practitioners, certified nurse midwives, physician assistants in Federally Qualified Health Centers [FQHCs], optometrists, and chiropractors) are eligible for incentive payments. Yet ineligible providers, including behavioral health, emergency medical services (EMS), long-term and post-acute care providers, and home and community-based service providers play integral roles in the care continuum that necessitate collaboration and sharing of information within the greater health community. Often, individuals who receive services and care from these health care providers are among the most vulnerable, and the information available from these providers can have significant impacts on individuals' health and their care decisions made with others in the health enterprise. As such, HHS has sought to leverage other opportunities to provide assistance in supporting further adoption and use of health IT.

To help these groups, the Advance Interoperable HIE Program** and the Community Interoperability and HIE Program support the provision of technical assistance to target populations that include EMS, school nurses, long-term and post-acute care facilities, behavioral health settings, and public health immunization registries. ONC also awarded a grant to work with fifteen communities to address population health challenges through the improved use of data sharing among health care providers and centers from non- traditional settings. Additionally, through the Workforce Training Program, ONC is training 6,000 incumbent health care workers on value-based care, care coordination, and population health.

In addition, CMS and the Agency for Healthcare Research and Quality (AHRQ) have closely collaborated to identify pediatric functionalities currently not found in most EHR software products. The Children's EHR Format (the Format) is important for the care of children because it identifies improvements in health IT to better support the safety and quality of care delivered to children. Required by the Children's Health Insurance Program Reauthorization Act of 2009 (CHIPRA), the Format was developed to improve the design of health IT to inform parents, caregivers, and other consumers about compliance with health care requirements associated with school or leisure activities as well as the extent to which the care children receive is clinically appropriate and of high quality. The Format also addresses and supports federal and state privacy and security requirements and standards developed for EHRs.

Medicaid Funding to Advance the Flow of Electronic Health Information

The Medicaid program – critical to providing care for so many communities – is leveraging its funds to make critical and innovative advances in health IT and interoperability. The administrative funds directed to support Medicaid providers in the EHR Incentive Program have been instrumental in building health information exchange infrastructure and adding capacity to such exchanges. In 2016, CMS, with support from ONC, issued a letter to State Medicaid Directors providing guidance on how administrative matching funds at the 90 percent rate could be used for state activities to promote electronic health information exchange and encourage the adoption of certified EHR technology by Medicaid providers who were not eligible for the Medicare and Medicaid EHR Incentive Programs. This new policy guidance will help close some of the disparities for those serving some of the most vulnerable Medicaid beneficiaries, but who have not benefited from the Medicare and Medicaid EHR Incentive Programs or seen high rates of EHR adoption, like long-term care, behavioral health, substance use disorders, home and community-based service and other health care provider types.

In all, CMS, with support from the states, has invested approximately $425 million in state Medicaid systems in this area since the beginning of the program, with $350 million directed specifically towards health information exchange. Such activities have included:

The funds also support many state Medicaid agencies and their partners in providing hands-on support to Medicaid providers in adopting EHRs or on-boarding them to health information exchanges, as well as building specialty registries. States Medicaid agencies can leverage support from the Medicaid EHR Incentive Program to develop and use health IT that can address Zika prevention and treatment, such as the use of specialized registries, direct electronic notification to health care providers from testing laboratories, and care coordination functionalities. In addition to longitudinal pregnancy tracking for Zika, registries that states have begun to build using this funding focus on high priority areas includes: lead exposure; advanced directives; homelessness; Hepatitis C; prescription drug monitoring programs for opioid management; and obstetrics/prenatal management and follow-up.

Medicaid, with support from the states, also invests approximately $5 billion per year on technology supporting Medicaid recipients and those systems process $500 billion per year in claims. Accordingly, shifts in how these funds are spent can be a significant lever in advancing interoperability and other health IT and data-related delivery system reform objective. In December 2015, CMS issued a final rule, Mechanized Claims Processing and Information Retrieval Systems (90/10), that added to and updated current Medicaid Management Information Systems (MMIS) conditions and standards. These changes will allow states to improve customer service and support the dynamic nature of Medicaid eligibility, enrollment, and delivery systems. Within this rule was language directing the Medicaid Enterprise towards a modular architecture to encourage innovation by allowing states to modernize procurement processes, allowing for new technology to support Medicaid patients with special emphasis on deliver system reform.

