3D illustration Rendering of binary code pattern.
Gesundheit19 Juli, 2022

Enforcement of information blocking and the impacts on accessing health information

As the 21st Century Cures Act begins to be enforced, interoperability plays an important role in ensuring access to electronic health information.

What is information blocking?

Information blocking occurs when an “Information Blocking Actor,” which may be a health care provider or provider organization, health information network (HIN), health information exchange (HIE), or certified developer of health information technology, intentionally delays or prevents the sharing of electronic health information (EHI). Health plans may also be considered “Actors” under certain circumstances as per a FAQ published by the Office of the National Coordinator of Health Information Technology  (the “ONC”).

Who is subject to the 21st Century Cures Act? 

For purposes of the ONC’s Cures Act Final Rule, in 45 CFR part 171, the term "actor" includes health care providers, health IT developers of certified health IT, and health information networks (HIN) or health information exchanges (HIE), as defined in 45 CFR 171.102. Although health plans and other payers are not specifically identified within any of these definitions, they also are not specifically excluded.

To the extent an individual or entity that is a payer also meets the 45 CFR 171.102 definition of "health care provider," "health IT developer of certified health IT" or "health information network or health information exchange," that individual or entity would be considered an "actor" for purposes of information blocking. In addition, the HIN/HIE definition is a functional definition and should be reviewed for potential applicability to a health plan’s activities.

The Health and Human Services (HHS) of the Office of the Inspector General (OIG) has finalized penalties of up to $1,000,000 per instance of information blocking by HINs, HIEs, and certified developers of health information technology. However, civil monetary penalties for provider organizations that engage in information blocking have not been defined, creating an “enforcement gap.” This has led to challenges with obtaining EHI for legitimate health care purposes from some provider organizations.

In April of 2022, the Secretary of the Department of Health and Human Services (HHS), Xavier Becerra, stated that the HHS was receiving “hundreds of complaints” related to information blocking, and that closing the provider enforcement gap by imposing civil monetary penalties is a “top HHS priority.” Once enforcement of information blocking by providers is finalized it could have a significant downstream impact on access to medical records for patients, providers, payers, and other stakeholders.

What kind of data needs to be shared?

The vast majority of EHI is stored within electronic health record (EHR) applications maintained by provider organizations. In 2022 providers may share EHI via Continuity of Care Documents (CCDs) or via Health Language 7® (HL7®) Fast Healthcare Interoperability Resources (FHIR) version 4.0.1 messages.

Starting in 2023 provider organizations that wish to meet the Promoting Interoperability requirements must use EHRs certified to the 2015 Edition Cures Update Criteria, which will require EHRs to have a standardized API that can share EHI via the HL7 FHIR v 4.0.1 standard. Currently, organizations are required to share the data elements required per the United States Core Data for Interoperability (USCDI)  version 1.0 specification.

Starting on October 6, 2022, providers will be required to share all EHI within their system except for psychotherapy notes and certain other documents (e.g., active investigations). These factors, such as the enforcement of the information blocking rule for providers, the expanded amount of EHI that must be shared starting on October 6, 2022, and broader use of FHIR APIs, all contribute to potential scenarios that will allow for unprecedented access to health information.

There is a need to engage patients as they are at the center of information sharing and may have reservations about having their information stored outside of traditional health care systems. Another challenge may be further delays in information blocking enforcement by HHS. If these issues can be addressed, IT health stakeholders, including patients, would benefit from the ability to construct an accurate, current and complete longitudinal record of care. Supporting this are several national initiatives underway to improve interoperability, including but not limited to the HL7® Argonaut Project, the Trusted Exchange Framework and Common Agreement (TEFCA), the HL7® Da Vinci Project, and the Sequoia Project, all of which could benefit from increased access to provider records.

Additional challenges facing healthcare stakeholders

Once information begins to flow, a major challenge will be in managing, processing, data mining, and reconciling a relative tsunami of health information. More than 80 percent of actionable clinical information is stored as unstructured free text in clinical narratives. The demand for accurate and reliable natural language processing services that transform unstructured data into codified data will increase exponentially.

Other challenges include data normalization, as data may be correctly or incorrectly mapped to one or more terminologies, including ICD-10-CM , SNOMED CT®LOINC®,  HCPCS, CPT®, RxNorm, NDC and others. Stakeholders should develop strategies that will allow them to aggregate, refine, and correctly map disparate information types through Reference Data Management (RDM) strategies or similar information governance processes. This will allow data to have far greater value for quality performance, utilization performance, predictive analytics, risk assessment, interoperability, and other purposes.

Where interoperability can deliver the most value

There is a myriad of potential uses cases that could benefit from seamless and real-time access to patient records, including those that support improvements in risk adjustment performance. Health plans would benefit significantly from real-time access to patient records via standardized FHIR APIs.

For example, a Medicare Advantage Organization (MAO) may obtain authorization from its beneficiaries to obtain complete EHI from a patient’s multiple, disparate provider organizations. This would allow the MAO to use technologies to harmonize and reconcile this information, leading to the creation of a payer-oriented complete, accurate, and current longitudinal record of care. Having this comprehensive viewpoint would translate to significant improvements in risk adjustment performance, as the MAO would be able to perform retrospective, concurrent, and prospective reviews of patient records in real time, as needed. It would also support more accurate and complete ICD-10-CM and HCC coding through chart reviews, closure of coding gaps, the identification of suspected conditions, and intelligent queries.

A number of challenges remain, but if true semantic interoperability can be achieved it would provide granular data that can be used to improve clinical outcomes, reduce utilization, and provide support for clinical research.

Health Language is focused on helping healthcare stakeholders translate disparate healthcare data into one common language to achieve the most difficult level of interoperability – semantic interoperability. Reach out to our team today to learn about our terminology platform, expert normalization services, and clinically tuned NLP engine.

Learn more about the ONC Interoperability Final Rule
Michael Stearns
Specialized Consulting Director - Medical Informatics, Health Language
Michael Stearns, MD, CPC, CRC, CFPC is a physician informaticist, health information technology (HIT), and healthcare compliance professional. He has 20+ years of experience in the areas of electronic health records (EHRs), telehealth, virtual services, quality reporting, risk adjustment, health information exchange, clinical terminology development, standards, and billing and coding compliance.
Back To Top