In Final Interoperability Rule, Stakeholders Closely Examine Information-Blocking Elements

May 20, 2020
Experts believe that new policies will significantly impact business operations and behaviors moving forward

With the release of final regulations from both the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare & Medicaid Services (CMS) earlier this year, federal health officials delivered a clear message to industry stakeholders, one they have been constructing for at least a few years: that patients need to be more in control of their healthcare, and giving them easier access to their data is the first principal step in making that happen.

Of course, when one pulls back the curtains, it’s apparent that the regulations from ONC and CMS are full of complexities and details that will need to be further ironed out—as evident by the nearly 1,800 pages the rules are written on. They apply to all hospitals, physicians, and health plans that receive any reimbursement through either the Medicare or Medicaid programs. They also affect the technology vendors that these organizations use.

Broadly, the final ONC rule ups the ante for providers, health IT vendors, health information exchanges (HIEs), and health information networks, via its information-blocking provisions. While the information-blocking concept was originally defined by Congress in the 21st Century Cures Act, ONC was tasked to define what doesn’t constitute data blocking. As such, the final rule clarifies where penalties will be enforced and exceptions granted; it’s expected that enforcement of the information-blocking provisions will begin sometime this fall, though the COVID-19 pandemic might push that date back.

From the provider perspective

Genevieve Morris, the founder of Integral Health Strategies, a health IT policy and strategic consulting firm, and former deputy national coordinator for the ONC, knows a thing or two about developing health IT policy, as she previously led the department’s work on the Trusted Exchange Framework and Common Agreement (TEFCA), a federal plan to jolt healthcare interoperability via a single on-ramp for participants. She says that while ONC and the Office of Inspector General (OIG) cannot levy penalties or fines for healthcare providers, via the final rule’s terms, that doesn’t mean this stakeholder segment is off the hook; to the contrary, in fact.

This is because via CMS’ Promoting Interoperability program, eligible hospitals and providers have to attest they are in good faith when implementing and using their electronic health records (EHRs) to exchange data. “It’s important for health systems to understand that if you attest you aren’t information blocking and then you get investigated for an information-blocking claim, which OIG will [inspect], and you are found to have data blocked, you will get penalized for the year you attested falsely.”

On the provider side, she continues, “You would potentially owe money back if you were able to get incentive funds in the Promoting Interoperability [program]. And you would also be liable for penalties under the False Claims Act for because you falsely attested to a CMS program,” explains Morris. I don’t think a lot of health systems realize this. They don’t have to figure out if they [qualify] for information blocking. They are in, for sure.”

Morris believes the outcome of this, from a provider perspective, will be that every single health system and provider practice will need a compliance program demonstrating why they’re not sharing data for particular reasons, that they meet one of the exceptions outlined by ONC, and that they’re following the rules when it comes to business associate agreements. “That’s a lot to have in place and a lot of providers probably haven’t thought through the massive lift that will be,” she contends.

How vendors will be impacted

When the government announced the proposed versions of the two rules at the 2019 HIMSS conference, CMS Administrator Seema Verma stated at the meeting that some hospitals actually have to ask their technology vendors—who they are already paying—for permission to use their own data. Is this a reality that’s being experienced in the marketplace?

Morris says there’s a large dichotomy. She’s seen some vendors “jack up the prices for creating interfaces [for their customers]. And I have seen [such] unreasonable numbers for what they are quoting—numbers that would shock you,” she contends. Conversely, she also knows that some other vendors believe charging for custom interfaces on top of everything else isn’t where money should be made and is part of what the company does as its core business. “These folks understand that in some ways this is a public good, and part and parcel of what you pay for with an EHR system,” says Morris.

In the ONC rule, “reasonable profit margin” is one of the allowed data-blocking exceptions, meaning vendors are allowed to charge fees, but they will be regulated. So, the vendors that do charge $50,000 for a practice to create an interface to a health information exchange (HIE), for instance, will have to change their fee structures, says Morris. “It costs money to run a business and pay engineers, but that’s very different than the price gouging I have seen,” she says.

Paul Wilder, the new executive director of the CommonWell Health Alliance, an organization that provides interoperability services for its members—most of which are EHR vendors—admits that some interface fees “are ridiculous.” However, he contends that vendors would drop their prices if all their competitors did the same.

He says that in an ideal world, there would be a set deadline for when vendors need to make their services and fees transparent to the market. That way, there won’t be the “first-mover disadvantage to being an information sharer” that exists today, he says. Rather, packaging services in a bundle at the onset would lead to higher transparency and avoid situations in which customers have to pay extra for a bolt-on three years after purchasing the original product, Wilder explains. “By setting a deadline, information blocking gets rid a lot of the game-theory trickery that you have had in the past,” he says.

Exceptions to the rule

Although information sharing is critical to improving U.S. healthcare, there are also very legitimate instances in which data exchange can’t happen, notes Micky Tripathi, Ph.D., president and CEO of the Massachusetts eHealth Collaborative. As he explains it, those exceptions fall under two categories: one being that the entity is not fulfilling a data-sharing request for a certain reason, and the other being around fulfilling such a request, but in a different way than what was expected.

One example of an allowed exception, Tripathi offers, could be that an organization didn’t share the diagnostic results of a pathology report suggesting a patient has cancer. “Maybe [as the provider], I say I won’t releasee that data via an app because I want to talk to the patient first. That’s a legitimate use case and I want to make an exception for this,” he says. An app presenting a security issue for the host organization is another example of an authentic exception, he adds. Another might be that the data being requested is bundled and the entity on the other end cannot parse it out. This would fall under the infeasibility justification.

According to Morris, ONC has already stated that information-blocking investigations and penalties will evolve much like case law evolves in other sectors. “So as they go through their investigations, they will build out more examples of what is allowed and what’s not, and what’s reasonable for exchanging data and what’s not,” she says.

Notably, Morris also notes there is an expectation that industry stakeholders “will leverage an information blocking complaint as a way to hurt their competitors.” Ultimately, however, Wilder advises that organizations should not structure programs around trying to leverage the exceptions. “It’s better to start in the other direction and figure out how to [comply] with the rule.” 

Sponsored Recommendations

Trailblazing Technologies: Looking at the Top Technologies for the Emerging U.S. Healthcare System

Register for the first session of the Healthcare Innovation Spotlight Series today to learn more about 'Healthcare's New Promise: Generative AI', the latest technology that is...

Data: The Bedrock of Digital Engagement

Join us on March 21st to discover how data serves as the cornerstone of digital engagement in healthcare. Learn from Frederick Health's transformative journey and gain practical...

Northeast Georgia Health System: Scaling Digital Transformation in a Competitive Market

Find out how Northeast Georgia Health System (NGHS) enabled digital access to achieve new patient acquisition goals in Georgia's highly competitive healthcare market.

2023 Care Access Benchmark Report for Healthcare Organizations

To manage growing consumer expectations and shrinking staff resources, forward-thinking healthcare organizations have adopted digital strategies, but recent research shows that...