Premier Urges HHS to Focus on Information Blocking Enforcement

    June 23, 2025
    Policy execs go into detail on Premier’s written response to RFI on data standards, interoperability and value-based care
    ID 272856950 © Joe Hendrickson | Dreamstime.com
    685974f85a99b53282c57d36 Dreamstime L 310911369

    Health IT stakeholders have been busy this spring crafting responses to a Request for Information from CMS and ASTP/ONC seeking suggestions about approaches to data standards, interoperability and value-based care, among other things. Healthcare Innovation recently spoke with execs from technology-driven healthcare improvement company Premier Inc. (NASDAQ: PINC) about the comments they submitted. 

    Joining the conversation were Mason Ingram, senior director of government affairs at Premier, along with Ryan Nellis, general manager at Premier’s Stanson Health, and Matt Simko, vice president of product management.

    Healthcare Innovation: I thought we could start by talking about the privacy and cybersecurity framework. Your comments say that one of the greatest barriers to digital health innovation is the lack of a single federal privacy law. Could talk about how that hampers health innovation and what you'd envision with a single federal law?

    Ingram: One thing that innovators in healthcare IT have to deal with is if they are interested in selling a product in multiple states, for example, or operating a health system in multiple states, there is currently no comprehensive federal privacy law that governs data writ large. We have HIPAA, but in the absence of a standardized federal legislative approach to privacy policy, what’s happened is there's a significant patchwork of different state privacy policies have emerged. It's extremely administratively burdensome to maintain a privacy compliance framework for every single state. 

    We have long supported a federal privacy standard that would preempt the existing state privacy frameworks such that no matter where you go across the country you would have the same privacy standard. Premier is hopeful that, the 119th Congress will take up privacy as a legislative priority in the future, perhaps focusing more specifically on health care, which has its own unique complications when it comes to privacy, as opposed to looking at privacy broadly.

    HCI: Would enforcement have to be strengthened at the federal level to match that kind of law?

    Ingram: If Congress were to take an approach to privacy policy that looked at healthcare specifically, you can envision a framework that builds on the existing HIPAA framework. You may note that there are a number of technologies and ways of exchanging data that currently fall outside of what the authors of HIPAA could ever have contemplated, and Premier thinks it's really important to extend HIPAA-like protections.

    Premier would hope that the Congress and the administration would take up an approach that would not necessarily re-litigate all of the existing HIPAA statute. I think there's a more narrow approach that takes the lessons that we've learned from HIPAA and extends HIPAA-like protections onto some of these novel ways of exchanging data. I think another priority for crafting a lasting privacy framework at the federal level is ensuring that any approach is technology-agnostic.

    HCI: What else would you like to see the federal government do about cybersecurity. A lot of small hospitals and health systems describe more requirements as unfunded mandates. 

    Ingram: What Premier would like to see, especially from a regulatory perspective, is a cybersecurity framework that moves away from a checklist-based approach to satisfying compliance requirements, more towards, a recognition of some of the very difficult to attain, cybersecurity and data security frameworks and standards to which many of the hospitals and health systems that we work with are already subscribed to and complying with. So building upon the good work that's already being done, in a market-aligned way with best practices for cybersecurity.

    HCI: I wanted to shift to the topic of data standardization. It seemed like your comments were fairly critical of industry and federal approaches to FHIR APIs and the data elements of USCDI. Premier’s comments say that this approach limits the usefulness of the standardization outside of specific use cases. So is the focus on FHIR and USCDI too limited or too limiting? And Is there a different approach that you're advocating?

    Ingram: I would say at a high level Premier’s recommendation around data standardization is to pick one standard and ensure that it is as useful as possible to accomplish the administration's goals. So whether that standard be USCDI or some of the FHIR-based capabilities, there are pros and cons to any data standard that you select. You may have noted in Premier's response, we called out some operational issues that may arise with bulk FHIR transfers. It’s really important to Premier and our members that data be useful, not just for direct patient care and a cumulative record of patient/provider interactions, but also that that data be usable for quality improvement and benchmarking across different providers. We're looking for the advancement of a standard that enables large amounts of data to be communicated back and forth between providers, between quality improvement contractors, and with CMS.

