In this episode of Health Biz Talk, Tony Trenkle, former CMS CIO, interviews Susan Clark, Health IT advocate and Senior Director of Community and Advocacy at DirectTrust. Known as the “Health IT Rockstar,” Susan shares her personal and professional journey from the front desk of a clinic to the front lines of healthcare policy and innovation.
Their conversation explores the evolving role of patient advocacy, the fragmentation of health data access, challenges in privacy, security, and interoperability, and the promise—and risks—of AI in healthcare. Susan and Tony also examine the impact of recent CM policy initiatives, the importance of family caregivers, and what still needs to change to make the healthcare system more equitable and effective for all.
Transcript of the Podcast
00:00:00 Intro
Welcome to Health Biz Talk, the industry’s leading podcast that brings you today’s top innovators and leading voices in healthcare, technology, business and policy. And here’s your host, Tony Trenkel, former CMS CIO and Health IT industry leader.
00:00:16 Tony
Hi, I’m pleased to welcome today Susan Clark to the podcast. Susan is known as the Health IT rock star. And why is Susan known as the heavy Flight T rock star? Because her 25 year career is spanned from the beginnings at a clinic front desk to manage care operations to EHR implementation, to privacy and security, to health information management, health information exchange, Medicaid and public health technology, federal and state policy and advocacy.
In her current role as the Senior Director of Community and Advocacy, Susan advocates and fosters a community for the exchange of trusted, secure information through the use of standards and accreditation. So, Susan, I just want to welcome you to today’s podcast.
00:01:11 Susan
Hello, I’m always excited to talk to you.
00:01:14 Tony
Great. Well, I know we were on a panel a little while back and that was a lot of fun. So I’m going to have a lot of fun today. So as I always tend to do is, you know, how did you get to here from there? And you know, you don’t have to talk about, you know, growing up in a one room schoolhouse or anything like that. But what? What, what did? How did you get from here to there, Susan? Or there to here, I should say.
00:01:38 Susan
Yes, I did walk uphill both ways through the snow. But I’ll, I will go back a little ways to the humble beginnings in that I started out in music and I figured out I didn’t like it academically and I moved home, didn’t know what I wanted to do. Ended up working at a clinic at the front desk, a multi specialty clinic and healthcare ever since. So that I always start with that part of the story because that’s why I have music, because I still love to perform hashtag health IT Rockstar and because I am passionate about healthcare and the ground level healthcare. So everything I do is about burden reduction for the people on the front lines everywhere.
I’ve come from there. So, but after that I, I went to, went to school, went to college the whole time I, I worked in clinics and so public, my education and public health, Health Administration and then moved into did a whole bunch of stuff. I think you covered a bunch of it in my bio, but it landed in a sort of a managed Care World And we were, we were calling it, I don’t know the HMO days. So, you know, the quality payment programmes of yesteryear did a lot with provider relations, quality management and that side of the house and actually moved states I live in, grew up in Illinois, I live in Indiana now, you know, not a big jump, but it’s kind of started over.
But that just propelled me into a whole new world of health information management where I went back to school because I wanted to be credentialed in that. So I’m super active with EHEMA now because of that and landed into, I was working at Purdue, West Lafayette, IN and they became a regional extension centre when meaningful use. So that’s where I really, really dug in. Well, actually before that I was at the student health centre.
I LED my first EHR implementation before I knew that that was hard and people didn’t actually do it before 2010. So I had a little, a little bit of a jump on, on that world before coming. But that was, so that’s where I moved into understanding how policy meets technology because of how it influenced and then how the incentives influence policy implementation, all of those things. But from there, consulting, quality payment programmes, HIPAA, privacy and security. Then moved on into state and federal government and HIE consulting work, which is the policy governance funding, which is super fun. I love looking at how things fit together from a kind of a macro down into the, the micro implementation. And just almost two years I’ve been here at Direct Trust. So, and you’ve already talked about what I do here. And so basically I’m doing advocacy community leading our cybersecurity workgroup. We’re about to launch an advocacy workgroup. And I also am, you know, speaking and getting on stage wherever I can, which is why I’m here, ’cause this is, this is, this is Tony’s show. So I’m here for it.
00:04:49 Tony
Thank you, Susan. That was a nice description of the journey that you’ve taken to get here today. One of the things I, I did want to ask you is we see the word advocate a lot in your bio and then of course it’s in your current job title. So what, what do you define as an advocate? I just curious.
00:05:10 Susan
That’s a really awesome question because it, it can mean lots of things on who whose position you’re representing. So within my job title, I’m, you know, primarily for my organisation members because direct trust is a member organisation and we also want to just support the the mission of exchange trusted exchange information. But it then I also some very strong in advocacy for health information profession for health information accuracy. That’s kind of my AHEMA hat having worked on the advocacy and policy for AHEMA. And then just as a person from the experience I’ve had that I always an advocate for the, the patients, for the caregivers, for the clinicians, any, anyone who’s actually supporting that delivery of care. So it kind of it, it depends, the activity varies by who I’m representing, but there’s, it’s multiple, multiple manners in which I do that. And advocacy can be just going on here and getting awareness or it can be going to the Hill in DC and, you know, trying to support legislation or get some written. So it can mean a lot of things really.
00:06:30 Tony
So from from your perspective, advocacy is basically supporting a particular group and taking a position that supports that group. Is that is that a fair assessment of what I’ve just heard?
00:06:43 Susan
That’s fair. How can How can we inspire, influence and support?
