Washington Debrief: Interoperability Bill Would Penalize Non-Compliant Vendors

Key Takeaway: Legislation expected to be included in the House 21st Century Cures package would define interoperability for qualified EHRs, dismantle the Health IT Policy and Standards Committees and penalize vendors and providers who block information or fail to meet interoperability criteria in 2019.

Why it Matters: Congress has increasingly voiced criticism over the lack of interoperability among participants of the Electronic Health Record (EHR) Incentive Program, and now House lawmakers have initiated an approach to legislating health information exchange.

Representative Burgess (R-TX-12) last week circulated draft legislation meant to require interoperability among EHR vendors and providers by 2018. The main provisions of the bill would (1) create a private sector-led Charter Organization to develop methods to measure compliance with interoperability criteria, and (2) require conformance to these methods by 2018, with penalties for nonconformance levied in 2019 for both vendors and providers. Additional requirements of the bill would have the Department of Health and Human Services (HHS) submit to Congress by July 1, 2016:

1. The initial set of methods;

2. Strategies for achieving widespread interoperability;

3. An overview of progress made to date;

4. Interop barriers; and

5. A Plan, with milestones and specific steps to achieve widespread interoperability.

Then, HHS would have a year and half, by Dec. 31, 2017, to determine final interoperability methods that vendors must build to and providers would have to implement. Beginning in 2019, vendors or providers who were noncompliant would be in line for penalties.

Key Takeaway: Draft data breach legislation has been released by members of the House Committee on Energy & Commerce focused on organizations under the jurisdiction of the Federal Trade Commission (FTC).

Why It Matters: Congressional leaders have taken note of the disjointed state of policies that govern data protection and notification protocols in the event of a breach. The “Data Security and Breach Notification Act” released by Representative Marsha Blackburn (R-TN-07) and Representative Peter Welch (D-VT-AL), both members of the Commerce, Manufacturing and Trade Subcommittee, is a plan to help guard sensitive consumer information and to protect individuals from the consequences of cyber attacks.

The draft proposal would require certain entities that collect and maintain personal information of individuals to secure such information and to provide notice to such individuals in the case of a breach of security, Health Insurance Portability and Accountability Act (HIPAA) covered entities have been excluded from the draft proposal. The legislation would replace the current patchwork of laws with a single, national standard for protection and notification. 

The Subcommittee will review the draft legislation at hearing on Wednesday, March 18, which will include witnesses from the FTC.

Key Takeaway: Negotiations continue on Capitol Hill as lawmakers seek a permanent solution to replace the flawed Medicare formula for physician reimbursement. Meanwhile, speculation points to a temporary patch (of one-to-three months), to avoid a 21.2 percent cut in Medicare reimbursement rates from occurring at the end of March.

Why It Matters: Lawmakers are seeking a permanent fix to avoid more temporary patches to prevent cuts in physicians’ payments, which Congress has employed 17 times since 1997.

The cost of eliminating the Sustainable Growth Rate (SGR) formula, is estimated to cost $175 billion. The estimate includes the cost of extending expiring Medicare programs, including reimbursements for community hospitals, which have been typically extended in prior “doc-fix” legislation. Legislators have indicated the addition of a two-year extension of the Children's Health Insurance Program (CHIP) which cut push costs to exceed $200 billion.

Any permanent solution could be a hard sell for fiscally conservative members of the House as it remains unclear how much of the legislation will be “paid-for.” 

 The good news is there has been no indication that a delay in the implementation of ICD-10 would be coupled with a “doc-fix” deal, temporary or permanent. However, CHIME continues to monitor the issue.