News | Information Technology | February 14, 2019

Office of the National Coordinator Releases Proposed Rule on Healthcare Data Interoperability

Proposed rule calls for standardization of application programming interfaces under FHIR standards, defines exceptions to information blocking practices

Office of the National Coordinator Releases Proposed Rule on Healthcare Data Interoperability

This story has been updated with additional information since its initial posting.

February 14, 2019 — The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) proposed a new rule to support seamless and secure access, exchange and use of electronic health information (EHI)

The proposed rule is designed to increase innovation and competition by giving patients and their healthcare providers secure access to health information and new tools, allowing for more choice in care and treatment. It calls on the healthcare industry to adopt standardized application programming interfaces (APIs) based on the Fast Healthcare Interoperability Resources (FHIR) standards, which will help allow individuals to securely and easily access structured EHI using smartphone applications.

The proposed rule places a strong focus on a patient's ability to access their health information through a provision requiring that patients can electronically access all of their EHI (structured and/or unstructured) at no cost. Finally, to further support access and exchange of EHI, the proposed rule implements the information blocking provisions of the 21st Century Cures Act. The rule proposes seven exceptions to the definition of information blocking, or practices that unreasonably limit the availability, disclosure and use of electronic health information undermine efforts to improve interoperability. Under the rule, providers or hospitals that participate in information blocking would be publicly reported, which may incentivize providers and clinicians to refrain from such practices. 

CMS’ proposed changes to the healthcare delivery system support the MyHealthEData initiative and would increase the seamless flow of health information, reduce burden on patients and providers, and foster innovation by unleashing data for researchers and innovators. In 2018, CMS finalized regulations that use potential payment reductions for hospitals and clinicians to encourage providers to improve patient access to their electronic health information. For the first time, CMS is now proposing requirements that Medicaid, the Children’s Health Insurance Program, Medicare Advantage plans and Qualified Health Plans in the Federally-facilitated Exchanges must provide enrollees with immediate electronic access to medical claims and other health information electronically by 2020.

“These proposed rules strive to bring the nation’s healthcare system one step closer to a point where patients and clinicians have the access they need to all of a patient’s health information, helping them in making better choices about care and treatment,” said Health and Human Services (HHS) Secretary Alex Azar. “By outlining specific requirements about electronic health information, we will be able to help patients, their caregivers, and providers securely access and share health information. These steps forward for health IT are essential to building a healthcare system that pays for value rather than procedures, especially through empowering patients as consumers.”

This HHS-approved document has been submitted to the Office of the Federal Register (OFR) for publication and has not yet been placed on public display or published in the Federal Register. The document may vary slightly from the published document if minor editorial changes have been made during the OFR review process. The document published in the Federal Register is the official HHS-approved document. The ONC said it will update HealthIT.gov once the proposed rule is published by the Federal Register.

ONC also released a series of educational resources that focus on areas of the rule. The office said it will be holding a series of public webinars over the next few weeks to share more information about the proposed rule.

“We have apps that connect us to our bank balances, airline ticket information, favorite sport teams’ latest scores, local weather and traffic data for our commutes. Apps can even tell me when my next subway train is coming. Each of these apps work by connecting to servers that maintain the underlying data and then displaying the data in easy to understand ways. Although the app universe now has over 2 million products, it is nevertheless very difficult to get your personal medical data on your phone. But this is about to change,” said Don Rucker, M.D., national coordinator for health information technology.

“Today’s announcement builds on CMS’ efforts to create a more interoperable healthcare system, which improves patient access, seamless data exchange, and enhanced care coordination,” said CMS Administrator Seema Verma.  “By requiring health insurers to share their information in an accessible, format by 2020, 125 million patients will have access to their health claims information electronically. This unprecedented step toward a healthcare future where patients are able to obtain and share their health data, securely and privately, with just a few clicks, is just the beginning of a digital data revolution that truly empowers American patients.”

Click here to read the full proposed rule.

For more information: www.healthit.gov

Related Content

According to the National Association of County and City Health Officials, only 33 percent of the organizations plan against cybersecurity threats and initiate patient identity protection protocols.

According to the National Association of County and City Health Officials, only 33 percent of the organizations plan against cybersecurity threats and initiate patient identity protection protocols. 

Feature | Cybersecurity | May 06, 2019 | Maxim Chernyak
As the...
FDA and DHS Expand Partnership on Medical Device Cybersecurity
News | Cybersecurity | October 30, 2018
The U.S. Food and Drug Administration (FDA) and the U.S. Department of Homeland Security (DHS) will be implementing a...
Medtronic is issuing a software update to address a safety risk caused by cybersecurity vulnerabilities associated with the internet connection between the Carelink 2090 and Carelink Encore 29901 programmers used to download software from the Medtronic software distribution network (SDN) . This update is a voluntary recall correction by the manufacturer to address the safety risk caused by the cybersecurity vulnerability.

Medtronic is issuing a software update to address a safety risk caused by cybersecurity vulnerabilities associated with the internet connection between the Carelink 2090 and Carelink Encore 29901 implantable EP device programmers.

Feature | Cybersecurity | October 17, 2018
October 17, 2018 — The U.S.
Philips Warns of Cybersecurity Vulnerabilities in IntelliSpace and iSite PACS Products
News | Cybersecurity | April 16, 2018 | Jeff Zagoudis, Associate Editor
Philips Healthcare last week issued a proactive advisory warning to its iSite and IntelliSpace picture archiving and...
Can Your Cardiac Device Be Hacked?
News | Cybersecurity | February 27, 2018
Medical devices, including cardiovascular implantable electronic devices, could be at risk for hacking. In a paper...
MDISS Launches 'WHISTL' Network of Medical Device Security Testing Labs
News | Cybersecurity | August 23, 2017
The Medical Device Innovation, Safety and Security Consortium (MDISS) recently launched the first of more than a dozen...
HHS Unveils Improved Web Tool to Highlight Recent Health Information Breaches
News | Cybersecurity | August 21, 2017
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently launched a revised web...
Healthcare cybersecurity concerns have increased dramatically as EMRs and medical devices become more digitally connected.

Healthcare cybersecurity concerns have increased dramatically as EMRs and medical devices become more digitally connected.

Feature | Cybersecurity | August 18, 2017 | Dave Fornell
August 17, 2017 — Cybersecurity has become a growing concern in healthcare as patient data, medical systems and impla
Overlay Init