Changing the Culture Around Access to Information

Despite progress on standards and economic incentives, many health IT developers, health care providers and hospitals still choose not to share electronic health information for a variety of reasons, including concerns around complying with HIPAA, competing technology priorities, or a belief that the interoperable flow of health information may jeopardize competitive advantages gained from maintaining exclusive access to patients' electronic health information. As a result, to achieve the seamless and secure flow of electronic health information, public and private sector efforts must foster culture change around access to information–including combating information blocking–in addition to addressing technical and economic factors.

Supporting the Rights of Individuals to Access and Direct their Data

Health IT can help empower individuals, their families, and other caregivers to learn and communicate easily about their health, engage in shared decision-making with their health care providers; and manage their health in convenient and meaningful ways, resulting in better individual outcomes. But individuals often do not have easy access to their electronic health information, as it their right under HIPAA. To obtain paper copies of their health information, organizational policies often demand that individuals go to a medical records department in person, sign forms, pay significant fees, and wait 30 to 60 days to receive it. This occurs despite the fact that under HIPAA, individuals have a nearly absolute right to a copy of their own health records, at costs that are limited by federal regulation. The HITECH Act also requires that in interpreting this right, an individual shall be able to transmit an electronic copy of their health information directly from an EHR to the third party of the individual's choosing. Furthermore, health care providers often tell ONC and OCR that HIPAA makes it difficult to share electronic health information. While erroneous, this misconception about HIPAA is widespread and unfortunate in that it places a needless burden on individuals.

To counter these misconceptions, ONC and OCR have sought to clarify and amplify the fact that HIPAA not only protects personal health information from misuse, but also permits health care providers to access, use, or disclose electronically, when and where it is needed for patient care and in response to patient requests. In 2016, ONC and OCR released a set of guidance documents, fact sheets, and videos on individuals' fundamental right under HIPAA to access their health information. The guidance and education materials make clear that:

The access guidance and video series are designed to help individuals (and health care providers) understand the HIPAA right to request access to see and get copies of one's health information, which may include information about fees or sending information to a third party of one's choice, like a family member or app. These efforts have already yielded some results, as many individuals are increasingly taking advantage of their right of access. The majority of individuals report accessing all types of medical information is important.17 Armed with the knowledge of their HIPAA-protected right to access their electronic health information, individuals will feel more empowered to exercise this important right. When individuals get, review, use and share copies of their health information, they are better able to monitor chronic conditions, make sure that their health information is accurate, and share their information with others ensuring that their health information is available at the right place and at the right time.

Patient Access Rights Under HIPPA

Expose and Discourage Health Information Blocking

Information blocking occurs when persons or entities knowingly and unreasonably interfere with the exchange or use of electronic health information. As ONC's April 2015 Report to Congress on Health Information Blocking illustrated, information blocking is occurring and may become even more prevalent as electronic health information sharing increases. Some market participants consider the trend towards greater data liquidity as contrary to their individual business interests and will seek to retain control over electronic health information in ways that limit its exchange and use. Unless appropriate action is taken, these practices will continue to undermine efforts to advance the use of information and technology.

Together with federal partners, ONC is aggressively pursuing all available administrative avenues to help target and address information blocking. For example, ONC has established certification requirements that enhance the surveillance of certified health IT products and create more transparency regarding costs and limitations that could interfere with the ability to share information. And, as discussed above, ONC and OCR have released a series of resources that address concerns and misconceptions among health care providers, vendors, and others that inhibit the flow of electronic health information that is critical to achieving widespread interoperability. ONC is also coordinating activities within HHS and across the federal government to advance incentives for interoperability, provide education, and enhance oversight of information blocking where possible. As noted above, ONC recently released a guide, EHR Contracts Untangled: Selecting Wisely, Negotiating Terms, and Understanding the Fine Print. This guide can help health care providers negotiate terms with their health IT developers. It can also help set expectations regarding the availability and use of data in EHRs, which can help facilitate interoperability and integration.

