A healthcare provider, health information network, health information exchange or a health IT developer can be an actor of information blocking. Information blocking is any activity that interferes with or limits access, exchange, or use of electronic health information (EHI).
In this article, we provide leaders in health IT with information and resources to help you understand the rules and regulation surrounding information blocking.
The Cures Act Outlines Requirements
In addition to the Interoperability and Patient Access Final Rule, in which the Centers for Medicare and Medicaid (CMS) requires hospitals to drive interoperability and patient access to health information , the Office of National Coordinator also released the Cures Act, which outlines various requirements related to information blocking which may be confusing to health IT leaders.
This rule affects patients, providers and Health IT developers. It promotes transparency into cost and outcomes, encourages improving patient access to their records and outlines requirements related to information blocking.
Information Blocking Practices
The Cures Act specifies certain practices that could constitute information blocking:
- Practices that restrict authorized access, exchange, or use under applicable state or federal law of such information for treatment and other permitted purposes under such applicable law, including transitions between certified health information technologies (health IT);
- Implementing health IT in nonstandard ways that are likely to substantially increase the complexity or burden of accessing, exchanging, or using EHI;
- Implementing health IT in ways that are likely to— restrict the access, exchange, or use of EHI with respect to exporting complete information sets or in transitioning between health IT systems; or
- Lead to fraud, waste, or abuse, or impede innovations and advancements in health information access, exchange, and use, including care delivery enabled by health IT.
Acceptable Exceptions
The rule also specifies a list of exceptions that are acceptable. Five exceptions involve not fulfilling requests to access, exchange, or use EHI.
- Preventing harm exception
- Privacy exception
- Security exception
- Infeasibility exception
- Health IT performance exception
Three exceptions involve procedures for fulfilling requests to access, exchange or use EHI.
- Licensing exception
- Costs exception
- Content and manner exception
NJII recommends that the healthcare stakeholder community carefully institute policies, procedures and workflows based on the examples and exceptions provided above.
Going through the process of documenting your approach will help your organization to stay compliant with these requirements.
For more detail, please visit the information blocking section of the The Office of the National Coordinator for Health Information Technology (ONC) website or see the ONC publications on exceptions and information blocking actors.