Understanding the Regulatory Framework of Information Blocking and its Implications for Health IT Developers

The advent of digital health records has changed how healthcare is delivered in the United States. The success of these systems relies on easy access to electronic health information (EHI). The 21st Century Cures Act was enacted to create a regulatory framework that addresses information blocking. This article looks at how this framework affects health IT developers, medical practice administrators, owners, and IT managers.

The 21st Century Cures Act and Information Blocking Defined

Passed in December 2016, the 21st Century Cures Act aims to improve healthcare outcomes by supporting better access to EHI. Information blocking refers to practices that hinder access, exchange, or use of EHI, except in certain situations specified by the Secretary of Health and Human Services (HHS). This legislation provides a legal basis aimed at improving interoperability in the U.S. healthcare system.

The Office of the National Coordinator for Health Information Technology (ONC) is responsible for enforcing these regulations to ensure compliance with the mandates defined in the Cures Act. The focus on transparency in health information access marks a shift toward patient-centered care and coordinated healthcare practices.

Types of Information Blocking

Information blocking can occur in various forms, including:

• Technical Barriers: Proprietary interfaces that restrict how health information is shared, leading to silos that can impact patient care.
• Contractual Barriers: Agreements that limit the sharing of health information, inhibiting the necessary flow of data between organizations.
• Administrative Barriers: Delays in accessing data due to bureaucratic processes that frustrate timely patient care.
• Financial Barriers: High fees for sharing EHI that discourage entities from participating in the data exchange essential for patient care.

Regulatory Exceptions

To balance the need for access with valid concerns, the ONC has outlined eight exceptions to information blocking. These include:

• Preventing Harm: Information can be withheld if its disclosure may result in substantial harm.
• Privacy and Security Compliance: Following privacy laws may justify limited information sharing.
• Infeasibility: If providing access to EHI is not feasible, that situation can be communicated legally.

These exceptions are important because they allow for the protection of sensitive information while promoting the necessary interoperability in healthcare.

Disincentives for Non-Compliance

The Cures Act brought about disincentives for healthcare providers involved in information blocking, beginning enforcement on September 1, 2023. The penalties can be significant, going up to $1 million per violation for health IT developers, while healthcare providers risk being excluded from federal programs, such as the Medicare Promoting Interoperability Program and the Merit-Based Incentive Payment System (MIPS).

Recent statistics from the HHS Office of Inspector General (OIG) predict a high volume of complaints regarding information blocking. By September 2023, over 1,052 complaints had been reported, with around 85% from patients. Over 90% of these allegations were directly related to healthcare providers.

The OIG has outlined enforcement priorities for investigations. These include cases that lead to patient harm, impact providers’ functions, or cause significant financial loss to healthcare programs. This focus highlights the importance of patient safety and effective care delivery.

Enforcement and Compliance

To ensure compliance, health IT developers and healthcare providers need to review their policies and procedures thoroughly. This should include:

• Education and Training: Healthcare staff should learn what constitutes information blocking and how to comply with the law.
• Policy Review and Update: Organizations must regularly evaluate and update protocols related to health information access and exchange.
• Cooperation with Health IT Vendors: Working with third-party IT vendors is crucial to ensure their systems support compliance with ONC regulations.

Health IT vendors bear a significant risk of penalties, making it essential for them to prioritize compliance and interoperability. Institutions using these systems must also confirm they can share EHI without incurring regulatory penalties.

Role of Health IT Developers

The compliance landscape poses a large responsibility for health IT developers. They must ensure their systems are functional and compliant with regulations. Non-compliance can lead to severe financial consequences. Hospitals worry that some providers, including themselves, are facing penalties unfairly compared to others in the healthcare field.

The California Hospital Association (CHA) has highlighted these concerns, noting that the median estimated penalty impact on hospitals could reach $394,353, potentially exceeding $10 million for large academic medical centers. The CHA calls for clearer definitions of information blocking, as the lack of guidance complicates compliance efforts.

Financial Implications and Future Considerations

The financial impact for health IT developers and healthcare providers goes beyond penalties. The interactions between these penalties and federal program participation create additional financial risks, which can complicate administrative and operational challenges for healthcare organizations. This situation emphasizes the urgent need for effective compliance measures across the healthcare system.

As complaints continue to grow, the OIG will need to determine which cases to prioritize, influencing how health IT vendors develop their products. By creating solutions that support compliance and interoperability, vendors can position themselves competitively in the healthcare market.

Workflow Automation and Integration of Artificial Intelligence

In terms of compliance with information blocking regulations, integrating artificial intelligence (AI) and workflow automation can help health IT developers and providers improve efficiency. AI solutions can streamline the processes related to accessing, exchanging, and using electronic health information.

Enhancing Data Interoperability

AI can identify patterns in data access and detect potential bottlenecks in health information exchanges. By recognizing where information blocking may occur—whether from technical, contractual, or administrative barriers—AI tools can notify organizations of compliance issues before they become significant problems.

Workflow Automation Benefits

• Streamlining Patient Records Access: Automating the retrieval of patient records allows for quicker access during treatment, reducing delays from manual requests.
• Reducing Administrative Burden: Automating tasks related to data exchange eases the compliance burden on healthcare providers.
• Improved Audit Trails: AI can maintain detailed logs of data access and sharing activities, promoting transparency for compliance verification.

Stakeholder Engagement and Advocacy

Successful implementation of the regulations regarding information blocking requires cooperation among stakeholders in the healthcare system. Advocacy from organizations like the CHA and guidance from regulatory bodies such as ONC and HHS are crucial for developing clearer definitions and educational resources on compliance.

The upcoming enforcement of information blocking regulations will reshape healthcare information sharing. Stakeholders are encouraged to engage with regulatory authorities to develop supportive measures as they navigate these regulations.

In summary, the regulatory framework from the 21st Century Cures Act addresses important topics about information access in healthcare. As organizations work within this environment, using technological solutions like AI and fostering collaboration among stakeholders will be essential for a healthcare system that focuses on patient care and data interoperability.