Global Edition
Interoperability

ONC officials offer update on information blocking rules compliance

Providers, certified IT developers and HIEs should "be on the lookout" for upcoming adjustments in certain timelines, said Deputy National Coordinator Steve Posnack.
By Mike Miliard
October 15, 2020
10:17 AM

At the Cerner Health Conference on Wednesday, two representatives from the Office of the National Coordinator for Health IT offered some updates on the compliance requirements of its 21st Century Cures information blocking rules published in March.

First, Deputy National Coordinator for Health IT Steven Posnack noted that, with an interim final rule under review at the U.S. Office of Management and Budget, those covered should keep their eyes peeled for some potential reshuffling of compliance dates due to the demands of the ongoing COVID-19 pandemic.

"We do have an interim final rule under review [at OMB] that will adjust certain timelines associated with the certification program and information blocking, so please be on the lookout for that," said Posnack. "You can expect certain adjustments to our timing and compliance requirements."

As of now, the start date for requiring adherence to the info blocking rules is November 2.

Wherever the new date might be moved, it will eventually arrive. In the meantime, those covered by the rules – healthcare providers, developers of certified health IT, health information networks and health information exchanges – should continue to prepare, he said.

The obligations under the law for each group may be unique, and "each of these actors are uniquely and individually accountable for their own conduct," he said.

But the ability of each to maintain compliance will have impact on other organizations across the ecosystem when it comes to information blocking. For instance, vendors such as Cerner are no longer just judged by ONC on the ability of their software to meet rigorous certification requirements.

With the 21st Century Cures Act, "Congress said, 'Not only do you need to look at the software itself, but you also need to evaluate the business practices and overall corporate compliance of health IT developers,'" said Posnack.

"And under our statutory requirements now, ONC would have to pursue oversight-related activities to correct that health IT developer's behavior."

Likewise, "if you're a healthcare provider and you're engaged in something that ultimately our Office of the Inspector General, who does enforcement on information blocking, sees that you have been inappropriately restricting information exchange, that could be subject to information blocking-related enforcement in the future."

At the same time, ONC has built in significant leeway with its rulemaking, establishing eight exceptions meant to offer covered entities "certainty that, when their practices with respect to accessing, exchanging, or using electronic health information meet the conditions of one or more exceptions, such practices will not be considered information blocking."

Five of them involve reasons for not fulfilling requests to access, exchange or use electronic health information:

  • Preventing harm exception.
  • Privacy exception.
  • Security exception.
  • Infeasibility exception.
  • Health IT performance exception.

Three of them have to do with procedures around fulfilling requests to access, exchange or use EHI:

  • Content and manner exception.
  • Fees exception.
  • Licensing exception.

At the Cerner conference, Rachel Nelson, branch chief for policy analysis and implementation in ONC's Regulatory Affairs Division, spent some time unpacking the content and manner exception, which has caused some confusion among various stakeholders.

"The content and manner exception is available where, let's say, an actor receives a request for electronic health information that they can legally and appropriately share – but they don't have the technical capability to facilitate this exchange or use of that electronic health information in the manner requested," said Nelson.

The exception's two main conditions, the content ("which I like to think of as the 'what,'" she explained) and the manner (the "how") must both be met to satisfy the exception, according to ONC.

Content, for these purposes – the "what" – is defined by ONC's United States Core Data for Interoperability, or USCDI, as a defined set of shareable health data classes and elements. Whereas for IT developers USCDI is simply a standard that must be met for certification, Nelson emphasized, for providers it "describes what information is within the scope of information blocking definition and is the scope of required content – what you would have to share."

As for the "how," the manner exception, it "offers a framework for working through alternative manners for sharing electronic health information when perhaps you can't meet the exact manner that was originally requested," she explained. "It offers a fairly wide array of options for how to make the electronic health information available and still be covered by this exception."

The exception "can be met even if you do not have all of the requested electronic health information," said Nelson. "And even if, for whatever reason that is appropriate, you cannot share all of the electronic health information that you do have.

"Perhaps a particular few pieces of information are covered by a state law that would prohibit you disclosing it in response to a particular request. You can still meet content and matter exception in that sort of a circumstance, as long as you meet the full conditions of the exception," she explained

"We encourage people to take advantage of the certainty they offer, that if your practices in responding to requests for access, exchange and use of electronic health information are consistent with the conditions of one or more exceptions, that those practices are not information blocking."

As Posnack explained earlier this year, the goal of the Content and Manner Exception is to "give stakeholders ... an opportunity to negotiate, in the open market, the ability to make available or electronic health information or access, exchange or use.

"So if I'm a requester and you happen to be one of those information blocking-covered actors, you and I would be able to engage in an open market negotiation and come to terms," he explained. "If we're able to do that, then both parties, it's a win-win for both parties. If we're unable to do that, per the statute, we still have an obligation to make sure that electronic health information is made available."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News is a publication of HIMSS Media.

Topics: 
Compliance & Legal, Government & Policy, Health Information Exchange (HIE), Interoperability, Patient Engagement

More regional news

HIMSSCast podcast

HIMSSCast: New analytics strategies for patient-centric pop health

By
Mike Miliard
April 19, 2024
Penn Medicine's Perelman Center for Advanced Medicine

Conversational AI improves 'fourth trimester' maternal care at Penn Medicine

By
Bill Siwicki
April 19, 2024
Close-up of doctor lookin at data on a tablet

Doctors are getting on board with genAI, survey shows

By
Andrea Fox
April 19, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Penn Medicine's Perelman Center for Advanced Medicine
Success Stories & ROI
Conversational AI improves 'fourth trimester' maternal care at Penn Medicine

Most Read

FDA approves sleep apnea tech from EnsoData, Samsung
Parkview Health brings diabetic retinopathy tests closer to the patients
Ukrainian man pleads guilty to 2020 UVM cyberattack
DOJ, international partners seize LockBit servers, provide decryptors
China Medical University Hospital leverages Google's genAI for cancer care
ChristianaCare to expand medication adherence program

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Artificial Intelligence
Analytics
Analytics

Video

Dr. Donald Warne at the Center for Indigenous Health at Johns Hopkins_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Indigenous communities need to be engaged with healthcare choices
Naomi Escoffery at the Defense Health Agency_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
DoD health systems take a proactive approach to digitization
Dr. Emily C. Webber at Indiana University Health_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How text messaging can help improve health equity
Tony Black at Kyndryl_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Hospitals must start business continuity planning

More Stories

Wagner Amaral, growth markets health industry lead at Avanade
Enhance collaboration and productivity while securing digital assets
Marina El Khawand at Medonations_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
From scout service to crowdsourcing relief
motherboard with lock in blue light representing cybersecurity
Healthcare still underprepared for scope of cyber threats, says Kroll report
Andy Chu of Providence on tech spinoff
Tech spinoff enables Providence to go from building three new app features a year to 40
Close-up on handshake of two people in suits.
Salesforce may be in talks to buy Informatica
Fragmented data is a barrier to improved cancer treatment goals
Consolidated radiology and pathology data brings precision to cancer care
Patricia MacTaggart at George Washington University_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
AI policy can benefit from past technology rollout lessons
Two information workers with abstract of data
10 tips to avoid planting AI time bombs in your organization