Last week, Dr. Karen DeSalvo stepped down after a two-and-a-half-year tenure heading up the Office of the National Coordinator for Health IT, handing the keys over to former principal deputy director Vindell Washington. DeSalvo took on the post of National Coordinator at the beginning of 2014, after a brief stint by Dr. Jacob Reider and a two-year tenure by Dr. Farzad Mostashari.

"Under [DeSalvo's] leadership, ONC has advanced interoperability across the health system – which underpins progress on a wide range of Department and Administration priorities,” HHS Secretary Burwell wrote in an email announcing the change. “During her tenure, ONC has worked with other federal partners and the private sector to update the Federal Health IT Strategic Plan and develop a Nationwide Interoperability Roadmap, both of which chart a person-centered path for improving health outcomes by unlocking health data through tools like open application programming interfaces (APIs).”

Read on below for some of the highlights of DeSalvo's time at the ONC from a digital health perspective.

Blue Button Connector. Despite a delay caused by, among other things, the government shut down, ONC launched the Blue Button Connector in February 2014. The Blue Button Connector, part of ONC's larger Blue Button initiative, is a government website which helps patients connect to their providers to get access to their own health data. 

ONC's first app. In April 2014, ONC launched its first app: a tool to help small- to medium-sized healthcare practices better assess security issues and risks associated with HIPAA. Co-launched with the HHS Office for Civil Rights (OCR) and the HHS Office of the General Counsel (OGC), the app reorganizes some of the content of the HIPAA Security Rule into 156 questions that aim to help providers conduct and document security assessments. Within the app a "yes" or "no" answer to each of these questions could trigger suggestions for action the practice may need to take. 

Meaningful Use Stage 3. In March 2015, ONC released the proposed 2015 certification criteria for EHRs. In October, the final guidelines were published, including language that requires providers to incorporate patient-generated health data into the EHR for 5 percent of all unique patients.

Consumer telehealth whitepaper. In September 2015, ONC released a whitepaper, based on a workshop held in April, on designing telehealth and remote visits for consumers. The 20-page document is interesting, extensive, and hits on some good points about how to make telehealth convenient and effective for consumers, though we noted at the time it omitted some valuable perspectives.

Patient generated health data framework. At HIMSS in 2016, Accenture Federal Services announced a two-year consulting contract with the ONC to help the federal government create a framework for collecting and using patient generated health data in both research and clinical care. Accenture executives told MobiHealthNews that this framework is an important first step toward creating standards that would make patient generated health data more interoperable.

FHIR developer challenges. Also at HIMSS, DeSalvo announced three new developer challenges that aim to advance interoperability via the emerging FHIR standard. The “challenge grants” have three streams: a consumer-facing, vendor neutral app based on FHIR (Fast Healthcare Interoperability Resources), a provider-facing app, and a discovery place where people can go to download those apps. DeSalvo said the intent is “to create a world that is more Internet-like,” more akin to the technological advancements that Americans are accustomed to in banking, retail and so many other industries.

Online patient engagement resources. Earlier this summer, ONC launched two new online tools to connect patients to their data: a series of consumer-facing videos to educate patients about their data access rights and a provider-facing “Patient Engagement Playbook” to walk hospitals through the steps to patient engagement.

Protecting patient data outside HIPAA. The ONC issued a report to Congress in July laying out the gaps that exist in health data protection. The report opines at length about non-covered entities (NCEs), the large swath of consumer-facing companies that aren’t subject to HIPAA. While the report doesn’t lay out a plan for shoring up health data privacy concerns that fall outside of HIPAA, it offers a starting point for creating such a solution by attempting to lay out the exact boundaries of the problem.