Deputy National Coordinator for Health IT Steven Posnack wrote a blog post on the ONC website last week, offering eight reminders and advice for IT and information network providers, developers, and providers. the 21st Century Healing Act’s information blocking rules. The rules will expand in scope on Thursday, October 6, even if confusion remains between some of the entities bound by them.
That date represents “the end of the more than two-year stretch that has been put in place for information blocking regulations,” Posnack said.
Starting this week, the rule’s limited definition of “electronic health information” will be lifted – expanding the variety and types of data that organizations subject to this regulation will be subject to. responsibility.
The rule “no longer limits what is considered EHI to data elements represented in US Core Data for Interoperability version 1 (USCDI v1),” explains Posnack. “We’ve tried to make sure that actors have plenty of time to evaluate and modify their practices in relation to EHI and make it available for access, exchange, and use.”
Posnack also reminded those covered by the information interception rules, which he calls “IB actors,” that potential compliance breaches can come from either “acts and omissions.” .
As he explained, although “technology-related practices may appear as the most important example, information interception practices include but are not limited to them. Other behaviors. (e.g., negotiating contracts and terms) and omissions that could materially prevent, or discourage, access, exchange, and use of EHI.”
However, he reassures those bound by the rules that “exceptions are not just ‘one size fits all'” and address the facts and circumstances of the current situation. “
Posnack said the Cure Act requires HHS to determine “reasonable and necessary activities” that do not meet the definition of information interception, who pointed out that the exceptions are formulated to “address the fact that not all actors are equally positioned, such as hospitals participating in the CMS Interoperability Promotion Program and laboratories or other healthcare providers may have not adopted certified medical IT.”
Meanwhile, he re-emphasized that not all “electronic” medical information is necessarily EHI, even under the broader regulatory definition.
“The good news is that the October 6 definition of EHI is something most IB actors have been familiar with for 20 years – Designated Records as defined under the HIPAA Privacy Rules,” Posnack said. ,” Posnack said. “Simply put, the same electronically protected health information that an individual has access to (and requires modification) under the HIPAA Privacy Code is the same as the ePHI that members have access to. an IB member cannot ‘block’.”
He also reminded stakeholders that the way those bound by the rule enable EHI to access, exchange and use “could and will vary” based on who they are, their technological capabilities their and who is seeking access to the data.
“Blocking regulations do not require IB members to accept or use certain technologies or platforms. IB members may use patient portals, other web interfaces, communication application programming interface and a multitude of technologies and platforms to provide EHI for access, exchange, or use,” said Posnack.
Posnack also emphasizes the core goal of information blocking rules: It’s about data.
“A common misconception we have heard about information blocking regulations is that they depend on medical IT being certified through the ONC Health IT Certification Program,” he said. “In contrast, there are only limited connections between the information interception regulations and the ONC certification regulations.”
He said interception exceptions would require “clearly notifying requesters that their request to access, exchange or use EHI has been delayed or denied”, even if the exceptions whether it is due to licensing, feasibility or content and manner.
Finally, Posnack reminded those bound by the new October 6 compliance data that information blocking statements are confidential and restricted from public disclosure.
“The Remedies Act prohibits ONCs from disclosing information blocking statements or information that could reasonably be used to determine the source of the information, unless it may be necessary to do so,” he said. fulfill the purpose of the intercept” and exempt these statements and information from mandatory disclosure under the Freedom of Information.
“Remember, intercepting information is not just about an individual’s access to an EHI matter, it can involve practice between a hospital and a clinician, two hospitals, a physician and lab, a certified medical IT developer, and a health information network, or he adds, “If you believe interception has occurred, please file a complaint via our portal. I.”
Twitter: @MikeMiliardHITN
Email the writer: [email protected]
Healthcare IT News is a HIMSS publication.
