The Department of Health and Human Services has issued two new proposed rules designed to enhance interoperability across the health system, facilitate health data sharing and increase patient access to their health information. The long-awaited proposals were announced this week as the Health Information Management Systems Society (HIMSS) launched its 2019 meeting in Orlando.
The Interoperability and Patient Access Proposed Rule, released by the Centers for Medicare and Medicaid Services (CMS), outlines strategies for making patient data more transferable in open, secure, standardized formats. Comments on the proposed rule as well as two requests for information (RFIs) on interoperability and health information technology in post-acute care settings are being accepted until early April. (The exact date will be published soon in the Federal Register.)
"Electronic health information has been stuck in silos and inaccessible for healthcare consumers," CMS Administrator Seema Verma said in a statement. "We ask that members of the healthcare system join forces to provide patients with safe, secure access to, and control over, their healthcare data."
Stating that "timely electronic access to health information makes it easier for people to make more informed decisions about their healthcare needs," CMS proposes to require Medicare Advantage (MA) organizations, state Medicaid and CHIP programs and participants in other federally funded programs to adopt standardized application programming interfaces (APIs) to give patients access to their claims and other health information through third-party applications and developers. The proposal would build on CMS's Blue Button 2.0 API for Medicare fee-for-service beneficiaries, launched last year.
CMS is also proposing to:
- Require CMS program participants to facilitate electronic data exchange that would support care transitions as patients move between plan types. If finalized, the proposal would give an estimated 125 million Americans access to their health information across programs.
- Require program participants to provide patients with access to provider directories through API technology.
- Enable payers and providers in CMS programs to participate in trusted exchange networks that would support the secure and private flow of data nationwide.
- Update the frequency of certain Medicare/Medicaid data on dually eligible beneficiaries from monthly to daily exchanges to improve benefit coordination for this population.
- Motivate clinicians and hospitals to refrain from information blocking (unreasonably limiting availability of electronic health information) by publishing names of clinicians and hospitals that have submitted a "no" response to any of the three attestation statements regarding information blocking prevention in CMS's Promoting Interoperability Program.
- Publicly report the names and National Provider Identifiers (NPIs) of providers who have not added digital contact information to their entries in the National Plan and Provider Enumeration System (NPPES) by the second half of 2020. The NPPES was updated in 2018 to include one or more pieces of digital contact information to facilitate the secure sharing of health data.
- Revise the Conditions of Participation to require hospitals, psychiatric hospitals and critical access hospitals to send electronic notifications when a patient is admitted, discharged or transferred.
The Office of the National Coordinator for Health Information Technology (ONC) has released the 21st Century Cures Act: Interoperability, Information Blocking and the ONC Health IT Certification Program proposed rule.
The rule would implement provisions of the 21st Century Cures Act, including reasonable and necessary activities that do not constitute information blocking. Aligned with the CMS Interoperability proposed rule, the ONC proposal "would support patients in accessing and sharing their electronic health information while giving them the tools to shop for and coordinate their own healthcare," said Don Rucker, national coordinator for health IT, in a statement. Health information networks and health information exchanges that violate the rule could receive a penalty of $1 million for each instance of information blocking.
Under the proposal, an instance in which a patient requests their electronic record and does not receive it, free of charge, could be considered information blocking, according to Elise Sweeney Anthony, director of the ONC Office of Policy, speaking at HIMSS 2019.
The proposed policy identifies seven exceptions in which providers and healthcare IT companies could withhold electronic health data. They are:
- To prevent physical harm to a patient or another person
- To protect privacy, including several sub-exceptions listed by ONC
- To promote cybersecurity
- To recover costs incurred in sharing health data
- To decline a request for data sharing that is "infeasible"
- To license interoperability tools, provided the agreement is fair and reasonable
- To conduct maintenance or improvements to health IT.
Both the CMS and ONC proposed rules "address both technical and healthcare industry factors that create barriers to the interoperability of health information and limit a patient's ability to access essential health information," according to an HHS statement. "Aligning these requirements for payers, healthcare providers, and health IT developers will help to drive an interoperable health IT infrastructure across systems, ensuring providers and patients have access to health data when and where it is needed."