Do data security measures, privacy regulations, and communication standards impact the interoperability of patient health information? A cross-country investigation

• Published in: International journal of medical informatics (Shannon, Ireland) Vol. 148; p. 104401
• Main Authors: Shrivastava, Utkarsh, Song, Jiahe, Han, Bernard T., Dietzman, Doug
• Format: Journal Article
• Language: English
• Published: Ireland Elsevier B.V 01.04.2021
• Subjects: Communication standards; Data security; Electronic medical record; Interoperability; Privacy regulations; Quasi-experiment; Quasi-experiment; Data security; Privacy regulations; Interoperability; Communication standards; Electronic medical record
• ISSN: 1386-5056; 1872-8243
• DOI: 10.1016/j.ijmedinf.2021.104401

•Data security measures do not hinder the interoperability of patient health information within the hospitals.•Harmonizing privacy regulations is crucial to improving interoperability.•Investment in IT and the use of a homogenous EMR system are also critical to improving interoperability.•Ambiguous guidelines in the communication standards could negatively impact semantic interoperability. The lack of interoperability is one of the biggest obstacles to the complete digitalization of patient health information in electronic medical records (EMR). The high volume of data breaches has put pressure on care providers to adopt data protection measures to remain compliant with legal requirements. Extreme data protection measures can impede information flow, but they also instill confidence in secure information sharing. This study investigates how the adoption of security measures, privacy regulations, and communication standards has impacted patient health information interoperability at technical (TI), semantic (SI), and organizational (OI) levels within the hospitals. The study utilizes a quasi-experimental research design to probe the relationships of interest. Secondary data from a survey of randomly selected 773 hospitals conducted by the European Commission in over 30 countries in Europe is used to understand the relationships. The study counters selection bias and accounts for systematic differences in adopting treatments of interest in the hospitals using the propensity score-based approaches for the observational data. The empirical models that account for selection bias explain more observational data variations than those that did not. Access control measures on workstations are linked to 44 % lesser odds of experiencing TI problems. However, hospitals with regional and organizational level privacy regulations have 85 % and 76 % higher odds of experiencing SI and OI problems, respectively. On the other hand, hospitals with a single hospital-wide EMR are 53 % and 43 % less likely to experience TI and SI problems, respectively, in comparison to those with multiple EMR systems. The study highlights the differential impacts of data protection measures on the hospitals' three key types of interoperability problems (i.e., TI, SI, and OI). Homogenous EMR systems type and substantial investment in technology are critical to supporting health information interoperability within the hospitals. The study findings inform policy considerations for improving specific aspects of health information's interoperability while preserving patient data privacy and security.