ONC's Latest Cures Act Hits: Featuring (g)(10) FHIR® API
As we approach the final quarter of the calendar year, all of us in the Healthcare industry have the Cures Act deadlines on top of our minds. So, now is the perfect time to tune in to the message ONC is broadcasting through their recent blogs and media to reinforce the need for compliance with the standardized (g)(10) FHIR® API EHR Certification criterion and Information Blocking, whom these apply to, and how the mandates will be enforced. Let’s turn up the volume on the latest hits from ONC.
Hit #1: Identify Bad “Actors”
In the 21st Century Cures Act, ONC defines healthcare providers, EHR developers, and Health Information Exchanges (HIEs) as the “Actors.” These “Actors” are subject to the Information Blocking provision to prevent actions that interfere with, prevent, or materially discourage access, exchange, or use of Electronic Health Information (EHI). ONC has been busy since April 5th, 2021, the date when the Information Blocking regulation became enforceable. They have an official Information Blocking Portal where anyone can submit a complaint and even remain anonymous if they desire. The results are published monthly to validate further the seriousness of ONC and HHS in enforcing the Cures Act.
ONC’s monthly update, called Information Blocking Claims by the Numbers has published the latest results from April 5th, 2021 through July 31st, 2022. The report shows a 12% increase in the confirmed number of Information Blocking claims compared to the results in December 2021. Most of these claims have been filed by patients. More than 70% of the Information Blocking complaints are against providers. It is important to note that most providers rely on their EHR vendors for technical capabilities to comply with a patient’s request for health information. Health IT Developers on ONC’s Certified Health IT Provider List (CHPL) received the second highest number of complaints. ONC is not identifying these “Bad Actors” for now, but that could change in the future.
Hit #2: Enforce and Penalize
ONC has assumed its role as the enforcer of the Certification and Information Blocking provisions of the Cures Act. ONC has been diligently offering guidance through webinars, blogs, and email updates since the official release of the 21st Century Cures Act in the Federal Register in May 2020. So, lack of awareness is not a viable defense. In one of the interviews, Micky Tripathi, ONC’s National Coordinator for Health Information Technology, mentions several Key Takeaways of Cures Act one of which is the transition of ONC’s approach from incentives to penalties.
In 2011, ONC initiated Meaningful Use to achieve interoperability by sharing information voluntarily. After 11 years and $34.7 Billion in paid incentives, ONC and HHS are prepared to apply penalties to enforce the interoperability between providers and enable patients’ access to their health information. These penalties for non-compliance have been defined as decertification for EHRs and monetary penalties for Information Blocking for both EHRs and providers. As reported in a recent JD Supra article, CMS is likely to join HHS and ONC in their effort to ensure Medicare and Medicaid beneficiaries can access, exchange, and use their health information with minimal effort. As quoted in the article, “HHS anticipates announcing a specific enforcement regiment of civil monetary penalties by the end of 2022. Likewise, the Centers for Medicare and Medicaid Services (CMS), the largest payer and regulator of medical practices, has announced its interest in levying civil monetary penalties for providers that improperly block the sharing of electronic health information.”
Hit #3: FHIR-based API Compliance (g)(10)
ONC continues to plot the progress of the health IT industry to its desired goal of near real-time health information interoperability among ALL stakeholders, most importantly the patient. A recent HealthITBuzz blog co-authored by ONC and HHS offers a current snapshot of compliance with the Cures Act mandate that requires all Certified EHR developers to “Certify and Provide” their customers with a FHIR-based API by December 31, 2022, specifically the (g)(10) criterion. The blog states that “as of August 1st, 2022, roughly 5% of the health IT developers have updated their technology to certified API technology.” Considering there are less than 80 working days remaining in 2022, the EHR vendors need to pick up their pace as the song of the (g)(10) FHIR API hits the crescendo for the December 31, 2022 finale.
Hit #4: EHI and Information Blocking
Cures Act compliance has another big milestone that EHRs and providers need to pay attention to. October 6, 2022 onwards, the Information Blocking definition would include the entire scope of the Electronic Health Information (EHI). EHI includes electronic Protected Health Information (ePHI) to the extent that it would be included in a Designated Record Set (DRS), regardless of whether the group of records is used or maintained by or for a covered entity or business associate, with very few exceptions. The solution that a health IT developer incorporates into their EHR must be able to handle a request by a patient for BOTH their PHI (USCDIv1) and the EHI which includes all documents within the patient’s record that are used for their care and treatment.
Bonus Soundtrack: Swift Compliance
This bonus soundtrack from our team at Darena could very well be the encore performance to compliment the ONC hits and allow EHRs to meet the ONC certification requirements well in time. Over the years we have guided many EHRs to the most efficient path to production-ready certified criteria. The latest FHIR-based API requirement is no exception. If you are unsure if your EHR development team will be ready for the (g)(10) deadline by early December, we have a production-ready and fully ONC-certified (g)(10) solution for you. It includes the nation’s first FHIR API-certified solution that satisfies EHRs’ ability to “Certify and Provide” a FHIR-based API to their providers, as well as to allow a patient to access, exchange, and use their full EHI on a third-party app of their choice with minimal effort.
With MeldRx™ you can avoid the risk of decertification with quick integration to a user-ready solution.