Wonderful wrap up! See you at HIMSS?
Readers Write: I Know You’re Not Thinking About Blocking Patient Data
I Know You’re Not Thinking About Blocking Patient Data
By Troy Bannister
Troy Bannister, MS is co-founder and CEO of Particle Health of New York, NY.
If you’ve worked in healthcare for 10+ years, this is probably the one hundredth time you’ll read an article about patients being unable to access their own medical data. Here’s why I think that trend might be coming to an end soon.
During healthcare’s slow digital transformation, care providers moved from fax machines to 1:1 digital pipelines to manual portal scraping tools, just to get the charts of their patients. In many instances, these processes are occurring in what are negatively referred to as data silos.
Technology solutions for improving healthcare data accessibility have evolved over the years. The legal requirements for complying with data accessibility have followed closely behind. Most clinicians are connected to nationwide interoperability networks through an EHR, theoretically giving them at least some ability to exchange patient records. Now, the US government has made it clear that their patients have the right to access their medical records in those same technically feasible ways.
Enter the Anti-Information Blocking Rule, the culmination of government efforts to legislate clinical data accessibility. Just like it sounds, its goal is to eliminate practices that interfere with the access, exchange, and use of electronic health information.
Whereas HIPAA has long made it clear that individuals can request their own records in paper format, information blocking rules theoretically give patients access to the same advanced Health Information Networks that care providers use to digitally exchange data.
The Office of the National Coordinator for Health IT (ONC), which sets the rules for information blocking, is working particularly hard to prevent cases where an individual is arbitrarily blocked from access to their own personal health information.
Despite ONC’s intentions, repercussions for information blocking were nonexistent. For that reason, healthcare organizations have continued to drag their feet when it comes to allowing patient data exports.
I’m here to spread the news that information blocking is coming to an end. As of October 2022, the HHS Office of the Inspector General began collecting reports of information blocking on its new online portal, with a mandate to issue fines of up to $1 million per violation. It is no longer in question that healthcare organizations will be held accountable unless they improve patients’ access to their own data.
Information blocking regulations don’t have any health IT loopholes. Providers can’t implement patient-only release delays, turn information into an unreadable format, or seek other ways to water down the rule’s provisions. Generally speaking, EHR vendors, Health Information Networks, and provider organizations must release the entire HIPAA-established designated records set of electronic health information (EHI) to a patient upon request.
In other words, if information exchange is doable for doctors, it’s doable for patients too. Information must be in the manner a patient initially requested. That could entail release over the same efficient digital channels, including APIs, that clinicians have access to.
The lack of access to clinical data at scale remains a core problem for US healthcare that can be linked to many of our system’s inefficiencies. These issues have a fundamental impact on healthcare costs, care quality, and ultimately on patient outcomes. Stakeholders cannot continue to wait for healthcare organizations to make their data-sharing preparations. Information blocking is no longer an acceptable policy, and yet we see it every day.
Ahead of the October 2022 information sharing deadline, there were concerted efforts from several healthcare organizations urging HHS to postpone enforcement, and not for the first time. However, regulators felt there was too much at stake to keep patients and digital health pioneers waiting any longer. Information blocking rules have survived multiple presidential administrations, and there’s bipartisan agreement that they are here to stay.
In reality, not every health system is at the same level of readiness when it comes to anti-information blocking compliance. Patient access to EHI has been a complicated task for many healthcare institutions, especially those that are not prepared to share patient data electronically. Many organizations are scrambling to find their own tools to support such efforts.
Fortunately, the technical challenges of anti-information blocking compliance are addressed by the 21st Century Cures Act, the law which led to information blocking rules in the first place.
The Cures Act aims to increase innovation by fostering an ecosystem that supports the development of data-driven applications. The rule also calls on the healthcare industry to adopt standardized APIs, which will help allow individuals access structured EHI using smartphone applications securely and easily. From new health tools to transferring records between providers, information blocking rules will help patients to take greater ownership of their care.
“In 2023, the vast majority of docs and hospitals will have FHIR APIs live,” Steven Posnack, the Deputy National Coordinator of ONC, predicted last month. With the ONC incentivizing this change, digital health organizations should urgently consider a single, comprehensive API that enables a seamless data sharing experience for institutions of all shapes and sizes. Integrating a pre-built API lets providers retrieve medical records in just a few clicks, eliminating reliance on faxes, portals, and other tired forms of data exchange.
For large organizations that support value-based care models, being able to work with patient health records at scale lets providers proactively address patient needs. This is especially critical when it comes to evaluating patients with chronic disease and comorbidities, leading to reduced readmissions. For example, on an ongoing basis, an API can help kidney care organizations that track glomerular filtration rate (GFR), endocrinologists who chart A1c values, and cancer care institutions that research case histories. In these instances, the ability to easily query patient health records allows healthcare providers to more efficiently and effectively care for their patient populations.
Moving ahead, digital organizations can look forward to obtaining data quickly and easily, powering tools that deliver more effective care. But it’s not just the data itself that matters; it’s how you get it. Leveraging advanced technology like a single API helps healthcare organizations and their patients tap into their health history when they need it.
“It is no longer in question that healthcare organizations will be held accountable unless they improve patients’ access to their own data.”
When did civil monetary penalties get announced for providers?
The anti-info blocking rule itself has been finalized – https://www.healthit.gov/buzz-blog/information-blocking/information-blocking-eight-regulatory-reminders-for-october-6th. While CMPs have not been issued yet, the proposed CMPs derived from the Cures Act were first announced in 2020 – https://oig.hhs.gov/newsroom/news-releases/2020/infoblocking.asp.
These rules are targeted at large organizations/data holders, not individual providers per se. Many providers have in fact submitted complaints about blocked information already – https://www.healthit.gov/data/quickstats/information-blocking-claims-numbers.
ONC has repeatedly indicated that they intend to pursue CMPs up to the maximum allowed by law – https://www.healthit.gov/buzz-blog/information-blocking/information-blocking-and-the-presidents-fy23-budget-for-onc.
Just to clarify, the CMPs would only apply to certified HIT developers and HIEs. For healthcare providers, the OIG still investigates the info blocking claim but any finding that the provider engaged in information blocking is referred to other federal agencies, and the provider could be subject to disincentives through federal funding/payment programs. Rules/guidelines for those disincentives and how exactly they would be delivered have not been proposed to date.
1. Info blocking portal process: https://www.healthit.gov/cures/sites/default/files/cures/2021-11/Information-Blocking-Portal-Process.pdf
2. 21st Century Cures Act text: https://www.congress.gov/bill/114th-congress/house-bill/34/text. Search for “Sec. 4004” on the page to get to the info blocking portion.