This letter is in response to your June 12, 2014 request for ideas “that will enhance the availability and utility of health care data, while maintaining and strictly protecting patient privacy.” The Association for Community Affiliated Plans (ACAP) appreciates this opportunity to comment. ACAP represents 58 not-for-profit Safety Net Health Plans that predominantly serve the publicly insured in 24 states. Collectively, ACAP-member plans insure coverage for over 11 million people.
ACAP and our member health plans recognize the importance of data in moving the health care system forward in this country. Among other activities, ACAP supports the use of data and data transparency to improve quality and quality measurement, to increase access to care through telemedicine and other technologies, to allow a focus on population health, to develop valuebased payment mechanisms, to insure accountability, and to reduce fraud, waste and abuse. ACAP also realizes, however, that there are barriers and potential reforms that could improve the use of data by all health plans, including Safety Net Health Plans. This letter will focus on those issues and potential solutions.
First, ACAP strongly supports efforts to safeguard patient privacy. However, under certain circumstances—especially where the integration of physical and behavioral health services are involved—HIPAA requirements impede the ability of Safety Net Health Plans to improve the quality of care. In some states, Medicaid Managed Care Organizations are accountable for physical health services that may include all pharmaceuticals, but behavioral health services may be the responsibility of a separate entity. In some states, behavioral health services are fragmented even further, with mental health services under the purview of a behavioral health organization and substance abuse services provided in an unmanaged fee-for-service environment. While integration is possible in these circumstances, it is dependent on the ability of responsible entities to be able to share information in a protected and secure manner. Currently, there are HIPAA rules concerning behavioral health services that make this coordination difficult and sometimes impossible, where a more balanced approach would support the dual goals of privacy and integration.