00:06:49 Tony
OK, great. So let’s move to one of our favourite topics then. Patient. And you’ve been a long time patient advocate. And as I look at patient advocates, obviously it’s multifaceted. There’s the whole issue around patients and use of technology, patients trying to work their way through the labyrinth of our healthcare system, privacy and security issues. You know, there’s, there’s, there’s multitude of things. But when we look at the patient in a lot of cases, you know, and we’ve been talking about this for years, meaningful use. And before that even, you know, how do we the patient is the kind of the unknown X Factor that’s going to change things, you know, and well, here we are, you know, 15 years after meaningful use and yeah, right. So where, where is, where is the, the, the patient engagement and empowerment movement here today? I mean, and, and how can it best be successful? And, and I guess what, what do you think, you’ve been looking at this over several decades now and obviously the technology’s gotten better, but do you think that the patient has gotten more engaged in their care over the last couple decades?
00:08:13 Susan
Looking broadly, yes, but.
00:08:20 Tony
That’s my that’s my point.
00:08:23 Susan
And there’s really I mean, I got to give we got to give some credit though, especially the last year or two. I think a lot of developments are we’re going to see more pretty quickly. I think of our friends and like be well and primary record and, and these, these patient apps and and then what Tefka has has, you know, really brought forward in what the, and what they call IAS. It’s what is it access? I forget, I forget what it stands for. I use it all the time. It just just drew a blank. But it’s basically the the consumer patient and of the information exchange spectrum.
So because there is a little bit of federal and, and standards behind it, we’re seeing some movement there. There are also some incredible true, what I would call a patient advocate voices the the folks who really do support those in in a chronic care situation or are having lived experience with a chronic disease or, or, you know, living with cancer and all the and there are some incredible influencers out there. And so they have done a lot of of that groundwork and then, you know, put on top of that and well, it doesn’t hurt that. Amy Gleason from Doge has a huge patient advocacy story. And I think we’re going to just, and I will probably talk more about what’s happening with the feds, but I, I think we’re going to see more because the right people are in the conversation now.
But but where I think the struggle still exists because, you know, in, in when we started a meaningful uses, did you have one patient log on to your portal? Here’s your check. You know, like what did that do? Not a whole lot. And then what happened was patients or caregivers ended up with 50 portals. Not everything’s in them. And then what do you do? I know I just go and I’m not going to bother because there’s no, like, I know, I know this one’s wrong because they didn’t get information from that one. And what’s my password? Oh, how do I, it’s, it’s really, really hard. So once we make it a little bit easier when you get that easy button and more cohesively joining that information which is coming along and it’s trusted that we can trust the security of it, trust that it’s accurate. As we can get better at that, I think we’ll we’ll be able to get more folks on board to that.
00:10:55 Tony
Right, well, let, let me say a couple things from my perspective as you, as you move along the, the, the world of life, as we would call it, you end up with more and more doctors. And one of the things that I, that I’ve found and myself and, and, and others as well, of course, you just touched on the one was the whole proliferation of portals. The great news about that is you can get access to more information in a more timely manner. You can get test result, you get lab. I mean, you get the, you know, all kind rat lab results, other things very quickly. You get doctor’s notes, but they’re very siloed for one thing.
The the other issue that I run into is one of my pet peeves is, is when you try to contact are you certainly can contact the doc by e-mail now and in, in a way that’s better than it was because you, you know, 20 years ago, even 10 years ago, you couldn’t talk to the doc by e-mail. But now there’s more of an opportunity. But but they’re making a call to these doctors offices is, yeah, often you get routed to a voice response type of system or you get routed to some kind of centralised operator system. It but it results in a lot or, or they say they’re going to call you back and you get a call back at some inopportune time.
But it, it seems to me like part of it, we try to fix a bunch of things and we fixed a few things and we screwed up other things. So if I’m a patient advocate, part of the thing with a patient advocate to me is it’s not just advocating for a certain type of people who may have, you know, more technology savvy or more be health literate because they’re not the ones who are often need to, you know, connect with their provider and gain the most from empowerment. So, So what it what’s your thoughts around that?
00:12:57 Susan
I’ve so many thoughts on that, but but one is something I always say, and hopefully I will stop saying it because things will improve is that it feels like when I look back at working at Sterling Rock Falls clinic in 1991 or 1992, the way what you just described, if I have to call and I get a call back and it’s at this weird time and it’s, and then I have to call them back and then and, and all this stuff. And it’s like our workflows are exactly the same as they were back then. And all the way it’s like, Oh, my computer’s pretty, but the workflow did not change and it’s in rate.
Like I all my friends and family know I just like blow a gasket over this whole whenever I have to interact with the system and I am very unsatisfied in that way. But you know, talking about the the those who maybe won’t have access. So even though we just talked about things getting better and they’re improving, it’s still not everyone is able to do that in the same manner or have folks in their lives who do that. There’s still a lot of people, especially older people who maybe can text, maybe can’t even do that, can’t operate an app and and people without broadband and all these things.
So I actually got kind of, I, I don’t know if you’re as much of A geek as me as I, I was watching the House Ways and Means committee hearing on digital health the other day, because that’s the kind of nerd I am. And I’m talking back to the screen because I’m hearing both from the legislators and, and, and a couple of the panellists, these wonderful products. And it’s true. Like we got to raise the raise it all up. So the floor will come up eventually, but they talk as if everyone can do this and we can’t.
