A Closer Look at DSI and the HTI-1 Rule

Decision Support Interventions are critical tools in modern healthcare, leveraging data and AI to assist clinicians in making informed decisions. The HTI-1 rule introduces a comprehensive framework for these interventions, emphasizing transparency, security, and accountability. At its core, this new rule is about ensuring that health IT tools are safe, effective, and equitable, supporting clinical decision-making without introducing new risks or biases.

Emphasizing Security and Accountability

The HTI-1 rule still requires the basic modular EHR certification criteria that focus on critical aspects of health IT security:

• Authentication, access control, and authorization: Ensuring that only authorized individuals can access sensitive health information.
• Auditable events and tamper-resistance: Tracking actions within health IT systems to prevent and investigate unauthorized access or modifications.
• Audit reports and automatic access time-out: Facilitating oversight and ensuring that systems are secured when not in use.
• Emergency access and end-user device encryption: Guaranteeing that information is accessible during crises and protected on personal devices.
• Encryption of authentication credentials and multi-factor authentication (MFA): Enhancing the security of login processes and protecting against unauthorized access.

These criteria are not just checkboxes for compliance but foundational elements that safeguard patient data and ensure the integrity of health IT systems.

The Pillars of Algorithm Transparency

Perhaps the most important aspect of the HTI-1 rule is its focus on transparency for DSI. Rather than imposing rigid certification criteria, the rule requires detailed disclosures about the AI and predictive algorithms used in health IT, including:

• The purpose and intended use of the intervention.
• Details about the intervention development, focusing on inclusivity and bias reduction.
• A transparent outline of the intervention's limitations and advised caution in certain contexts.
• Rigorous external validation processes to verify the intervention's performance across diverse settings.
• Ongoing maintenance and fairness assessments to ensure sustained reliability and equity.

We have a full blog post on just this here: https://www.healthuniverse.com/blog/dsi-checklist-health-systems

This level of transparency aims to empower clinicians and health IT professionals with the knowledge to critically evaluate and effectively deploy AI-driven tools.

Setting a New Standard with DSI Data Requirements

The HTI-1 rule's DSI data requirements are comprehensive, covering everything from the intervention's purpose and development details to its performance metrics and maintenance protocols. These requirements not only foster a deeper understanding of how interventions work but also emphasize their fairness and effectiveness in real-world settings.

Intervention Risk Management: Beyond Development

Finally, the DSI certification criteria requires developers use an Intervention Risk Management (IRM) program and highlights the importance of continuous oversight and improvement. Through detailed risk analysis, management, and governance frameworks, developers are encouraged to adopt a proactive stance towards identifying and mitigating potential issues. This approach is crucial in a landscape where digital health interventions can have far-reaching impacts on patient care.

The Road Ahead for CMIOs and CIOs

For CMIOs and CIOs, the HTI-1 necessitates a strategic approach to implementing and managing health IT, with a clear focus on enhancing patient care while ensuring the ethical use of AI and data. By adhering to the rule's guidelines, health systems can not only comply with regulatory requirements but also lead the way in ethical, effective healthcare delivery.

Implementing the HTI-1 rule will require diligent planning, investment in technology and training, and a commitment to ongoing evaluation and improvement. Yet, the benefits—improved patient outcomes, enhanced data security, and the responsible use of AI—are well worth the effort. As health IT continues to evolve, the HTI-1 rule provides a robust framework for navigating this dynamic field, ensuring that innovations in digital health are leveraged responsibly and effectively.

In conclusion, the ONC's HTI-1 rule for DSI is more than just a regulatory requirement; it's a blueprint for the future of healthcare. By embracing its principles, CMIOs and CIOs can ensure their organizations not only meet today's standards but are prepared for the innovations of tomorrow.