As providers move toward managing—and assuming financial risk for—patient populations, the American Hospital Association has called on Congress to increase access to patient data across the care continuum while protecting the privacy of patients.

In an August 12 letter, addressed to Sens. Ron Wyden (D-Ore) and Charles Grassley (R-Idaho), Richard Pollack, executive vice president, AHA, notes that just 5 percent of all physician claims data and no data from the Medicare Part D drug program are made available to providers. Also, CMS makes available a limited Medicare Provider Analysis and Review (MedPAR) data set for inpatient hospital discharges, but withholds an enhanced version that includes encrypted beneficiary identifiers and dates of services.

“To accurately assess performance, support risk-based contracting and identify opportunities for improvement, it has been increasingly important to collect an analyze data along every point of the care continuum,” he wrote.

The datasets identified by the AHA as necessary to accelerate improvements in healthcare quality and value are:

• 100 percent of Part B Carrier and Part B Durable Medical Equipment limited data set standard analytic files;

• Part D prescription drug data;

•costs, quality and utilization data for Medicare Advantage enrollees, 28 percent of all Medicare beneficiaries in 2013; and

• the expanded set of Medicare Provider Analysis and Review (MedPAR) data, used by CMS for rulemaking but not publicly available.

Pollack also asked that CMS streamline the request process for research identifiable files that contain beneficiary-level, protected health information. Requests are reviewed by the agency’s privacy board, and current approvals can take from three to four months from time of initial request, and each approval is applicable to a one-time use only.

The AHA also requested that data be released quarterly to reduce the current lag time, which is generally seven months. “This makes it very difficult to evaluate the implications of policy changes,” Pollack wrote. “For example, the two-midnight policy went into effect on Oct. 1, 2013. Data on this policy will first be available in the spring of 2015.”

The letter also expresses support for the Medicare Data Access for Transparency and Accountability Act (S. 1180), introduced by Sens Grassley and Wyden, but ends with a cautionary note about who should have access to claims data.

“Some entrepreneurs and data-mining companies seek access to individual and facility-level data for commercial purposes,” Pollack writes. “However, we caution that the privacy rules for these relatively new entrants in the health care field are different from those that govern health care providers and are generally less rigorous.”

The AHA urged CMS to exercise “all due caution” when asking HIPAA-covered entities to make information available to non-HIPAA-covered entities.