You know, if you kind of the, I know I’ve seen a couple legislators go on a, I’ve seen some like clips of these of, you know, explaining that if you’ve never lived that experience of, or working with a person who doesn’t know how to access this, then, you know, ’cause I was, if I kind of wrote in my notes, I got on my soapbox of like, if you’ve never had a meal of only Pickles and toast live, you know, trailer by the railroad tracks and you’ve never had your electricity shut off because you paid one bill instead of that one because you had to make that choice. You don’t get to sit there and say, oh, we could, all of our beneficiaries can have this app and it will solve it because it’s not going to solve it because we’re, we’re not all living that same, you know, privileged experience as some, I mean, yay for them. That’s awesome, but not everyone comes from there.
00:15:50 Tony
But the people with who use The Who need the healthcare system the most are a lot of these people who don’t have access to broadband, don’t have the health literacy, don’t have the other tools that look great at tech shows, but aren’t necessarily something that the average person, whether it’s age-related or, you know, income related or geographically related. I mean, there’s a lot of challenges that that we have to deal with. And I and that’s one of the things that I found. It sounds like you found the same thing. You people tend to sit in these meetings, whether they’re congressional hearings or other types of hearings and meetings and, and talk about things as if it’s common in society. And it may be in the part of society that they’re involved in. But this is a big, diverse country and you have to look at solutions. Not only they can help people who have those abilities and knowledge, but also the people who don’t for whatever reason. Yeah.
00:16:54 Susan
I don’t. I don’t want those incredible innovators and and to stop making the best thing keep doing it. But we can’t leave people behind either. So some some combination of those things have to be happening at the same time.
00:17:09 Tony
And there are a lot of advocacy groups we can talk, we’ll talk about the government in a minute. I know one of the groups I, I do some work with is AARP and they certainly do a number of things to in the advocacy area, I’m sure. Do you know of of? Are there some others that you would tout as well?
00:17:27 Susan
Well, that they would be one of the tops for me. They’re fantastic. But you know, like the Consumer Technology Association that put on the big CES show every year. That was like one of the first ones I thought. And a lot of the, you know, like specific disease groups, like I, you know, a great patient advocate who is, speaks for, she has lupus, speaks for lupus. I know a guy living with, with brain cancer that he does and has pushed that for. So that I think a lot of the larger organised, you know, associations have some really great voices for, for this work.
I also thought of, you know, just thinking of who else may have have some opportunity here, just because I just recently been had reason to engage with some device and pharma organisations. And no matter where the reason that they’re coming to it, that these that you have to empower patients with a remote patient monitoring or devices or, or access, you know, whether you’re hospital, home, whatever, because it benefits everyone. So no matter what the the motivation is, I think they can also be because they have strength in lobbying, quite honestly, like they have, you know, they, they are big. So let’s let’s all everyone that wants the same thing, like let’s, let’s move together. And they’re also can be very influential on payment models.
I have discovered so that to get some of some of this technology move forward for patients and consumers. And, and I always, and I have also tried to make sure to say too, because, you know, like at Direct Trust, we also have working on, you know, social services data integration. We have to recognise that not everyone is a patient. Sometimes we’re patient, consumer, client, the whatever, whatever, the, the person hearing it. So I I I’d be happy to just start saying person, person doing access to their data cover it all.
00:19:38 Tony
I think the the other player in this and I and, and when you may have been in this role as well, but I certainly have and it’s the family care providers. I had to deal with that with, with my parents, my in laws. I have a cousin who’s dealing with it with a an aunt of mine now. And, and these folks are not technology, they not the, not the care providers, the family care. Providers, but the family, the the patients themselves, they’re never going to learn technology. They’re never going to and they and they refuse a lot of them refuse to do to even get engaged with a bit. The ones who could benefit from a lot of cases or the children or other relatives of the people who are the patient. And, and I, I, I’ve seen a lot of shortcomings in that area over the years, both personally and then just being part of a, I mean, I’m involved with a senior living day centre community right now. And you see some of those areas where there’s, there’s still shortcomings and, and the, and the families are, you know, it’s, it’s hard for them.
00:20:53 Susan
Well, first of all, there thankfully there are some pretty great caregiver data aggregator apps coming up right now that are it’s super impressive. We’re we’re coming along really well. But I resonate with that so much because I but my parents were a lot older than me. I was a it was a late in life birth. Well, surprise, but but yeah, so I have actually already had that lived. Both of my parents have passed. I have dealt with a terminal disease. I have dealt with an aged parent who was in assisted living and many times in the hospital. And my sister and I like when we were in the hospital and we had to fight for getting the right attention for him to ask the questions to get the people in front of them.
And we’d say to each other, what do other families who do not have this knowledge or this, you know, gumption, for lack of a better word, to keep pushing? How are there what happens to their family members? It is just, it’s really frustrating. And then the the assisted living. So talking about those, you know, our our edge settings that aren’t there yet with technology. When I the the worst medication reconciliation in the world was going from the hospital to the and we had to thankfully, you know, between I have because of my HIM background, I’m clinically adept. And then my niece was a brand new nurse at the time, like just coming out of college. And so between us, we’d sit there and like, check the pill bottles, talk to the nurse, look at the hospital records. And it was just we had to do it as a team and it shouldn’t be that hard.
00:22:37 Ton
Exactly. And there should be ways to communicate my with my aunt. My my cousin is her primary advocate and she is a nurse, a retired nurse now. But she’s, you know, certainly knows the nursing, but she lives, you know, 3 hours away. Other members of the family don’t live that close. So they have this kind of support, but it would help with more tools that they could do remotely so they could check on their, their mother. But you know, these places, I can’t say all of them, but the ones I’ve certainly been engaged with, it’s high tech. I mean high touch, low tech, and sometimes not even high touch, you know?
