Recognizing the immense resources and focus that healthcare organizations are having to devote to COVID-19, CMS said this week that it would give payers and providers more time to implement parts of its new interoperability rules. The Office of the National Coordinator for Health Information Technology also said it would delay enforcement of certain provisions.
“To support that important work and the information sharing efforts we are already seeing, ONC intends to exercise enforcement discretion for 3 months at the end of certain ONC Health IT Certification Program compliance dates associated with the ONC Cures Act Final Rule to provide flexibility while ensuring the goals of the rule remain on track,” Don Rucker, national coordinator for health information technology, said in a statement.
The first CMS deadline had been scheduled to hit late in 2020, requiring hospitals to make electronic notification to other providers such as post-acute care centers or primary care physicians when patients are admitted, discharged and transferred. That deadline has been pushed back six months, until spring 2021.
Payers in CMS-regulated programs have a Jan. 1, 2021, deadline for helping make patient claims and encounter, cost and some clinical information available through a patient access application programming interface, or API. The rule also requires a provider directory API. CMS said in its announcement that it will not enforce those two new API requirements until July 1, 2021. The schedule for other provisions, such as the January 2022 deadline for payers sharing information with other payers as patients change plans, remains the same.
Also this week, the Office of Inspector General for HHS issued the proposed rule for civil money penalties related to information blocking.
HRI impact analysis
The timelines have been the source of industry concern since they were proposed in February 2019, as healthcare organizations worried about the burden of meeting the requirements as well as what a freer flow of patient health data would mean for patient privacy. The final rules were released March 9 amid widespread preparations around COVID-19 by healthcare providers and payers.
As an HRI report has shown, the regulations call for a whole organizational response from providers and payers, as many of these provisions require new processes, workflows, investments, strategies and considerations of new risks that could emerge in this new environment.
Increased healthcare data sharing has been a goal of the Trump administration, as even HHS Secretary Alex Azar and CMS Administrator Seema Verma expressed frustration with how the lack of an interoperable healthcare system impeded their own families’ care.
Coalitions of healthcare stakeholders—including payers, patient groups, tech companies and pharmaceutical firms—have also pressed for better data sharing to help put patients in charge of their health and to help healthcare organizations achieve better outcomes.
Beyond the timeline concerns, the rules have raised worries that the involvement of third-party app developers could mean that patient data could be misused, as the Health Insurance Portability and Accountability Act (HIPAA) would not apply in all cases. (More from HRI on the privacy concerns.)