CMS has taken steps to support these efforts and to discourage information blocking. Notably, in the Quality Payment Program final rule published in October 2016, CMS establishes a requirement for eligible professionals, eligible hospitals and critical access hospitals (CAHs) in the Medicare and Medicaid EHR Incentive Programs, as well as eligible clinicians participating in MIPS to attest‡‡ to a three part statement related to supporting information exchange and the prevention of information blocking. Under this policy, health care providers demonstrating meaningful use would attest:

(i) connected in accordance with applicable law and standards for health information exchange;(ii) implemented to allow patients timely access to their electronic health information; and(iii) implemented to allow timely, secure, and trusted bi-directional exchange of structured electronic health information with other health care providers (including unaffiliated providers and disparate certified EHR technology and vendors).

While these efforts are important, addressing information blocking will require overcoming significant gaps in current knowledge, programs, and authorities that limit the ability of ONC and other federal agencies to effectively target, deter, and remedy this conduct. ONC continues to explore additional avenues for eliminating information blocking. ONC's FY 2017 Budget included a legislative proposal to explicitly prohibit information blocking and to provide the HHS Office of the Inspector General with additional authorities to investigate this behavior and impose penalties for it. The Budget included a legislative proposal to allow ONC to address the lack of transparency in health IT products and services, which stakeholders ranging from industry associations to Congress have identified as a serious problem impairing the efficient functioning of health IT markets.

Promoting Transparency and Competition

The lack of reliable, up-front information about the costs, limitations, and performance of competing health IT products and services–including those related to interoperability and electronic health information exchange–can also be a barrier to the flow of health information. This lack of transparency makes it difficult for health care providers to effectively compare and select appropriate health IT products and services, including capabilities that are essential for success under new care delivery and payment models. At the same time, health care providers who make the "wrong" decision may find themselves "locked in" to a particular health IT platform or system due to the potentially prohibitive financial, organizational, and other costs of switching.†† The lack of reliable information about health IT products and the high costs of switching imposed on health care providers can diminish incentives for developers to respond to the needs of providers, improve their products and services, or innovate new and more advanced technologies and capabilities.

These problems are exacerbated by the practices of some health IT developers that prohibit the sharing of information about their products–including screenshots and other information relevant to the safety and performance of health IT. These practices may include the use of unreasonably broad non-disclosure provisions in software licensing agreements, which may require health care providers to discipline their employees for disclosing information or opinions about the safety, reliability, and performance of the developer's health IT. These practices often prevent clinicians, researchers, IT staff, and others with first-hand knowledge of health IT products and services from discussing or reporting problems or their experiences with these technologies.

In the 2015 Edition final rule, ONC established additional program requirements for the ONC Health IT Certification Program that will make more information available about certified health IT products and capabilities. Developers must now disclose any known material limitations and types of costs associated with the certified capabilities of their health IT products, and ONC-Authorized Certification Bodies (ONC-ACB) must engage in more extensive and more rigorous "in the field" surveillance of certified health IT capabilities to ensure that they are functioning in an acceptable manner in production environments. ONC-ACBs must also report corrective action plans when surveillance reveals that certified health IT is not performing as required. This information is regularly published on ONC's upgraded CHPL and a new website,, which aggregates key product disclosure and transparency information in one place to make it easier for purchasers and users to access and compare this information.

Notwithstanding these efforts to promote greater transparency and accountability in the health IT marketplace, there are significant limits to the types of information that ONC can require developers to disclose. As outlined below, additional transparency requirements would greatly enhance the ability of health care providers and other customers to access and easily compare more detailed information about specific costs, capabilities, limitations, and other performance characteristics of certified health IT, including capabilities for interoperable health information exchange. This would help health care providers make more informed purchasing decisions, and could create stronger market competition for health IT developers to solve technical challenges and rapidly improve the interoperability, usability, and other aspects of their technologies.

ONC's FY 2017 Budget includes a legislative proposal that would comprehensively address the need for greater transparency and accountability in the health IT marketplace. The proposal would provide clear authority for ONC to obtain and publish information about certified health IT products and services in a format that would enable persons who purchase or license such technology to meaningfully compare and assess products and services. It would also address contractual restrictions and other business practices that are preventing customers from discussing and sharing their experiences and information about the costs, capabilities, limitations, and other performance characteristics of certified health IT, including the sharing of screenshots for purposes reasonably related to improving consumer awareness and access to information or promoting patient safety and other research.