    HCI: Your comments suggest leveraging the certified EHR criteria to require EHR vendors to report data like quality measures, ADT notifications, and labs using standardized data elements. So is that pretty straightforward? If so, why hasn't that already been done?

    Ingram: Of course, there is always a push and pull between what should be required as a baseline component of certification standards and what capabilities are optional for EHR vendors to unlock and build into their technology platforms. I think that the right incentives have not been in place to align the business interests of the EHR vendors and the goals of a population health-based approach to healthcare. As you noted, in Premier’s comment letter we have some specific recommendations around the ways that ASTP/ONC can leverage the existing authorities to bring those incentives to the table for the EHR vendors. Premier’s recommendation is that now is the time to include additional requirements for certification to ensure that incentives are appropriately aligned as the speed of technology innovation gets faster and faster.

    HCI: Premier also had some strong statements about information blocking. Your letter said that CMS and ONC should “comprehensively address information blocking before the healthcare data becomes further trapped in a limited number of competing vendor ecosystems.” Could you first give a brief assessment or critique of how information blocking rules have been promulgated and enforced so far and and what it's going to take to have a bigger impact with those rules?

    Ingram: One of the most impactful regulatory actions the administration could take is actually defining information blocking. To date, the regulatory framework from Meaningful Use all the way up to today, has really considered information blocking through a series of exceptions.

    One scenario could feel very much like a bottlenecking of data exchange, but if you compare that scenario against the series of exceptions, and it falls into one of the exceptions, that bottlenecking is allowed under the current regulatory framework. You can imagine that taking every single individual use case of data exchange and having to compare it against the menu of different options that serve as exceptions gets extremely complicated. It can be very difficult for providers, EHR vendors, all the different nodes in the healthcare technology ecosystem, to ensure consistent compliance and interpretation of whether or not a form of data sharing or resistance to data sharing falls into information blocking or not.

    HCI: And then it can become very litigious, too, right?

    Ingram: Exactly. So streamlining and defining information blocking and moving away from an exceptions-based process to a process in which HHS really looks at data exchange and decides what is appropriate and what is inappropriate to ensure clear and consistent compliance will also really reduce the administrative burden associated with seeking to comply with the information blocking regulations. 

    Second, I think that given the number of frameworks for defining how technology should be used meaningfully, there are some significant gray areas. And when faced with gray areas, innovators are going to innovate. Some of those innovations have not created an aligned set of priorities for data exchange between providers, payers, vendors, and patients. It’s really important to Premier to ensure that all of the different nodes in the  healthcare data ecosystem are brought to the table in an even and equal way when crafting a regulatory framework. 

    Right now, the interoperability regulatory framework is just a series of remnants of regulations that are built upon one another. Now is the time for HHS to take a step back, look comprehensively across all of the different nodes in the healthcare data ecosystem and ensure that no one of those nodes has disproportionate power over data transmission or data blocking than any other pieces of that ecosystem.

    HCI: You know, it seems to me that asking HHS to take a stronger enforcement approach on information blocking runs counter to what Republican administrations typically do. I would say that the general feeling is that they traditionally want a hands-off, free-market approach to things in general, rather than more regulations and fines. The same thing is true about investing in public health infrastructure, which Premier calls for. I mean, we've seen lots of cuts at the CDC. Saying that they're going to invest in public health infrastructure seems a stretch at this point.

    Ingram: There are a number of recommendations that we have included that take a step back and think completely agnostic to political leadership about what is the most appropriate foundation for a health technology ecosystem. You have a number of small startup firms who are very interested in participating in TEFCA, for example, perhaps applying to be QHINs, getting a piece of market share in the EHR market, and Premier is very supportive of increased market competition in this arena. But it is very, very difficult for the smaller, newer startup firms to get a foothold in a market in which some of the more seasoned, larger players already have such significant infrastructure that is proprietary to the way that they do business. So a number of our recommendations really are aligned to attempting to create a more competitive market and reduce barriers to entry.

