Keen on giving Americans in federally-funded programs more control over their healthcare, the U.S. Department of Health and Human Services (HHS) has been working closely with past and present administrations to establish regulations governing electronic health information (EHI).
On March 4, the Office of the National Coordinator for Health Information Technology (ONC) published a proposed rule to implement certain key provisions in the 21st Century Cures Act of 2016, which are broadly categorized as:
- Interoperability,
- Information blocking, and the
- ONC Health IT Certification Program
In addition to implementing the definition of “information blocking,” the 21st Century Cures Act (at Sec. 4004) authorizes the secretary of HHS to identify reasonable and necessary activities that do not constitute information blocking.
What Is Information Blocking?
Information blocking, as defined in section 3022(a) of the Public Health Service Act, is any action an “actor” takes that is likely to interfere with, prevent, or materially discourage access, exchange, or use of electronic health information.
Who Is Held to Information Blocking Regulations?
“Actors” regulated by the information blocking provisions include healthcare providers, health IT developers of certified health IT, health information exchanges, and health information networks.
The 21st Century Cures Act (Sec. 3022(a)(7)) clarifies, however:
In carrying out this section, the Secretary shall ensure that health care providers are not penalized for the failure of developers of health information technology or other entities offering health information technology to such providers to ensure that such technology meets the requirements to be certified under this title.
During the initial comment period, the Ambulatory Surgical Center Association (ASCA) commented on the information blocking provision in the ONC’s proposed rule:
“ONC proposes to use the definition of ‘provider’ as found in Section 3000(3) of the Public Health Service Act (PHSA). This definition explicitly includes ambulatory surgical centers. … While supporting the intent of the proposal, ASCA urges ONC to include an exemption for ASCs and other provider types that do not have access to certified EHRs and the EHI contained within.”
What Are the Proposed Exceptions?
The ASCA may not have anything to worry about, though, provided they are in compliance with HIPAA Privacy and Security laws. The ONC is proposing (at 45 CFR 171.201-207) seven exceptions for when it would not be information blocking for healthcare providers and other actors to engage in certain recognized privacy-protective practices that interfere with the access, exchange, or use of electronic health information (EHI). They are:
- Preventing harm
- Promoting the privacy of EHI
- Promoting the security of EHI
- Recovering costs reasonably incurred
- Responding to requests that are infeasible
- Licensing of interoperability elements on reasonable and non-discriminatory terms
- Maintaining and improving health IT performance
Comment Period Extended
At press time, 753 comments on the proposed rule were received — most from the general public, with a helping from special interest groups.
A few stakeholders requested a 30-day extension, including the American Hospital Association (AHA):
“The additional time would afford all stakeholders the opportunity to fully understand the scope of the proposed rules and provide thoughtful input on how best to shape the interoperability landscape for decades to come,” wrote AHA Executive Vice President Thomas P. Nickels in a letter addressed to the Centers for Medicare & Medicaid Services (CMS) Administrator Seema Verma.
The public comment period for ONC’s 21st Century Cures Act proposed rule has since been extended an additional 30 days, from May 3 to June 3.
Public comments may be submitted to HHS online.