Enhancing the Safety, Reliability and Accountability of Certified Health IT

There is clear and emerging evidence that the broad scale implementation and use of health IT has augmented the general safety of health care.18, 19 Safety and accountability are key priorities for federal health IT efforts, as reflected in the 2015 Edition final rule, Federal Health IT Strategic Plan, Nationwide Interoperability Roadmap, and Health IT Safety Center Roadmap.

In 2016, ONC published final rule on Enhanced Oversight and Accountability of the Health IT Certification Program to further enhance the safety, reliability, transparency, and accountability of certified health IT for users. The final rule will enable the ONC Health IT Certification Program to better support physicians and hospitals - the vast majority of whom use EHRs - and the rapid pace of innovation in the health IT market. The final rule focuses on three key areas:

ONC has also created a series of guides to help with the safe use of health IT called SAFER guides, which identify recommended practices to optimize the safety and safe use of EHRs. The SAFER Guides consist of nine guides organized into three broad groups: Foundational Guides, Infrastructure Guides, and Clinical Process Guides. These guides allow health care organizations to self-assess and address multiple potential EHR safety issues.

Additionally, ONC published two external reports: Report of the Evidence on Health IT Safety and Interventions and Goals and Priorities for Health Care Organizations to Improve Safety Using Health IT. These reports highlight two key elements of health IT safety that inform ONC's work:

To keep federal health IT safety efforts on pace with the rapidly maturing health IT landscape, ONC's FY 2017 Budget included a legislative proposal to provide ONC authority to use contracts, grants, or cooperative agreements to establish a health IT safety collaborative and provide adequate confidentiality protections. The Health IT Safety Collaborative, which would be funded by federal seed money and subsequently maintained by the private sector, would identify the most pressing safety concerns, identify best practices to mitigate them, and broadly disseminate those findings to the health IT stakeholder communities. This public-private partnership–similar to approaches in other industries, such as aviation–would provide a confidential space for developers and health care providers to address concerns and cultivate new educational resources and training materials to build health IT safety competencies. By coordinating and aligning patient safety activities between federal and private actors, the Health IT Safety Collaborative would ensure that approaches to health IT safety are evidence-based, targeted, and properly implemented and evaluated.

Enabling Individual Health Data Access and Donation to Advance Research

The ability of individuals to access their health information and redirect it to a third party is essential for advancing scientific knowledge and discovery. For example, precision medicine is an emerging approach for disease treatment and prevention that takes into account individual variability in genes and microbiomes, environment, and lifestyle. This enormous array of data will require new thinking and pathways for storing, accessing, and analyzing the information only made possible by advances in interoperability. HHS, VA, and DoD are working on the Administration's Precision Medicine Initiative to pioneer a new model of patient-powered research that promises to accelerate biomedical discoveries and provide clinicians with new tools, knowledge, and therapies to tailor treatments for patients.

Success will require that electronic health information is portable and actively exchanged among health care providers, researchers, and individuals so that health care providers can tailor treatment and prevention strategies to an individual's unique characteristics, including their genome sequence, microbiome composition, health history, lifestyle, and diet. To achieve these outcomes, researchers will need to incorporate many different types of data about the patient collected by health care providers and the patients themselves. One such effort is the Sync for Science™ pilot. The National Institutes of Health (NIH), ONC, and the Harvard Medical School Department of Biomedical Informatics initiated this pilot to allow individuals to access their health data and send it to researchers in support of the goals of precision medicine. Six of the nation's largest EHR developers have committed to participate. The functionality developed through the pilot will allow individuals to connect an app to their electronic health data, enabling individual data donation for research and leveraging patients' access rights under HIPAA. The initial core data set will include medications, problem lists, and demographics as defined in the Common Clinical Data Set.


The President's FY 2017 Budget included four legislative proposals for ONC, which aim to further the advancement of nationwide interoperability, reliability, and transparency of health IT. ONC requested additional authorities to combat information blocking, enhance transparency, establish rules of the road for the electronic exchange of health information, and establish a Health IT Safety Collaborative.

