Skip to main content

The Department of Health and Human Services (HHS) and Centers for Medicare and Medicaid Services (CMS) published two final rules on interoperability and patient access this week, as required by the 21st Century Cures Act. The rule addresses information blocking practices and aims to give patients more control of their data. 

“The days of patients being kept in the dark are over,” CMS Administrator Seema Verma said in a statement. “In today’s digital age, our health system’s data sharing capacity shouldn’t be mired in the stone age. Unfortunately, data silos continue to fragment care, burden patients, and providers, and drive up costs through repeat tests.”  

Verma added that the rules essentially begin a new chapter in which health plans are required to make patient data available and accessible via their smartphones or preferred device.  

Read David Brailer’s Leadership Matters column: CEOs need to lead on interoperability 

The rules will have a profound impact on providers, payers, health IT developers and other stakeholders. Health Evolution looked through the rules to determine these top takeaways for CEOs.  

Here’s what we found. 

-The clock is ticking. Health care providers, developers, health information exchanges, and health information networks, all have six months after publication of the final rule to comply.  

Hitting payers hard. Payers, with few exceptions, will be required to implement and maintain a secure, standards-based API that allows patients to easily access their claims and encounter information. Payers are also required to make provider directory information publicly available via a standards-based API. These rules are required by Jan 1, 2021.  

Visual communication has to be shared. The rule protects visual communication (screen shots, video) from being blocked by health IT developers, except in limited circumstances. They cannot restrict a public display of a portion of a work subject to copyright protection (without regard to whether the copyright is registered) that would reasonably constitute a “fair use” of that work. 

Transferring requirements. As per the final rule, providers must send an electronic patient event notification of a patient’s admission, discharge, and/or transfer to another health care facility or to another community provider or practitioner. 

There will be a list. By the end of 2019, CMS will publicly report eligible clinicians, hospitals, and critical access hospitals (CAHs) that may be information blocking based on how they attested to certain Promoting Interoperability Program requirements. 

Cost. CMS and HHS estimate that the total cost benefit of its information blocking provisions would range from $1.2 billion to $5.0 billion, with an estimated annual benefit of $3.1 billion. It calculates the benefit using a number of factors including the impact of reducing information blocking (duplicate tests, avoidable hospitalizations and readmissions, ER visits and adverse drug events), the impact of real-world testing and more.  

Exceptions to information blocking. The rule establishes “reasonable and necessary” activities that do not constitute information blocking. The eight exceptions to HHS’ definition of information blocking (there were seven exceptions in the proposed rule) include  

-Promoting patient safety 

-Promoting the privacy of electronic health information (EHI) 

-Promoting the security of EHI 

-Allowing for the recovery of costs reasonably incurred excusing requests that are unreasonable 

-Excusing impacted stakeholders (providers, developers, HIEs, HINs) from responding to requests that are infeasible.  

-Permitting the licensing of interoperability elements on reasonable and non-discriminatory terms 

-Making information temporarily unavailable for health IT usability improvements 

-Allowing for stakeholders to determine a market rate for exchange of EHI.