00:23:23 Susan
I I actually offered pro bono consulting to try and help them, but I was, they were not taking me up on that.
00:23:34 Tony
OK, well Susan, we didn’t solve that problem, so.
00:23:36 Susan
Let’s no, no, but it will get. It’s getting better. I it we are, it’s getting better. We’ll get there.
00:23:42 Tony
So let’s let’s look at a more macro view and that’s kind of the role of the government in the patient engagement. And of course that’s been something I’ve seen tackled across administrations for a number of years. You have as well. And now we’ve got a whole new group of folks involved and CMS just came out with an RFI that got over 1000 responses. So a lot of interests and a lot of it it deals with the issues around patients and you were certainly somebody who who has read through it and provided responses. And so from your perspective is, is it more of a fishing expedition or do you feel like the government’s on the right track with where they’re going with this or if I guess, I guess some of it, the proof is in what they do with what they they hear.
00:24:32 Susan
That’s true, But I, it is like this has been the ray of hope for me from because, you know, of course, any administration change, it takes everyone a while to get footing. But it was like radio silence from the agencies we worked with before for months. And it was like, oh geez, what’s going to happen with this? What’s going to happen with everything we’ve started, blah, blah, blah. And then this RFI came out and the listening sessions and the conversations and it was just like, like the, and it just exploded and splattered everywhere.
Like in a, in a good way, I think because it was like Hallelujah. I think, I think there are other, they might be on the right path. This is actually an opportunity. This is a huge opportunity. I don’t but yeah, like it’s, it’s, it’s gonna like, what are they gonna do with it? What’s it gonna look like when they process this information? And it just just kind of comically, I think of the irony of we only got a 30 day comment period, which is shorter than a lot of other federal, you know, opportunities absolutely. You know, like how long will it take them to go through? But of course we’re at BI now. So probably processing that in taking that information is a lot easier than it was 10 years.
00:25:55 Tony
Ago, believe me, I can tell you how it was 10 years ago. It was very labour intensive. But yeah, AI will certainly help with that. I, I think one of the questions that comes to my mind is, so how do they intend to move next with that? And there’s several things the government can do. 1 is through regulations. Obviously we’ve had some changes with regulations with the Chevron, the, the, you know, the changing of what have happened with Chevron. So that was one thing that’s going to affect some of the regulatory process.
We have, you know, a new group of folks in town who you know aren’t necessarily into The Reg situation. So from The Reg side that’s still kind of unknown. And then you get into the the money side, which of course is another issue. And then of course in this administration is and it’s also been increasing in in other administration’s the use of the executive order to try to promote change. Now we know that executive orders are have limited actual, you know success because they’re limited in some ways, but they do show a positioning of administration money wise. Sometimes it takes longer, some things get cut, some things get added, but the interoperability and a lot of what we’re talking about here, patient advocacy has been bipartisan.
So to me, that’s it. That’s a good thing. So when Seema Burma was in CMS under the lasted Trump administration, she was very active and, you know, patient advocacy and certainly some of the work that was done under the Biden administration and even going back to Obama. So, so we’ve seen and, and even back to Bush, so we’ve seen, we’ve seen kind of a, a straight line of support, particularly when it comes to interoperability and technical standards and stuff. But the money flow has varied over time. Sometimes it’s more, you know, using the levers that CMS and others already have. So you make changes to the payment system. Other times like meaningful use, we saw outright, you know, funding come into play. So I don’t expect that to happen out of this administration. But, but what do you see in your crystal ball is some things and I know it’s a cloudy ball right now, but.
00:28:32 Susan
And I’m.
00:28:32 Tony
Limited to right. I’m limited to patient advocacy and empowerment. I don’t want to get into all the other issues.
00:28:38 Susan
Because OK, all right, all right, spend.
00:28:40 Tony
Days talking about that, yeah.
00:28:41 Susan
OK, it’s to that, that is I honestly don’t know because of exactly what you said. We don’t want to regulate too hard and but I know from all of the the quality payment programmes, the regional extension centre and incentive like and working with Medicaid technology, you have to have a carrot or a stick or people don’t move. There has to be a reason to go and sometimes it’s not as obvious as it appears because sometimes money is not enough to make people move. So it, it’s the I, I, what I hope, what I would like and, and kind of, I hope I got through with my, because we did a direct trust in a response that I helped, you know, I coordinated then a lot of the content came from our more technical experts.
But and then, but then I wrote one personally. And the part that’s the part I want to convey is that adopting is a far cry from mandating or from incentivizing. Because that’s one thing we learned from meaningful use or, or from let’s say the, the CDC, all the, the funding that came out of after the pandemic for public health. If you give a lump sum of money to organisations who aren’t technically adept, what are they going to do with it? They don’t know, like how do we use this the best? SO until you get that guidance.
So I think just, and, and maybe the idea is I, I’ve heard some different stuff thrown around about just looking at how we govern or mandate or compliance differently. Like all this talk of instead of certifying a giant EHR as a whole, making, you know, certain all the pieces, you know, more like if they do this, you can use them and then you all plug in together this way and that. I mean, that’s all so high.
Like that is so basic, simple for me to say, but but I like, Oh, that’s a pretty, that’s a pretty OK theory. Like how do we how do we still do some level of compliance and oversight and incentive? Well, the oversight, but a little bit in smaller bites might be easier to take. But then yeah, as far as the incentivizing, I don’t know how we get permeated all the way to the ground level at this point. It is because and, and you’re not to get too much, like you said, not to the other stuff, but there are so many other things that healthcare delivery organisations have to manage every day that, that it’s like you have to, you have to make decisions on am I going to solve this or am I going to solve this? And that’s hard. So I, I really don’t, I don’t have a crystal ball for that. I hope, I just hope we see movement of that. It just doesn’t languish that things actually move.
