The Information Blocking rule: Game changer or not?
On March 9, after many months of industry conversation, advocacy to policy makers, and plain old waiting, the Office of the National Coordinator (ONC) released the final rule addressing new requirements for certification, patient access and information blocking. Allscripts announced its full support of this rule, as well as another interoperability rule issued by the Centers for Medicare & Medicaid Services on the same day.
While the industry expected to be at the HIMSS Annual Conference that week, meeting in-person with National Coordinator Don Rucker, MD, and his team, instead colleagues found themselves reading the 1,200-plus pages and holding numerous calls to compare notes and build confidence in our interpretations of the rules.
Following are my key takeaways from the ONC rule:
- The rule has the patient at the center. ONC did a good job throughout the rule at bringing their decisions back to the patient, and while concerns about third-party data use are not entirely resolved, ONC did what they could with their limited authority in the area of Privacy to try to increase transparency for patients. The rest will be up to Congress.
- ONC put a lot of thought into the eight exceptions to Information Blocking that will allow a healthcare provider, HIE/HIN or software developer to explain why data is not moving in a given instance. The eight are largely well-reasoned, as they tried to reflect the realities of our care delivery system and the challenge of connecting to others with varying technical capability, cybersecurity issues and occasional system down time. However, I remain convinced that the Infeasibility exception, in particular, allows fairly broad a path for those providers resistant to or just not very motivated to invest in information exchange to keep doing what they’re doing – which is not exchanging data.
- The product development, implementation and training “lift” that will stem from this rule increases the potential for positive advancement of standards-based information exchange, but it is also not going to be as insignificant as positioned by ONC. While they did extend the deadline for one specific requirement we discussed with them, which we appreciate, no one should underestimate the amount of development hours that must be devoted for us to qualify as certified under the new “2015 Cures Edition” structure. Additionally, clients will have measurable work to do as they upgrade and train on the new versions, and for hospitals, that could need to start as soon as Spring 2021.
After reading the rule, I’m optimistic that this could mark a sea change for the industry. Much as HITECH and the ensuing Meaningful Use program reshaped healthcare in the U.S. forever, this new regulation stemming from 21st Century Cures is a welcome shift in how we must all look at health data: Who “owns” it, who can make decisions about where and how it is transmitted, and measurable repercussions for those who work against the broader goal of patient-controlled data liquidity.
Why do I say “could?” The catch is that the Cures legislation and, in turn, the resulting information blocking regulation, is structured in such a way as to apply more change pressure to technology stakeholders than to provider organizations.
While it is clear that some vendors will have to make noteworthy changes to their business practices, it is less obvious that a massive change will occur among provider organizations or ancillary stakeholders (such as labs and imaging centers) who currently add real cost to the healthcare system through non-standardized data exchange practices. They are clearly included in the rule as parties obligated not to block health information, but will the relatively minor penalties they could accrue be enough to really move the needle for those who were inclined previously to build walls around their data?
Without additional business incentives from CMS and other payers, I’m not yet 100% convinced. We shall see what happens as the public information blocking complaint structure and OIG’s yet-to-be-announced enforcement mechanisms take hold in the next year. Here’s to hoping!