ONC, CMS information blocking, interoperability rules finalized

ONC's interoperability rule

ONC's interoperability rule mandates that healthcare organizations use FHIR-based APIs to connect patient-facing and consumer-grade apps to patient EHRs. It's part of the Trump administration's push to consumerize healthcare.

At the start of the year, one of the biggest EHR vendors, Epic, publicly expressed concerns on sharing patient data with third-party apps because of the lack of outlined privacy protections. During the media briefing, Rucker addressed those concerns head on, saying that the apps will use the same, secure API technology used in banking apps. Additionally, Rucker said providers will be able to let patients know in a "deliberate, straight-forward way" what information they're consenting to sharing through a patient authentication process.  

"That is not snuck in on the side," Rucker said. "It's central to the way that patients allow an app to get access to their information. We've empowered providers to communicate the privacy issues in that process." 

Rucker said a second part of the finalized ONC rule identifies activities that do not constitute information blocking, which is the interference of a healthcare organization with the sharing of health data, and establishes new rules to prevent information blocking practices by healthcare providers, developers of certified health IT and health information exchange networks, as required by the 21st Century Cures Act.

The rule also requires health IT developers to meet certification requirements to ensure interoperability.  Health IT developers must comply with requirements such as assuring that they are not restricting communication about a product's usability or security so that nurses and doctors are able to discuss safety and usability issues without being bound by what Rucker said has historically been called a "gag clause."

The finalized ONC rule also replaces the Common Clinical Data Set (CCDS) data elements standard with the U.S. Core Data for Interoperability (USCDI) data set for the exchange of data within APIs. The USCDI is a defined set of data that includes clinical notes such as allergies and medications. The data set will support data exchange, Rucker said.

"These are standardized sets of data classes and data elements ... to help improve this flow of information," he said.

CMS patient access rule

The ONC rule goes hand in hand with the CMS rule, which aims to open data sharing between the health insurance system and patients.

Starting in 2021, the CMS patient data access rule will require all health plans that do business with the federal government to share data with patients through a standards-based API. The push to make it easier for patients to access health data follows a model CMS implemented with Blue Button 2.0, an API which gives Medicare beneficiaries the ability to connect their claims data to apps of their choosing, such as research apps.

The rule also requires health plans to make their provider directory available through an API, so patients know if their physician is in their insurance network.

"This will allow innovative third parties to design apps that will help patients evaluate which plan networks are right for them and potentially avoid surprise billing by having a clear picture of which clinicians are in network," CMS administrator Seema Verma said during Monday's media briefing.

Starting in 2022, Verma said insurance plans will also be required to share patient information with each other, which will enable patients to take data with them as they move between plans.

Additionally, effective six months from today, CMS is changing the participation conditions for Medicare- and Medicaid-participating hospitals as part of the rule. To ensure they are supporting care coordination for patients, Verma said the rule requires the hospitals to send admission, discharge and transfer notifications so patients receive a "timelier follow-up supporting better care and better health outcomes."

"The Trump administration is pushing the healthcare system forward," Verma said. "We are breaking down barriers to a seamless, data-driven healthcare system. The result of these two rules will be a more intuitive and convenient experience for American patients."