00:31:57 Tony
Well, one of the ways I I think is obviously the, the CMS payment system. So moving to we’ve talked about, you know, value based payments for years and since some things have changed behaviour because of that, putting things into the, the, the payment regs each year, they kind of push behaviour until we get, I mean, what we used to do, we and they still do it today. You know, you kind of start off kind of voluntary compliance and then you try to move it and it kind of becomes malicious compliance and then it becomes mainstream and then it just becomes part of doing business.
So really if if we can continue that. And I think one of the areas we were going to talk about a little later, but I think now is probably a decent time is the whole issue around the fire and it’s implementation and in the government. And one of the areas that a lot of folks have talked about, Mark Scrimshire being one of the key advocates is CMS came out with the, you know, the prior auth, the regulation about a year and a half ago. And it really, it really began to move towards some ideas of promoting the use of fire and the use of AP is and, and other ways to move some of these interoperability, not ideas, but certainly early stage interoperability work into more mainstream business processes since prior auth is obviously something that every organisation and individual has to deal with at some level. So what are your thoughts around that?
00:33:41 Susan
Yes, and and even before that, you know, the, the 2020 CMS interop rule was when we First off and it was like, and I was thrilled when that rule came out that that made me so happy that it was just a kickstart because there was no prior to that, it felt like there was nothing to make the payers move. So how a giant chunk of the burden is on and it’s also a a cost suck. Like how many people do we have to pay in an organisation to get prior OS approved to fight denials to get paid? And it’s it could be way more automated.
So I’m really excited about the the probably only stop and say I’m curious about what they’re going to do with the unfinalized HDI two rule, which is the standards there. You know that that would on the provider side that would help that occur. So I I hope they’re going to bring that at least that component back through ASTP or however, but I I’m excited about all this. I it will and and you know, the big announcement the other day of getting the the the at least at least a great photo op of the pledge of the insurance company said yes, we are absolutely going to fix prior auth. And I’m like everyone, everyone saw that right. We’re all you saw that you’re going to hold them to it like so that that would be lovely. But if that’s the case, like let’s let’s move that like let let’s have that go. And and people like Mark, it was just for for your for your audience.
Mark is is the in between of How I Met Tony. So this is this is that was a perfect reference. But folks like that who are really already before mandate moving this ball with pairs of getting them set up for those AP is so that they’re not scrambling at the at the end deadline. But it will always come down to adoption implementation and one of the like. One of the things I put in the RFI is is manner of measurement of how do you know it’s working?
How can we get to the ground level of measurement of like more judging You like do some kind of randomised all setting types, all geography types, all providers you know, like and you do like a secret shopper and you go in and like or like you know from the you’re having a prior OP, what worked? Go with the provider. Did it did they get it inputted? Did they get a response? Did they get a this with with folks who aren’t your premier test pilots? You know that like ask the real people how this is working and how do we can we measure more that way? And actually I saw one of the RFI responses that came out was innovators. So Lisa Berry’s work was one one of the points that I comment. I was like, oh, I wish I would have thought of that was the frequency of measurement. How do we get into more of a PSDA cycle of keep checking on how it’s working and iterate? So I don’t know if I got, where did I go with that? Did I what you’re asking?
00:37:09 Tony
Me. No, I think you’re right. I mean, some of it is, is getting the plumbing in place, some of it is the measurement and you know, showing the interest as, as we used to talk about it years ago, the Hawthorne effect, when you shine a light on something, it tends to get more focused than something that goes out there and doesn’t get the same type of visibility. The other thing that I, I would like to see them take a look at, I’d like to get your thoughts on too, is, is the law of unintended consequences. So when we put this into place intending to fix something or certainly make something better such as you know, reducing the number of prior alls, improving the time to approval for prior alls, etcetera, are we creating other problems in the ecosystem?
00:37:56 Susan
Yeah, oh, that’s really good .1 I think of just because it’s so much at the core of what we do, some of the problems we have, you know what about identity and and accuracy. So just even thinking of the, you know, one of the, the stats we go to the hill with when I’m go with a HEMA on patient matching, just in general, no matter what exchange of, but one of the stats is on the number. I, I, I don’t know the percent off the top of my head, but it’s a lot the percent of claims denials, not even prior out denials that are denied just because of wrong identification. So if we don’t solve some of these underlying problems as much as the connection in the sending and receiving it, it we’re still going to have a lot of denials that way. And and there is the the, you know, the danger of ungoverned AI and what kind of rules is it kind of rules is it using? And there’s a lot of opportunity for failure points there. What? What do you think?
00:39:04 Tony
Well, yeah, I, I think you’ve hit some of the areas that I would think too. One of the things that I would yeah, what what how is what role is AI and automated, you know, prior authorization, what’s the algorithms that are used to support that? And then what’s the result of that? And yeah, it’s, it’s the old saying about the you’re only as good as the the data and processes that you have.
So if you’ve got, you know, data that’s not complete or based on bad information and the algorithms don’t support, you know, dealing with that, then you could end up with some situations that could cause, you know, if not death, certainly potential safety issues. That’s, that’s would be my, my thought in that area. Just so I just think it’s a, it’s kind of a, a good or one of a better word hygiene type of thing is to look at the unintended consequences and make sure as you’re putting this in place, don’t just focus on. The actual improvement you’re trying to make, but also what else could be happen as a result of that or you or you’re you dealing with which kind of gets somewhat into my my next question, which you know, it all this stuff is, is about risk management and trust and things of that sort.