    HCI: And one of the recommendations is to impose a user fee for the certification program proportional to EHR vendor revenue that they could use for the information blocking complaint investigations…

    Ingram: That's right. We really saw that and other of our recommendations as an attempt to appropriately level the playing field and ensure that there are not significant market barriers to some of the smaller firms who are really injecting innovation into the ecosystem. 

    HCI: You mentioned TEFCA. Do you think we are going to see the same level of enthusiasm about it that we saw in the last administration?

    Ingram: At a recent meeting that CMS held to bring stakeholders together to discuss the health tech RFI, CMS did make a public announcement that the agency is interested in participation in a trusted exchange. There was no mention specifically of TEFCA. I believe that that was a calculated characterization of participation in a trusted exchange, not exclusively named TEFCA. So that remains to meet to be seen. There are certainly a number of health technology policy folks who are trying to prognosticate what exactly that means. 

    HCI: Turning to electronic clinical quality measures, Premier says that the timeline proposed by CMS is untenable. So what should CMS do if it wants to maintain momentum on eCQMs, but not have something that frustrates or overwhelms provider organizations?

    Ingram: That’s a great question. Premier has had a number of recommendations in this space over the years. CMS has expressed more and more interest in leveraging eCQMs for quality reporting. One thing that would be really helpful for the administration to consider is bringing together stakeholders from both the provider groups and vendor groups to ensure that the technological capabilities are in place for the administration to make progress toward its goals. 

    In addition to some of the administrative burden requirements on providers involved in taking different pieces of electronic data from different places to ensure compliance with the eCQM reporting, there are some technological limitations in the existing EHR infrastructure. Premier would be interested in the administration gathering together all of the stakeholders in the eCQM conversation and ensuring that incentives are aligned to get the technology right to accomplish the quality goals.

    HCI: Is it possible that large language models are going to be able to ferret out a lot of this information and pull it together in a way that people have struggled with in the past?

    Simko: We’ve been working on all these standards for decades, and that was pre-large language models. So now, as we think ahead, you can't introduce a technology as powerful as LLMs and then think that the way we've been approaching standards is not going to be impacted by that. Do we still have the right priorities? Are we still thinking about this the right way, given that we now live in the age of generative AI?

    We've played a pretty big role in the definition of a lot of these things in the past, and it was always from the perspective of thinking about discrete data. Everything had to be neatly organized, and there had to be all these things that establish the meanings of all the things you're exchanging. But when you have LLMs, there's not as much of a need for that, but there is definitely a need for lots of data to be exchanged, unlocked, made available. So things like bulk FHIR become very important, because it's not so much about worrying about trying to figure out a way to structure all these notes and get everything labeled so that it can be processed by discrete rules. Now it's more just that there's all this data being generated, and if we can't move it around efficiently, we're not going to be able to leverage the generative AI. 

    Nellis: One of the use cases we just showcased last week is helping clinicians with pre-visit, during visit and post-visit process, providing massive amounts of information with high accuracy in a split second to say: Tell me what I need to know about the patient who is coming in. What do we need to do to make sure he has a successful visit for his quality and our business outcomes? What do the physicians need to do? What do the CDI [clinical documentation improvement] teams need to do? What do the scheduling teams need to do? So there are just so many use cases like that where you can use these things to process so much information with high accuracy, but ou have to have a commercial grade process to fine-tune the models to work out bias. So we're definitely putting the investment in that area at Premier.

     

    Continue Reading

    Sponsored Recommendations

    Streamline waste disposal, simplify compliance, and reduce unnecessary costs. This guide shows how MedPro helps practices cut confusion, not corners, while supporting over 40,...
    The patient experience doesn’t fall to just one department. Learn how your physical security system can improve safety and security, and help contribute to a positive patient ...
    Discover how identity data impacts patient safety, experience, and your system’s bottom line — and how Banner Health built a compelling case for change.
    Streamline waste disposal, simplify compliance, and reduce unnecessary costs. This guide shows how MedPro helps practices cut confusion, not corners, while supporting over 40,...