Federal regulators plan to seek public comments on whether the HIPAA rules create barriers to sharing patient information among healthcare providers, hampering the ability to coordinate care.
But some regulatory experts argue the problem is not the rules, but misunderstandings about what they allow.
In a “pre-rule” entry added this week to the Office of Management and Budget regulatory agenda website, the Department of Health and Human Services’ Office for Civil Rights indicates that it will issue this fall a request for information that “would solicit the public’s views on whether there are provisions of the HIPAA rules which present barriers that limit or discourage coordinated care and case management.”
OCR will ask for feedback on whether HIPAA poses barriers in patient information sharing among hospitals, physicians, payers and patients. It will ask whether HIPAA imposes regulatory burdens that may impede the transformation to value-based healthcare, in which providers are paid based on patient outcomes.
OCR plans to seek comments on:
- The creation of a safe harbor for “good faith disclosures” of PHI for purposes of care coordination or case management;
- Disclosures of PHI without a patient’s authorization for treatment, payment and healthcare operations, as HIPAA already allows;
- The HIPAA “minimum necessary” requirement, which requires covered entities to take reasonable steps to limit the use or disclosure of, and requests for, PHI to the least amount necessary to accomplish an intended purpose;
- Methods of accounting for all disclosures of a patient’s protected health information;
- Patients’ acknowledgment of receipt of a providers’ notice of privacy practices.
The upcoming request for information is being produced to support a recently launched HHS initiative called the Regulatory Sprint to Coordinated Care, which has a goal of removing “regulatory barriers that impede coordinated, value-based healthcare, according to the entry on the OMB site.