With President Barack Obama’s signature earlier this week, the landmark 21st Century Cures Act was passed into law. The massive 996-page bill covers a wide array of healthcare issues, perhaps most notably focusing on medical research and changing the approval process for new drugs and medical devices.
But the bill also contains a number of provisions directly impacting the healthcare technology industry. As previously reported by Healthcare Informatics, some of the core health IT components of the legislation, as read in the “Title IV—Delivery” section of the law, include encouraging interoperability of electronic health records (EHRs) and patient access to health data, discouraging information blocking, reducing physician documentation burden, as well as creating a reporting system on EHR usability.
Drilling down, the interoperability and information blocking components of the legislation have seemed to garner the most buzz so far. The bill specifically defines interoperability as: (A) enables the secure exchange of electronic health information with, and use of electronic health information from, other health information technology without special effort on the part of the user; (B) allows for complete access, exchange, and use of all electronically accessible health information for authorized use under applicable State or Federal law; and (C) does not constitute information blocking as defined in section 3022(a).
To this end, information blocking is defined in the law as, with respect to a health information technology developer, exchange, or network, business, technical, or organizational practices that, “except as required by law or specified by the Secretary, interferes with, prevents, or materially discourages access, exchange, or use of electronic health information; and the developer, exchange, or network knows, or should know, are likely to interfere with or prevent or materially discourage the access, exchange, or use of electronic health information.” And with respect to a healthcare provider, “such provider knows that such practice is unreasonable and is likely to interfere with, prevent or materially discourage access, exchange or use of electronic health information.”
What’s more, the act creates the EHR Reporting Program which will consist of reporting criteria on the product’s security, user-centered design, interoperability, and conformance to certification testing; among other categories, according to a College of Healthcare Information Management Executives (CHIME) handy crosswalk of the bill’s health IT provisions.
The Cures Act legislation doesn’t come without consequence or penalty, either: regarding information blocking, developers, exchanges, and networks found to have engaged in data blocking and who have submitted a false attestation would be subject to civil monetary penalties not to exceed $1 million per violation.
Certainly, industry stakeholders are paying attention to the bill’s “teeth” around interoperability, as they should be, says Mandy Long, chair of the Healthcare Information and Management Systems Society (HIMSS) EHR Association Clinician Experience Workgroup and vice president of product management at Boca Raton, Fla.-based vendor Modernizing Medicine. “It’s really about the ability and risk of the vendor, because if you are a vendor seen as [engaging] in data blocking, you are able to receive a penalty up to $1 million on a per violation basis. That’s really significant,” Long says. “And there is also the ability to potentially lose your [EHR] certification if you’re not seen as interoperable. Those are very real ramifications and big incentives for vendors do right by their clients. You have an entire client base that’s reliant on you to participate in these quality programs. Vendors will need to make sure they’re listening and acting,” she says.
To this end, Long says that the provider community is well aware of the impact of a product they are using becoming de-certified. “So they’re focused on pushing to make sure their vendors are submitting reporting criteria, listening, and acting so they can continue to leverage that technology. It’s not as simple as switching vendors, which is cost-prohibitive, time-incentive, and challenging to take a legacy system that has decades of patient data and convert that to a new platform. If I were a provider I would be nervous about that,” she says.
Back to the vendor side, Long says that most of vendors she speaks to “know and act on the need to support and empower providers and patients through interoperability,” referring to the many vendors that are in the CommonWell and Carequality data sharing initiatives. She also brings up the newly-created Health Information Technology Advisory Committee that will merge and replace the existing Health IT Policy and Standards Committees. The bill calls for this committee to have “no less than 25 members, no fewer than two who are advocates for patients or consumers of health information technology.” Long asks, “What’s the composition of the group? And what’s the language to look and defer to the standards committees that already exist, and what standards may or may not already be in flight? Will we see them truly leverage some of the things that have been worked on with standards? That remains to be seen,” she says.
To this end, Christine Tremblay, director of product management at West Warwick, R.I.-based vendor Amazing Charts, notes that ONC’s 2015 Edition EHR Certification requires that vendors publish an open application programming interface (API), but no single standard is offered in that rule. In contrast, says Tremblay, “The Cures Act calls for a national API standard that covers authentication, security, auditability, and much deeper data interoperability. Curiously, the act mandates that stakeholders come together and publish API standards in one year. This deadline is simply too aggressive given the time and effort that will be required just to form a public-private partnership of stakeholders,” she adds.
Indeed, although most industry stakeholders and experts have reacted positively to the legislation, there are questions about how aggressive it is in parts. Law firm McDermott Will & Emery released a statement this week that said the health IT provisions “impose challenging requirements on industry participants, and it remains to be seen how the next Secretary of HHS will interpret and comply with those requirements.”
Lisa Schmitz Mazur, who is also a health law partner at McDermott, added in a statement, “Should Congressman Price be confirmed as Secretary of HHS, the industry can likely expect HHS to use the new authority provided to it under the Cures legislation to reduce requirements of the Meaningful Use and Advancing Care Information programs, electronic clinical quality measure reporting requirements and other federal requirements relating to HIT that are perceived to make providers less efficient without improving quality or reducing costs.”
And, in a review of the Cures Act on his blog, John Halamka, M.D., CIO of Boston-based Beth Israel Deaconess Medical Center, wrote, “I’ve written in the past that interoperability really means getting the information necessary for coordination of care to those who need it without too much difficulty. You could read the Cures language as making available every data element for every purpose to every stakeholder with no effort. That is just not realistic.” Halamka added that he recently spoke with the CEO of an EHR company who said he has “committed 600 person years of resources to support the healthcare regulations already issued in the past 10 months.” Halamka further opined, “Asking the EHR vendors to do something vague like support all registries and provide for ‘complete access, exchange, and use of all electronically accessible health information for authorized use under applicable State or Federal law’ is like boiling the ocean with a lighter.”
David Levine, medical director and vice president of advanced analytics and informatics at Irving, Texas-based consultant Vizient, adds, “The legislation takes some measured steps aiming to improve interoperability, but whether it goes far enough, and actually stimulates interoperability remains to be seen.”
Long further notes some of the Act’s vagueness, saying that the way information blocking is defined in the law, it gets to both the developer, through the technology itself via an health information exchange (HIE) or EHR vendor, and the providers.“[Vendors] try to make the ability to get data out of a system flexible no matter who is going to consume it—a patient, an HIE or a provider. So the guidance that comes out after this bill will be interesting. How do they further define data blocking beyond ‘likely to interfere,’ because that’s relatively nebulous,” she says.
Nonetheless, Tremblay notes that the Cures Act also brings a higher level of transparency than has ever been seen before in heath IT. “It proposes a reporting mechanism where information can be published about usability, interoperability, and other measurable criteria by which provides can choose which solution is best for their practice. What’s most interesting about the self-reporting is that vendors can no longer simply say they are interoperable, they also need to provide a real-world example of interoperability, which is much higher bar to reach,” she says.
Long adds that the usability and user-centered design reporting is a big thing she will look for even though not much was written about it. “That is the key to all of it; if you achieve interoperability, that’s one thing, but if you can’t create a user experience that’s intuitive, evolving and serves up that data in a way that makes sense to the user, then it doesn’t work,” she says. “That’s what I keep calling out—it’s critical that we solve both problems at the same time, or we won’t have solved anything.”