DataHealthcareInformation Technology

Data Silos in Healthcare Put Lives at Risk

By Naga Sasidhar Kanaparthy, Clinical Informatics Fellow, Yale University School of Medicine and Fellow at “The Op-Ed Project

Recently, we treated a patient with severe anemia who needed a blood transfusion. Although they responded well for the first few days, they later developed what’s called a delayed hemolytic transfusion reaction. Their own blood cells began attacking them, leading to their death. A more efficient sharing of medical records across systems could have prevented this.

The patient had a lesser-known blood group sub-type called Anti-C, which led to a blood type mismatch. She underwent a test for Anti-C in another state, but we were unaware of it and could not access these records. If we had known, we could have provided a more compatible blood, and they might be alive today.

The recently finalized federal rules on healthcare data aim to improve information sharing between hospitals, a concept known as ‘interoperability,’ to address tragedies like this one. They provide a technical framework and guidance document on how hospitals can connect with each other. However, the challenge is beyond technical issues: There are many challenges, including but not limited to the lack of a universal patient identifier, outdated regulations like HIPAA, and cost concerns.  The rules don’t address the practical challenges hospitals face in actually sharing a patient’s data and ensuring it is available at the right time and when the patient needs it the most, and patients and doctors are still facing the brunt in this day and age. Real progress will require more than just guidance—it will take real investment, cost-effective solutions, and transparent legal frameworks to ensure healthcare systems can share data when it matters most.

Despite mandates and positive intent from the government, interoperability has not reached frontline physicians or prevented patient harm like the one in our patients.

Health Care Data Fortresses

The federal government has tried to facilitate safe healthcare data exchange for decades, starting with the Health Insurance Portability and Accountability Act (HIPAA) in 1996. The 21st Century Cures Act of 2016 was a significant step forward, banning ‘information blocking’ and mandating that hospitals share data with other institutions and with patients. More recently, the introduction of the Trusted Exchange Framework and Common Agreement (TEFCA) enabled nationwide connectivity by creating entities called Qualified Health Information Networks (QHINs).

The 21st Century Cures Act required hospitals to store data electronically, but it didn’t dictate how. Many outsourced this task to EHR vendors, each of whom developed unique systems. As a result, data from one hospital often looks different from another, leading to a standards crisis. Efforts like the United States Core Data for Interoperability (USCDI) and FHIR (Fast Healthcare Interoperability Resources) are helping create a universal data-sharing language.

Despite these efforts, healthcare information still lives in silos, guarded by individual hospital systems and their electronic medical record (EMR) vendors. This fragmentation leads to duplication of care and missed critical information. According to a report from KLAS, 47% of physicians struggle to find patient information from outside organizations. Less than half of the frontline physicians reported that their EHR connects well with other hospitals; Physicians have reported an inability to reconcile and cited inaccuracies.

A potential solution is a national patient identifier, a secure, unique health ID that connects medical records across different institutions. Countries like the UK and Estonia have successfully implemented similar systems to enhance care coordination and prevent gaps in medical history. In the U.S., the Veterans Affairs (VA) health system uses Social Security numbers as patient identifiers, which has proven effective in maintaining continuity of care within the VA. A nationwide system could offer similar benefits while ensuring secure and seamless access to patient records across healthcare settings.

Over-regulation slows progress

HIPAA was designed to protect patient privacy. However, it was written before digital health records and widespread data sharing became a reality. Today, hospitals fear penalties and restrict access, even when data sharing could save lives. While security is essential, the bureaucratic burden of HIPAA compliance often slows progress toward true interoperability.

A better approach is a standardized, patient-controlled consent framework. Instead of a broad federal mandate, patients could grant explicit, tiered permissions for data access based on context—such as emergency care, routine treatment, or research. Similar to banking authentication models, a universal patient data access system could allow authorized providers to retrieve necessary records while maintaining strict privacy controls securely. This approach balances privacy, security, and

accessibility, ensuring that lifesaving data—like blood type and allergies—can be shared efficiently without compromising patient rights.

Growth is not cheap

Access to blood bank records could save lives, such as my patient’s blood transfusion reaction. While non-profit altruistic organizations such as Alloantibody Exchange have invested heavily in sharing blood bank data without a fee, they remain rare exceptions in a fragmented system. Creating this shared system required data scientists to overcome technological barriers and cybersecurity threats while battling regulatory constraints.

The challenge isn’t just technical—it’s financial. Hospitals, especially smaller ones, struggle with the cost of upgrading to interoperable systems.

One way to bridge this gap would be funding small and rural hospitals to modernize their health IT infrastructure and connect to other health systems. Data sharing can be further encouraged by providing federal incentives to compliant hospitals, similar to the government’s 2009 EHR stimulus program, wherein hospitals were given money to invest in EHRs.  Moreover, as the connectivity grows, it will eventually cascade and drive down costs and make seamless data sharing a reality. Finally, to truly close this gap, EHR vendors must be held accountable for ensuring their systems seamlessly integrate with others.

Conclusion

Despite mandates and positive intent from the government, interoperability has not reached frontline physicians or prevented patient harm like the one in our patients. The causes range from regulatory constraints to a lack of data standards and cost barriers. Addressing this issue is neither convenient nor cheap, but it requires commitment.

Regulations like TEFCA are a good start but cannot be the driving force. We need more vigorous enforcement of interoperability standards, financial incentives for hospitals to share data, and accountability for EHR vendors. The benefits go beyond individual patients, doctors, or hospitals—this is about saving lives. Interoperability is not merely a question of convenience; it is a matter of life and death. We can finally dismantle the barriers to seamless healthcare data sharing by collaborating.