It's time to comply with the Office for National Coordinator for Health IT's information blocking rule. Beginning April 5, 2021, all providers, health IT developers, and health information exchanges and networks (HIE/HINs) cannot block access to electronic health information. This rule is one of many recent regulations that seek to get data flowing more easily and quickly to support better health care.
Requests for electronic health information can originate from different sources—a patient portal, during an appointment, or through the release of information process—and the penalties for blocking access to that data can be steep. Health IT developers and HIE/HINs may face civil monetary penalties up to $1 million per violation, based on policies that will be established by the Office of Investigator General (OIG).
Meanwhile, providers (who also can act as an IT developer or HIE/HIN and face monetary penalties) may face "appropriate disincentives" if they violate the information blocking rule. So far, it's unclear exactly how severe those disincentives will be—but remember, providers must agree to "prevention of information blocking" in order to meet CMS' Promoting Interoperability reporting requirements.
Initially, the information blocking rule was set to take effect on Nov. 2, 2020, but ONC extended that deadline to April 5, 2021. The delay provided welcome relief to many providers, IT developers, and HIE/HINs who spent much of 2020 combating the Covid-19 epidemic. But what should you do now that the April 5th deadline is here? We outline three key actions you should take today:
1. Prioritize your most vulnerable areas. The good news is most organizations are likely already doing a lot to make sure they are not interfering with access to information. Leaders should work with their teams to identify any remaining compliance gaps and prioritize efforts addressing the gaps that put your organization at the highest risk or will have the broadest impact. For example, if you haven't yet, assess whether your organization could be subject to OIG's civil monetary penalties as an IT developer or HIE/HIN.
2. Educate your clinicians and staff. It is vital that your clinicians and staff know what to do when they receive data requests and what's at risk if you're accused of information blocking. Leaders can help keep staff informed by reviewing organizational policies and spotlighting any changes related to information blocking. For example, connect staff with resources on what data patients can access through the patient portal or a third party app. Remember, patients already have a right to see their data under existing laws like HIPAA—the information blocking rule means removing unnecessary delays or barriers so that accessing their data is easier and faster.
3. Keep an eye out for updates and new regulations. ONC's information blocking final rule is not the end of federal regulatory action on this topic. We expect federal agencies to issue additional rules and provide more information on enforcement, penalties, and disincentives for information blocking. Advisory Board also will be publishing new resources on how to approach compliance long-term, including how to support clinicians in setting expectations with patients about accessing their data.
Other key deadlines to watch
It's also important to remember that the information blocking compliance deadline is only one of several deadlines included in ONC's final rule. Developers of health IT must meet several new conditions of certification as of April 5, 2021—for example, they cannot restrict communication about the usability of their health IT. In addition, by Dec. 31, 2022, IT developers must make available to their customers the updated 2015 Edition certification criteria. This includes rolling out an Application Programming Interface (API) that supports the Fast Healthcare Interoperability Resources (FHIR) standard. All of that means the April 5, 2021 deadline is an important step in making electronic health information more accessible. Leaders will need to continue evaluating and improving their approach over time, in response to growing expectations that data access should be easier and faster. Advisory Board will be here to help along the way.