ONC also uses its convening authority to engage with a diverse group of private, non-profit, and public sector stakeholders to identify health IT policy issues and forge consensus-based solutions. The National Coordinator chairs the Federal Health IT Coordinating Council, an internal federal forum to discuss program alignments for existing and emerging health and health IT matters, to prioritize objectives and define implementation accountabilities within the Federal Health IT Strategic Plan, and to coordinate federal health IT policy decisions.

ONC also supports two Federal Advisory Committees called the Health IT Policy Committee (HITPC) and the Health IT Standards Committee (HITSC). Per statute, the HITPC makes recommendations to the National Coordinator on policy for the development and adoption of a nationwide health information infrastructure. ONC solicits recommendations from the HITPC to inform policy decisions and guide the development of pilots, studies, and other programs used to inform future stages of policy development. The HITSC is charged with making recommendations to the National Coordinator on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information. The HITSC makes such recommendations that can support federal health IT policies and are responsive to the needs of the health IT community and marketplace.

Both advisory committees have formed several workgroups and task forces as sub-committees. These workgroups meet periodically to discuss their topics, present their findings at HITPC and HITSC meetings, and make recommendations for deliberation by the full advisory committees. Over the past year, the FACAs have provided recommendations to the National Coordinator on the Precision Medicine Initiative, helped inform the next iteration of ONC's Interoperability Standards Advisory, recommended priority steps needed to improve the interoperability experience, and helped improve consumer engagement by informing development of the ONC's Patient Engagement Playbook. The advisory committees also identified opportunities for improvement on the Blue Button Connector website and provided input on the MACRA proposed rule. A full list of recommendations can be found on


In no small part due to the efforts outlined above, the nation's health IT landscape has experienced extraordinary changes since the passage of the HITECH Act in 2009. Today, most hospitals and physicians report use of certified health IT. The health care system is seeing unprecedented levels of electronic health information exchange. And patients, clinicians, hospitals, communities, scientists, and researchers have experienced tangible benefits, such as reduced drug-drug or drug-allergy errors and more efficient and coordinated care. But despite this widespread progress in modernizing the U.S. health IT infrastructure, there is more work to do to achieve truly seamless and secure flow of electronic health information for all clinicians, hospitals, communities, and individuals. HHS will continue efforts to promote the use of common, federally recognized, national standards, facilitate culture change around access to information – including combating information blocking, and build the business case for interoperability. These efforts will help to advance national priorities, such as delivery system reform, the Precision Medicine Initiative, the Cancer Moonshot, combating opioid misuse and dependence, and enhancing public health. In the years to come, HHS will continue to work with federal partners, the private sector, and Congress to make electronic health information accessible when and where it matters most, in order to bolster care delivery and coordination, improve the health of individuals and communities, reduce disparities, fuel research and innovation, and spur advancements in scientific discovery.

Appendix: Health IT Progress Update

The measures included in the table below highlight health IT progress across core domains since the passage of the HITECT Act, including EHR adoption by type of providers, interoperability of the electronic health information among providers, and patients’ access to their health information. Many of the measures are also used to monitor health IT progress in the HHS Annual Performance Plan and Report, the Nationwide Interoperability Roadmap, and to fulfill Section 106(b)(1)(C) of MACRA. These measures can also be found in the FY 2017-2018 ONC Budget Submission. An asterisks (*) in the Most Recent column indicates that there is no statistically significant difference between the estimate and the baseline year.


1 Office of the National Coordinator for Health Information Technology (September 2015). Office-based Physician Electronic Health Record Adoption: 2004-2014. Health IT Quick-Stat 50. Accessed July 2016:

2 Henry, J., Pylypchuk, Y., Searcy, T. & Patel, V. (May 2016). Adoption of Electronic Health Record Systems among U.S. Non-Federal Acute Care Hospitals: 2008-2015. ONC Data Brief 35. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed August 2016:

3 Jamoom, E. & Yang, N. (July 2016). Table of Electronic Health Record Adoption and Use among Office-based Physicians in the U.S., by State: 2015 National Electronic Health Records Survey. Accessed July 2016:

4 Kirkendall, E., Kouril, M., Dexheimer, J., et al. (August 2016). Automated identification of antibiotic overdoses and adverse drug events via analysis of prescribing alerts and medication administration records. Journal of the American Medical Informatics Association. Accessed August 2016:

