Information Blocking – The Compliance Ghosts You Don’t Want to Haunt You
In their latest blog, Dan Healy and Michael Lipinski from the ONC highlight the hidden practices of information blocking. By adopting these practices, health IT actors might be restricting access to electronic health information (EHI) and subjecting themselves to unwanted consequences.
This Halloween, the ONC’s warning is loud and clear: data access is a serious matter, and blocking it could come back to haunt you.
Healthcare Providers Beware: ONC has Disincentives in Place
ONC has received complaints almost daily since 2021, many aimed at healthcare providers. The issues below are raising red flags that may lead to more than a Halloween fright:
Unnecessary Barriers: Some providers are putting extra conditions on access, such as demanding HIPAA Business Associate Agreements (BAAs) even when they’re not required, leading to confusion and delays for patients trying to get their own EHI.
Keeping URLs Under Wraps: Providers should be using (g)(10) certified EHRs and must be publishing service-based URLs to allow access. However, some are limiting access to only certain apps, leaving patients and their data in the dark.
Spooky Delays: Providers who can offer same-day access to EHI are taking days to respond, creating unnecessary delays that hinder patient care.
Health IT Developers Caution: Compliance Violations will be Penalized
Developers of certified health IT aren’t safe from the ONC’s watchful eye either. There are concerns that some API and URL practices might be restricting EHI access and violating the Information Blocking rules:
Locked URLs: Instead of publicly sharing the service base URLs (FHIR endpoints), some developers are restricting access to specific apps, slowing down data sharing for patients.
Slow App Enablement: Some developers delay enabling patient-approved apps, obstructing timely access.
Restrictive Licensing: Demanding app developers to hand over IP rights or limiting platform usage restricts innovation and creates closed data environments instead of open access.
ONC’s Message: No Tricks, Just Transparency
The ONC’s warning is clear: practices that block access to EHI must end. By enforcing compliance, the ONC aims to create a transparent, accessible, and patient-centered health IT space. This will ensure that patients can access, exchange, and use their EHI “without special effort.”
At Darena Solutions, we’re here to help our customers keep health data open, compliant, and free from any practices that might come back to haunt them. This Halloween let’s keep health information access safe from spooky restrictions and embrace transparency for all the providers and patients.
Make sure to stop by for special treats to prevent Information Blocking.
Let’s start with this video on implementing patient access for app developers as per ONC's latest guidelines in 8 steps.