HealthVault as a Personal HIE

Yesterday my colleague Dr. Bill Crounse wrote a great blog post about how --- perhaps --- we could accelerate progress in health data sharing by “starting over” with a patient-centric approach. This post won’t make much sense without reading that one first, so go ahead and do that now.

Dum dee dum, waiting… ok.

Bill’s story has received a number of reactions and comments, but one in particular from Doug Dietzman deserves attention, because it highlights a common but critical misunderstanding --- one that makes all the difference to why a personal, patient-controlled “HIE” is so much more likely to succeed in the long term.

Before I go any further, I should say that I’m actually a supporter of “B2B” health information exchange too. HIE organizations are doing important work, especially making technology and services available to “white space” providers and to patients themselves. As I often say, I am thankful for anybody and everybody that is truly trying to help.

The full text of Doug’s comment is at the bottom of Bill’s blog, but in short, he challenges how a personal HIE like HealthVault can support the business transactions of healthcare --- such as getting lab results back to the ordering physician, or alerting stakeholders when new information is available.

These things are *exactly* what HealthVault is built to do.

I wrote about this in detail about a year ago in the context of patient matching and identification. What you have to understand is that HealthVault is not just some database in the sky. It’s a neutral, universally accessible “hub” through which information can flow automatically based on patient consent.

Here’s just one example of this kind of workflow:

  1. Sean uses his family doctor’s patient portal to link his HealthVault record to the practice.
  2. Sean visits a specialist and requests a copy of his visit summary be sent to his HealthVault Direct address.
  3. The CCDA attached to that message is incorporated automatically into Sean’s HealthVault record.
  4. The family doctor’s patient portal receives a notification via HealthVault’s “eventing” interface that new information for Sean is available. It pulls that down into the EHR inbox and next morning, the family doctor sees the information and is up to speed on the case.

Note that in this model, at least three historical “HIE” problems go away:

  • The two practices don’t need any data sharing agreement at all. The patient’s consent with each practice “brokers” policy issues between independent entities.
  • The two practices didn’t need an EMPI or any patient matching technology. The patient creates links using the patient portal in the first case, and exchange of the Direct address in the second.
  • There is a built-in mechanism for efficient notification between systems.
  • Provenance models already in place support information integrity.

And of course the benefits compound. If the patient has linked their HealthVault record to other practices, they get the data too. If they use consumer-focused applications, they update too. First responder systems like NOKR get the latest information. Coordinating care even between countries? No problem --- with none of the technologies having a clue about the others. It’s pretty awesome.

Now, of course, nothing does everything and there are certainly transactions better suited to direct business-to-business connectivity (hooray that Direct does both!) … but for the core HIE problem statement --- getting accurate, up-to-date information in front of the right folks at the right time --- it’s a slam dunk.

And the good news is, slowly but surely, it is happening.

Comments (10)

  1. Jeff Brandt says:

    Sean,  Nicely put.  The PHR should be the conduit to a patient centric system.  Along with a EHR for episodic encounter data, which should also reside in the PHR.  You then have a longitudinal record, same as what HIE vendors produce.  

    PGHD (Patient Generated Health Data) can be collected via IEEE 11073 via bluetooth to  the Smartphone and shipped to a mobile platform via …not totally worked out here (C-CDA is a bit verbose), CCR worked well I did it a few year ago,  then on to the PHR via C-CDA

    Jeff Brandt

  2. Nikolaj Ivancic says:

    I have almost the same experience as Sean – just one better: visiting Ann Arbor, MI I needed to see a doctor in UM Hospital. The data that the physician placed in his hospital EMR found its way to HealthVault and when I returned back to WA, I found this same data in my Health Record Bank ( While this may be quite isolated occurrence of the connectivity we hope to get some day, it made me happy for a few days in a row.


    I always wished HV to go universal and as unified communicated as possible for me it is the most earth friendly sustainability initiative in my recent memory.

    To my understanding HV is a repository of Modern Medicine or Allopathic medicine. If a patient from India (( Indians generally uses a mix of Allopathy, Homeopathy, Naturopathy, Ayurveda( traditional Indian Medicine) ) wants to organise his non allopathic records in the same dashboard, I assume he has only Documents section where he can scan and pdf records in unstructured formats. That could lead to cluttering. Any added column allowing parallel pathies coming up in future releases?

  4. Sean Nolan says:

    Dr. Agarwal, thank you for your notes! A key intent of HV is to allow folks to integrate their entire "health lives" … so to the extent we're missing some key data types, etc. to support that — we would like to fix. It would be incredibly useful to understand more detail on what is important in these alternative modes, and unfortunately we are not experts on the core development team here. If you would be willing, we would very much appreciate your feedback along these lines; you can reach me directly using the "email blog author" link on the top-right of this page.

    Take care!


  5. Michelle says:

    @ Nikolaj   Why do you use both systems?  Just curious.  Trying to decide which is a better place to start.  Thanks!

  6. Dave says:

    Looks solid, but you have not stated that it is HIPAA compliant?

  7. Dave says:

    I like your provider letter for Direct Access, but would it be possible to have HealthVault send the HIPAA privacy release form to the provider along with this letter?

  8. Sean Nolan says:

    Dave, thanks for the comments! Two quick responses:

    Regarding HIPAA, this is one of the great things about using a personal hub like HealthVault. While we certainly operate the service at a level of security far beyond what HIPAA would require, we are actually not covered by the regulation. Individuals use a "right to access" request to extract their information from HIPAA covered entities (providers, etc.) and then can store it for their own use however they like. Breaking the HIPAA chain this way is really powerful because it frees up the data to be sent and used however the *patient* chooses. This is a complex issue, but hopefully that's at least a good high-level answer.

    The answer to your second question is related to the first … because the HIPAA relationship is between the provider and the patient, we can't get in the business of providing consent or release forms. This is something the provider should already know how to do based on other requests for access; we're a newer channel to release information, but they've been obligated to do this under HIPAA for years now. So hopefully that won't be a blocker!

    Thanks again for pushing the discussion forward.


  9. Paul Thomas says:

    Sean, great post! On first reading, I thought it resonated with the mission of the Year Zero programme in the UK but it goes a whole lot further into challenging areas where the Information Governance folk are struggling to keep up, although the good news is that the dialogue is happening. Of course we don't have Direct here, which I guess would mitigate the risk of an individual changing information as it passes through HealthVault….or would it? In your workflow step 4, does HV act as an automatic exchange? Could the record owner make a change to the data as it passes through HealthVault?

  10. Sean Nolan says:

    Hey Paul — in theory the record owner could alter data as it bounced through HealthVault. If the receiver is using our notification model, it'd be difficult just given the short time between when the data hits HV and the receiver gets it … but it is definitely possible.

    *BUT* all is not lost. That receiver when they get the data does have an audit trail that shows if the data has been altered since receipt. With that information they can make a choice — throw it away, accept it anyways, or (my favorite) accept it but mark it as "user-modified" so the provider can make the call. This model seems to work best in a world where different receivers will have different levels of expectation and concern about data sources.

Skip to main content