5 Bright, TJ., Wong, A., Dhurjati, R., Bristow, E., Bastian, L., Coeytaux, RR., et al. (July 2012). Effect of Clinical Decision-Support Systems: A Systematic Review. Annuals of Internal Medicine. 2012;157:29-43. Accessed August 2016:

6 Office of the National Coordinator for Health Information Technology (February 2014). Effects of Meaningful Use Functionalities on Health Care Quality, Safety and Efficiency, By Author Sentiment (% of Studies). Health IT Quick-Stat 13. Accessed August 2016:

7 Patel, V., Henry, J., Pylypchuk, Y. & Searcy, T. (May 2016). Interoperability among U.S. Non-federal Acute Care Hospitals in 2015. ONC Data Brief 36. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed August 2016:

8 Centers for Medicare & Medicaid Services (February 2015). E-Prescribing. Accessed August 2016:

9 Centers for Medicare & Medicaid Services. Electronic Prescribing. Accessed August 2016:

10 Surescripts (2016). 2015 National Progress Report. Accessed August 2016:

11 Surescripts (2015). 2014 National Progress Report. Accessed August 2016:

12 Office of the National Coordinator for Health Information Technology (July 2016). Electronic Prescribing of Controlled Substances (EPCS). Accessed August 2016:

13 National Partnership for Women & Families (December 2014). New Survey: Patients Increasingly Value Electronic Health Records, Eager for More Access and Features. Accessed August 2016:

14 Henry, J., Pylypchuk, Y., Searcy, T. & Patel, V. (September 2016). Electronic Capabilities for Patients among U.S. Non-Federal Acute Care Hospitals: 2012-2015. ONC Data Brief 38. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed August 2016:

15 Department of Health and Human Services (October 2015). 2015 Edition Health Information Technology (Health IT) Certification Criteria, 2015 Edition Base Electronic Health Record (EHR) Definition, and ONC Health IT Certification Program Modifications. 45 CFR part 170. Federal Register.

16 Adler-Milstein, J. & Pfiefer, E. Information Blocking: Is it occurring and what policy strategies can address it. The Milbank Quarterly. [Forthcoming March 2017]

17 The Henry J. Kaiser Family Foundation. Kaiser Health Tracking Poll: August 2016. Accessed September 2016:

18 Helwig, A. & Lomotan, E. (February 2016). Can Electronic Health Records Prevent Harm to Patients? Agency for Healthcare Research and Quality. Accessed August 2016:

19 Institute of Medicine (November 2011). Health IT and Patient Safety: Building Safer Systems for Better Care. Accessed August 2016:

20 Office of the National Coordinator for Health Information Technology (January 2012). Update on the Adoption of Health IT and Related Efforts to Facilitate the Electronic Use and Exchange of Health Information. Accessed July 2016:

21 ONC Analysis of the National Center for Health Statistics' 2015 National Electronic Health Record Survey.

22 Heisey-Grove, D. & Patel, V. (September 2015). Any, Certified, or Basic: Quantifying Physician EHR Adoption. ONC Data Brief 28. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed July 2016:

23 Heisey-Grove, D., Patel, V. & Searcy, T. (September 2015). Physician electronic exchange of patient health information, 2014. ONC Data Brief 31. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed August 2016:

24 Swain, M., Charles, D., Patel, V. & Searcy, T. (April 2015). Health Information Exchange among U.S. Non-federal Acute Care Hospitals: 2008-2014. ONC Data Brief 24. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed July 2016:

25 ONC Analysis of the American Hospital Association (AHA) Information Technology (IT) Supplement 2015 survey.

26 Patel V., Pylypchuk Y., Henry J. & Searcy T. (July 2016) Variation in Interoperability among U.S. Non-federal Acute Care Hospitals in 2015. ONC Data Brief 37. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed August 2016:

27 Charles, D., Gabriel, M., & Henry, J. (October 2015). Electronic Capabilities for Patients among U.S. Non-Federal Acute Care Hospitals: 2008-2014. ONC Data Brief 29. Office of the National Coordinator for Health Information Technology: Washington DC. Accessed July 2016: