Final Rules on Interoperability and Information Blocking Released

Yesterday, the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator of Health Information Technology (ONC) released their long-awaited final rules on interoperability and information blocking. 

Much of ONC’s final rule focuses on health IT developers and development activities.  The lengthy rule (1,244 pages in the unofficial version) removes overburdensome regulatory requirements, substantially updates certification criteria and the ONC certification program, adopts a new core data standard, and implements application programming interface (API) standards.  All of these changes are designed to improve interoperability and access.    

More than 500 pages of the rule are dedicated to information blocking provisions, which apply to healthcare providers and health information exchanges and networks as well as health IT developers.   According to ONC, the 21st Century Cures Act directive to prohibit information blocking was born out of concern that some organizations were engaging in practices that unreasonably limited the availability and use of electronic health information.  The ONC found that “[t]hese practices undermine public and private sector investments in the nation’s health IT infrastructure, and frustrate efforts to use modern technologies to improve health care quality and efficiency, accelerate research and innovation, and provide greater value and choice to health care consumers.”  In the proposed rule, ONC estimated that half of all electronic health record developers and a quarter of healthcare providers “routinely engage in information blocking.”

The final rule further defines prohibited information blocking conduct.  In addition, ONC acknowledged that it was possible for some reasonable and necessary activities to implicate the information blocking provisions.  As a result, it adopted eight information blocking exceptions, each with its own detailed set of requirements.  The exceptions relate to the following subject matters: (1) preventing harm; (2) privacy; (3) security; (4) infeasibility; (5) health IT performance; (6) content and manner; (7) fees; and (8) licensing. 

Information blocking rules will have a delayed effective date of six months after publication in the Federal Register.  In a future blog post, I will review the impact of the information blocking rules and exceptions on healthcare providers.  

CMS’s final rule, which is only 474 pages, focuses on interoperability that improves coordination of care.  It requires that Medicare, Medicaid, the Children’s Health Insurance Program and plans on the federally facilitated exchanges share claims and other health information with patients in a safe and secure electronic format through user-friendly Patient Access APIs as of January 1, 2021.  In line with the theme of coordination of care, the rule also creates a new Condition of Participation for hospitals mandating electronic notifications of admission, discharge or transfer of patients to other relevant health care providers.