Skip to Highlights
Highlights

The October 2001 anthrax attacks, the recent outbreak of the virulent Severe Acute Respiratory Syndrome (SARS), and increased awareness that terrorist groups may be capable of releasing life-threatening biological agents have prompted efforts to improve our nation's preparedness for, and response to, public health emergencies--including bioterrorism. GAO was asked, among other things, to identify federal agencies information technology (IT) initiatives to support our nation's readiness to deal with bioterrorism. Specifically, we compiled an inventory of such activities, determined the range of these coordination activities with other agencies, and identified the use of health care standards in these efforts.

Skip to Recommendations

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--should establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should identify all federal agencies' IT initiatives, using the results of our inventory as a starting point.
Closed - Not Implemented
On July 21, 2004, HHS issued an information technology (IT) framework as a first step toward establishing a national health IT strategy that includes public health preparedness and response. The framework contained an initial inventory of major health IT programs, including public health IT initiatives at HHS. However, it did not include programs from other agencies identified in GAO's report (e.g., DOE, USDA, and EPA). In addition, HHS posted its listing of major health IT programs on its health IT Web site and provided links to selected initiatives; however, it has not updated the original information published in 2004 nor provided evidence that the inventory is current or used to oversee or coordinate public health IT initiatives.
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--should establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should set priorities for information systems, supporting technologies, and other IT initiatives.
Closed - Implemented
HHS implemented this recommendation by including strategies for improving population health in a framework for strategic actions for delivering health IT, which the Secretary approved in July 2004. Specifically, the framework defined future IT-related actions and priorities for unifying public health surveillance architectures into interoperable systems that allow the exchange of information among health care providers, federal and state agencies, and public health organizations needed for effective public health surveillance functions. Additionally, to help implement and further define future actions, HHS established a workgroup called the Population Health and Clinical Care Connections Workgroup which is charged with making recommendations for facilitating the flow of reliable health information among public health and clinical care systems. The workgroup has identified a minimum data set for biosurveillance reporting and has identified priorities to guide its future work in recommending IT initiatives for exchanging health information, including adverse event reporting, bi-directional communications, disease case reporting and outbreak investigations, and response management.
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--should establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should define activities for ensuring that the various standards-setting organizations coordinate their efforts and reach further consensus on the definition and use of standards.
Closed - Implemented
HHS implemented this recommendation by defining a strategy that includes activities for ensuring that the public and private sectors work together to advance the adoption of health IT standards. These activities are defined in a framework for strategic actions for delivering health IT, which the Secretary approved in July 2004. The strategy charged government-sponsored standards-setting components to develop an interoperable infrastructure to simplify data exchange in order to meet the information needs of public health surveillance and response. In its efforts to implement the strategy, HHS established a public-private partnership involving more than 300 health-related organizations to coordinate standards-setting efforts and reach consensus on the use of data and technical standards. The panel includes members from many of the various standards development organizations that are responsible for defining health IT standards. In its first year, the panel developed detailed interoperability standards related specifically to biosurveillance and the transmission of data from health care delivery organizations to public health systems in support of public health emergency preparedness and response. The panel also developed specific implementation guidance that described how to use the standards. HHS also established a certification commission of public and private partners that defined initial criteria and processes for certifying that certain health information products meet these standards.
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--should establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should establish milestones for defining and implementing all standards.
Closed - Not Implemented
In GAO-06-1071T and other reports and testimonies, we have updated the status of HHS's efforts to define a national health IT strategy and reiterated our finding that HHS had not defined detailed plans and milestones for implementing its strategic plan, including strategies to support public health preparedness and response. While HHS's Health IT Standards Panel has made progress in achieving consensus on specific public health-related IT standards, HHS has not established milestones for implementing standards for public health IT.
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--should establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should create a mechanism--consistent with HIPAA requirements--to monitor the implementation of standards throughout the health care industry.
Closed - Not Implemented
HHS's Health IT Standards Panel continues to work with the American Health Information Community and HITSP member organizations, including standards development organizations, government agencies, and representatives from the health care industry, to achieve consensus on standards for health IT. However, HHS has not established a mechanism for monitoring the implementation of health and public health IT standards throughout the health care industry.
Department of Health and Human Services The Secretary of Health and Human Services, in coordination with other key stakeholders--such as the Secretaries of Defense, Homeland Security, and Veterans Affairs--establish a national IT strategy for public health preparedness and response. This IT strategy should identify steps toward improving the nation's ability to use IT in support of the public health infrastructure. More specifically, it should address existing barriers and establish mechanisms for identifying and prioritizing uses of emerging technologies that are appropriate for ensuring continued improvements to the nation's ability to prepare for and respond to public health emergencies.
Closed - Implemented
On July 21, 2004, HHS issued a framework for nationwide implementation of health IT titled "The Decade of Health Information Technology: Delivering Consumer-centric and Information-rich Health Care." The development of strategies and goals defined in the framework was the department's first step towards establishing a national health IT strategy, which includes public health preparedness and response. HHS, through its contract to study privacy issues introduced by varying state laws and regulations, has identified barriers to information exchange introduced by these issues. The results of the work completed under the contract has identified potential solutions for overcoming these barriers. Additionally, HHS recently removed some barriers to physicians' ability to adopt health imposed by anti-kickback laws. Recent efforts by HHS's population health work group and standards harmonization panel have resulted in solutions and definition of standards to help implement new technologies that support public health activities, such as the inclusion of lab results in electronic health records and the definition of data and communication standards to reduce risks associated with implementing emerging technologies. By taking these actions, HHS has initiated steps to address barriers, such as security concerns, legal ramifications, and risks associated with implementing new IT solutions, that limit the increased use of emerging technologies.

Full Report