When Congress passed the Medicare Access and CHIP Reauthorization Act of 2015, the elimination of the Sustainable Growth Rate—the so-called “Doc Fix”—received most of the attention. The fact that Congress had officially waded into the quagmire of health information technology interoperability, however, went largely unnoticed. The Act, which became law on April 16, 2015, declares that the widespread exchange of health information through interoperable electronic health records (EHRs) is a national objective. It requires the Secretary of Health and Human Services to establish metrics, by July 1, 2016, to determine whether the interoperability objective has been achieved.
Interoperability must be achieved by December 31, 2018. If not, the Secretary must submit to Congress a report that identifies interoperability barriers and recommends actions that the federal government should take to achieve interoperability. That report would be due by December 31, 2019. Additionally, effective April 16, 2016, participants in the Medicare and Medicaid EHR incentive programs must attest that they are not knowingly or willfully limiting the interoperability of certified EHR technology (EHRs certified for use in the EHR incentive programs).
The scope and impact of the Act will depend on the implementing regulations adopted by the Secretary. Based on guidance previously issued by the Office of the National Coordinator for Health Information Technology (ONC) in its Report to Congress on Health Information Blocking and the draft Interoperability Roadmap, we expect the interoperability regulatory regime to follow these principles:
- Technical Interoperability. The Act defines interoperability as the ability of two or more health information systems to (a) exchange health information (technical interoperability) and (b) to utilize the information that has been exchanged using common standards (data interoperability). To achieve technical interoperability healthcare information technology vendors will need to adopt uniform transport standards—essentially a more widely used version of the Direct exchange protocol required under Meaningful Use Stage 2. EHR vendors will also need to publish application programming interfaces (APIs) to enable EHRs to talk to each other.
- Data Interoperability. To achieve data interoperability EHR vendors and healthcare providers will need to adopt vocabulary and terminology standards (e.g., ICD-10). They will also need to adopt document structure standards to enable receiving systems to identify the types and locations of information included in a document.
- Information Blocking. Healthcare providers and EHR vendors will be prohibited from engaging in any practice that knowingly interferes with health information exchange, unless they have a reasonable justification for the practice, including protecting patient safety, maintaining the privacy and security of individual’s health information, and promoting competition and consumer welfare. Prohibited practices will include:
- restricting individuals’ access to their electronic health information or restricting the exchange or use of that information for treatment, whether by contract, policy or otherwise;
- charging fees that make exchanging and using electronic health information cost prohibitive;
- developing or implementing healthcare information technology in non-standard ways that are likely to substantially increase the costs, complexity, or burden of sharing electronic health information (e.g., using proprietary data formats or failing to publish APIs); and
- developing or implementing healthcare information technology in ways that are likely to “lock in” users or electronic health information.
- Reasonable Restrictions. ONC’s Report acknowledges that some information blocking and data sharing interference is and should be permissible, especially when required in order to comply with federal or state law (e.g., HIPAA, Stark and other regulatory standards). It is anticipated that the Act’s implementing regulations will incorporate ONC’s recommended exceptions and safe harbors.
It is worth pointing out a couple of key interoperability issues that the Act does not address. First, because the Act only concerns the interoperability of certified EHRs (whether in the form of a single, complete EHR, or a combination of EHR modules), other technologies—such as medical devices with data communication capability and wearable technology—are left out of the interoperability loop.
Second, although the Act recommends decertification of EHRs as an action that the Secretary could take to remove barriers to interoperability, the Act does not require the Secretary to assess any penalties against EHR vendors for failing to make their products interoperable. However, the 21st Century Cures Act (H.R. 6), which was approved by the U.S. House Committee on Energy and Commerce on May 19, 2015 by a bipartisan 51-0 vote, would authorize penalties against EHR vendors for “information blocking” (as defined in the 21st Century Cures Act) that would include decertification of their EHRs and the imposition of civil monetary penalties.
For additional information, please contact Walter Crouch, Kristen Johns or Andy Norwood in Waller’s Healthcare Information Technology practice at 800.487.6380.
The opinions expressed in this bulletin are intended for general guidance only. They are not intended as recommendations for specific situations. As always, readers should consult a qualified attorney for specific legal guidance.