And we can touch on that in a few moments, but I really want to get into some issues around privacy and security. And of course, you work for a company now that’s obviously that’s their bread and butter. So I, I guess the question is when we’re looking at patient data, however you define that patient data is a lot more things than it was years ago. It’s it could be others talk about having everybody have a wearable, you know, so that’s a whole another source of patient information.
Yeah, Yeah, I’ve got one too. I just don’t have it on right now. But there’s issues around social determinant data. There’s data that can be, you know, other than clinical, there’s administrative data. And a lot of this ties into the patient. I mean, certainly some of it relates directly to their health, some relates their financial health. And I guess my my question for you, do you think as we’re evolving into an AI driven world, do we have this sufficient protections in place for patient data? We’re seeing more breaches occur all the time. We see a lot of issues around compromises of data. We’re seeing issues around data being exposed for periods time and all these things are not new, but it seems like when you add that together with AI and some some other ways of taking advantage of Onyx of exposed data or or not properly protected data, the potential for real abuse gets exponentially higher.
00:42:21 Susan
So much there. I, I can, I can touch on several things with that one being you. We have some pretty great, I’m not going to not AI, I’m just going to start with privacy and security, but we have some pretty great frameworks now standards exist that are solid. The technology is evolving, including AI, the security protection. So I’m not talking about like AI decision making like that’s a different kind of, you know, like outcome the patient care. But so it’s not the issue with the the problem is is again implementation, incentivizing enforcement all of that because you know, people or people covered entities have been supposed to do security risk assessments since 2003 four, 5:00 somewhere in there. I know the rule was 3, but I don’t remember when the enforcement.
00:43:19 Tony
Started 2005.
00:43:22 Susan
I got there.
00:43:23 Tony
When I started CMS, we had we were responsible for the HIPAA security rule, so.
00:43:28 Susan
Yeah. So when you look at any enforcement actions even to two weeks ago or whatever, like everyone leads with did not do a security risk assessment, did not and you know do an action plan, did not, you know, address these things that exist. And so there’s a huge gap between we already have good guidance and standards. Why aren’t they being done?
So that’s, it’s more around and I hope, I mean, I’m going to kind of go all over the place. I have several notes, but I, it just popped into my head. Just little bits that we’ve heard from the hill. I after they get through all this budget stuff I’m not even going to talk about. But once they get through the drama of the day, I hope we’re going to see some more cybersecurity stuff and specifically to help here come out. I hope they’re going to work with the health sector coordinating council. And you know, like my, my state senator was, was a sponsor of a couple pretty great things last year that didn’t didn’t get executed and a road map. And like, so like, how do we get them back on that track?
So that’s a very bipartisan issue that’s movable. We can do something with that, you know, so, so that’s one, one thing. Another thing where just since I’m on the policy train of the, I think you started with like what is patient? What what are the boundaries? There aren’t any except for in hip, you know, like there’s HIPAA covered and there’s this type and there’s this. And then if it’s outside of that, then it’s it’s it’s Federal Trade Commission and it’s this. And so that kind of goes back to where where I was at earlier. Like it’s, it’s a person data, like person data all around has to be protected. Cause your like, when all of those rules were written, this, this world did not exist. You know, that it’s a different environment to, to talk about.
So I think even on that hearing, I know Epic even was like, I was not what I thought was going to be one of their big points, but push, push, push on, expand HIPAA, you know, either hit the what what HIPAA governs or looking at it differently, basically of how to how do we put all the data in our arms and then put a policy around that and then agree, how long have we been trying to get a data privacy act through Congress?
Like that never finishes or the HIPAA security proposed rule that was out earlier this year. Is anything going to come of that? Because that was so neat. I mean, yeah, I know there’s a lot of controversy about it might have gone a little too far here and there, blah, blah, blah. We don’t have to get in that, but there was a lot of good stuff in there and HIPAA security rule needs updated desperately. So, so sorry. Do I comment on any of that before I go elsewhere because I have more?
00:46:28 Tony
No, I think, I think what I’m, I’m getting out of you is that there, there are some frameworks in place, but these frameworks need to be updated because the world of today is very different from, from many different aspects of well, even from a business standpoint, these large health organisations that have been forming over the last couple of decades were not around 20 years ago to the extent they are today.
And you know, it was a lot more small practises, even individual docs with their own practises. You don’t see that much anymore. You’ve got a lot of healthcare organisations that are also provider organisations. Yes, Optum and you know, it’s so it’s, it’s a, it’s a very different world. And a lot of the security stuff too, I think is, is been a result of a lot of security stuff. A lot of the security challenges are as a result of these mergers, acquisitions and other things that have happened in the industry that create areas of vulnerability if they’re not really focused on by the organisation that’s doing the merging.
00:47:41 Susan
Yeah, that was the crux of the change problem. They hadn’t.
00:47:44 Tony
Right, exactly. I was thinking of change.
00:47:47 Susan
So I guess I’ll, I’ll just say the word, we’ll just, it’s public. But you know, another thing I thought of in there, just since you talked about large organisations, especially when organisations have to work across state lines, across global lines and the patchwork of rules and laws of variation, they’re trying to manage that. And then, you know, kind of pull AI back in. Because that’s a whole debate right now in Congress of are we going to put a stop to some of these AI state rules so that we can get our act together and do something comprehensively so it can be managed. So that’s it. It’s just I, it’s feels impossible. This is where I kind of get Debbie Downer. Like it just feels impossible to get any kind of consensus in a timely manner to keep up with the threats that we have in front of us.
00:48:42 Tony
Yeah, Yeah, I think, I think that’s a fair assessment. One of the things I talked about with Julia Commisarchic a few weeks ago was about the issue of de identified data. And Julia’s very much a proponent of that and I can understand why. But I guess the question I posed to her and the question I’m posing to you is do we, can we truly have de identified data in today’s environment between AI and the growth of different public and and private repositories of data? Is it? Is it possible to have a have that?
00:49:25 Susan
It’s that’s a really good question because and I’ve, I’ve met with Julia and seen, you know, her work and some other organs that you like. Blind insights was another one we met with and I remember being so impressed. The the and I’m just going to super simplify because that’s what I do the math behind what they can do to de identify and re identify is pretty incredible. But the bad guys get smart fast too. So I I really on the fence about that. Like what what can truly be what is ever truly, you know, or even thinking about that the struggle that, you know, health systems or providers have now with, you know, in the old days, old days at when a record hit retention, it goes in the shredder. You can’t like, what do you do with all this? Is the electronic data really gone now? If you and some people just don’t get rid of it because they don’t know how So, so not just the can it be de identified? What’s its what’s its, you know, shelf life or half life fund where where it’s imprints are it’s footprints.
So I, I I honestly don’t know how what my confidence level is in it. I mean, I’m, it’s impressive what these what they’re able to do currently, but I, I don’t know how that’s going to evolve in the future that I guess that’s going to go into that dream legislation that I’m hoping for it to putting some guardrails on what it means to be. And maybe, and I would be thrilled if someone, you know, watches this and comments and get enlightens us on things we don’t know about, about that world so that I can be more informed.
But I’m, I’m really unsure, right. And, and I guess I want to go back to something else you said about the sensitive data sets, like the social reproductive, you know, HIV all the site. Like what, how do we, you know, there’s a lot of work being I’m on the Sequoia projects, the privacy and content work group and I’ve there’s some and then actually direct trust is involved in some, you know, with the online notaries of doing the identity sides of that. And like there’s potential with the consent and segmentation. So that’s the thing now of how do we identify to a granular level what a piece of data signifies? Is it, is it, who’s it about? Is it sensitive? Is it this is it that doesn’t need consent? What’s its jurisdiction? And.
00:52:10 Tony
Well, we have, we have standard regulations and policies on the identification for, we’ve had them for years. And and the question is going forward, is that going to be sufficient with quantum computing, AI and and other technologies. So yes, yeah.
00:52:27 Susan
Quantum and.
00:52:29 Tony
We won’t solve that today, so.
00:52:30 Susan
No, no Sir.
00:52:33 Tony
Before I get into my end game, I will since as I’ve said before, no podcast is a complete without letting a guest opine on the glory or destruction created by AI. And I’m sure you’ve touched on AII. Think I didn’t count, but you probably mentioned it 10 times during the past 45 minutes or so. But any further comments on AI before we move to the end game?
00:52:59 Susan
Yeah, I think I yeah, I did get ahead of myself on it just came out. But but there is I mean, let’s my my Rosie, you know, tint these Rosie and go what potential, you know that there is the AI can help with the cyber threats. AI can do massive amount of burden reduction if we can automate these things like prior OS and claims and phone calls and and things like that. So it’s there, but it’s that inability to agree on governance and, and authority of who gets to, you know, ’cause like there’s the, the Coalition for Health AI. And that’s like my go to, if I want to know something, I go there. But they have no authority to, to say that their frameworks are right. So it’s the, that’s the part that that scares me is how, who, who gets to say. And then how do we build those those governance protocols is is way beyond me.
00:53:59 Tony
OK, well, that’s fair enough. So we’re going to move to a couple final questions. One is turn into the personal side. What keeps you busy when you aren’t thinking about healthcare? You mentioned music a few moments ago, so.
00:54:12 Susan
Yes, that it should keep me music should keep me busier than it it does. I’ve been a little bit rusty, a little bit quiet on that front other than I’ll I’ll be at karaoke anytime you want.
But hopefully I’ve had I’ve had a bunch of life stuff, moves and things that hopefully now I can get settled and I’d love to get back to playing a little bit and do more with that. But otherwise I just like find my friends bands and be like, what? What songs are you guys playing? Can I do something with make it easy and then and anything rhythmic. So dancing any of that. But pickleball. I jumped on the a year and a half ago. I joined the the I hate to be AI, hate to be a follower, but I got sucked in and it’s so fun and easy and or not easy. Not necessarily easy, but I mean it’s an easy unwrap so you can just jump right in no matter how good you are and it’s super fun.
00:55:10 Tony
Yeah, I’ve jumped on that myself a little bit. So I’ve been having fun too. And I agree with you on the music. And there’s nothing I like better than to go to a local place and hear some local music. I mean, it’s great to hear the national bands, but the the local stuff is.
00:55:24 Susan
Is or local?
00:55:26 Tony
Always fun. Yeah, it’s fun. But so we’ve hit a lot of topics these last minutes. Susan, are there things if somebody says something that really catches their attention and says where can I go to to find more information about that? Besides following Susan’s various speeches and presentations, is there other places that you can recommend? Any go to sites you go? You mentioned one a moment ago about AI and health.
00:55:55 Susan
Oh yeah, the Coalition for Health AI, it’s Chai like the tea. So it’s really easy to it’s just pretty easy to to Google and find. But if you want to get, you know, gossipy, the my my friends at the health tech talk show have a have a do a little broadcast every week that has all the hot, hot stuff coming out and help IT political pulse every day.
So I always look at Politico and depending on if you if you touch much in the government payer space, mostly Medicaid’s a fund fund follow man, lots of people on LinkedIn, but also your I mean you got to follow your your your representatives, senators. What are they doing? Follow the, you know, the regulatory bodies when it to get on the listserv. So you’re notified when things come out, when opportunities exist to comment because, you know, I try to encourage everyone in the public is eligible to comment. So do it. Use your voice.
00:56:59 Tony
Yeah, and even at the the state level, my state senator, she’s very engaged in AI and and cyber and crypto. She’s and she puts out stuff all the time. I don’t know how many other people are interested, but I certainly AM.
00:57:16 Susan
That’s awesome. No, I’m, I’m, I’m really excited to me. I did the where I just moved to our State House Rep in this area. I was familiar with him from listening to state hearings on health and tech stuff, so I know that he’s engaged too. So I actually have on my list for while they’re on break this summer to go introduce myself.
00:57:38 Tony
It’s not a. It’s not.
00:57:40 Susan
A big friends, they’re in the community, go talk.
00:57:42 Tony
And they’re looking for people like that. And I, and I can tell you I haven’t worked at government agencies, when you get a letter from a Congress person or a senator, it gets your attention. And at the state level, I know at the state government level when people get the letters from representatives and stuff, it also gets their attention. So, and at the county level too. So people have more if they are interested in certain topics, they can get pretty engaged at a lot of different levels of government.
00:58:16 Susan
I actually was where I lived before I was, I was pretty involved. I’ve learned a lot about how much at the local level happens with healthcare, with different funds, with the EMS, with the, you know, the Township funding they have like reserves for supporting. It’s like, I didn’t know all of the health impacts that can come all the way down to your very. So it’s really important that you meet and and research and vote for your your local people ’cause they do, they do a lot more than they know.
00:58:47 Tony
OK, two quick final questions. You have 60 seconds for each or maybe 30 seconds for each one is. What’s the best thing that you think’s happened in healthcare in the last five to 10 years in your humble opinion?
00:59:03 Susan
The actually what I was trying to think about, that first thing I thought of was COVID, which is terrible. It’s the worst thing that happened, but as far as data, it was the best thing that’s happened because everyone had to move so fast and that brought in some cash and it brought in some innovation and it brought in, you know, of course, everyone has all their use cases they need to update because everyone’s like, this is what I did during the pandemic.
And it’s like that’s kind of old now, but I think it was, it was a kick in the butt. The I also kind of where we started the improved IAS, the the individual access, that’s what it is services. So getting the, we have improved a tonne on what consumers can aggregate. Now we’re going to get there. Like I think the what I’ve seen in the last 6 to 9 months is, is so impressive. So it’s not it’s it’s almost there, but ambient scribes and AI documentation for providers. Is a game changer and you know, like I, I used to try to help providers with Dragon a gazillion years ago and try to set up templates to to get to that.
01:00:21 Tony
Oh, I know it’s no, it’s come a long way. I.
01:00:23 Susan
Mean so so though I think those are the the best things happening right now.
01:00:28 Tony
So what about disappointment? You know, a lot of people talk about blockchain as one of their disappointments, but I’m not going to, I’m not going to feed your answer, so I’ll let you.
01:00:37 Susan
I think I forgot about that like that.
01:00:39 Tony
If the 2015 Susan came here today, what would she say in terms of what she expected to happen? It didn’t happen.
01:00:47 Susan
It’s not that I I hit throughout this whole thing. It’s just the chasm between incredible technology innovation and real life, real users, whether it’s clinical or patients and families like it. There’s such a difference. So the manual process is under trained workforces, you know, not doing your security risk assessments.
Like there’s just so many gaps in adoption, implementation. And then also, but what I learned both working in state and federal government activities is the massive just annihilation of time and information when their administration change no matter who’s whether what direction it’s going or even same direction. We had a term limited governor here. Yeah, it’s just like they they get rid of and start over or people start leaving and the brain drain is terrible. And then you try to start a new initiative like you think I’m going to, I’m going to solve healthcare. And I’m like, everyone’s tried that already, buddy. You know, good luck.
01:01:55 Tony
And in some cases, even if if an administration goes into its second term because the people from the first time are bottom are burned out and they move on and you can bring other people in, it will have very different ideas than the people were there before. I saw that a lot in my government career. Good and.
01:02:12 Susan
Bad, I mean, I, I, in theory, because I do, I do love lean, lean 6 Sigma, like I love a good 5S. Like you got to take everything out and, you know, get rid of the garbage and, and then put it back in a much better order. So I like that idea, but to just blow everything up and not look at what was already there to assess it first.
And I’m not just talking about the past six months. I’m talking about all kinds of different administrations I’ve worked with. I’ve seen that, that same scenario that is like it’s, yeah, let’s, let’s, let’s be innovative. Don’t, don’t go with the status quo, but listen to the people that have been doing the work too. And, and don’t get rid of the standards that are already there. That was another big part of our RFI response was don’t get rid of what’s working right. Just make it better.
01:03:04 Tony
OK. Well, Susan, I think we’ll end it there. Thank you very much for taking the time. It’s been a great past hour talking with you. And I’m sure we could probably talk a lot more about some of these, but I enjoyed it. And yes, onward and onward, as they say.
01:03:21 Susan
Yes, thank you. Always fun. I’d be happy to do it again. OK.
