Healthcare Groups Urge Congress to Use Oversight on Interoperability Proposed Regulations
A group of prominent healthcare industry associations is asking Congress to leverage its oversight of the 21st Century Cures Act to ensure that the federal government improves its proposed rules on interoperability and patient access that it released earlier this year.
In February, federal officials from the CMS (the Centers for Medicare & Medicaid Services) and the ONC (the Office of the National Coordinator for Health IT) released proposed regulations designed to further advance the nation’s healthcare interoperability progress. The proposals have several layers to them, with key elements related to application programming interface (API) standards, electronic health record (EHR) certification, and EHR vendor business practices and behaviors.
A recent letter from key healthcare associations that represent providers—including the American Medical Association (AMA), the College of Healthcare Information Management Executives (CHIME) and others—noted that while the groups are pleased with parts of the ONC rule, such as its attention to improving patient matching, and requirements around APIs, they believe “it’s imperative that policies be put in place to prevent inappropriate disclosures to third-parties and resultant harm to patient.”
In the letter to Sens. Lamar Alexander (R-TN), chair of the Senate Committee on Health, Education, Labor and Pensions (HELP) and Patty Murray (D-WA), ranking member of the HELP Committee, the organizations outlined various recommendations that they believe will improve the regulations implanting Cures, including:
- Additional rulemaking prior to finalization: To ensure a sufficient level of industry review and to appropriately respond to stakeholder feedback, ONC should issue a supplemental rulemaking to address outstanding questions and concerns, the letter stated. The letter specifically called out the proposed information blocking exceptions as being “both complex and confusing.” One example of this is “significant confusion around the definition of ‘electronic health information’ or EHI, which forms the basis for much of the policies in the rule.”
- Enhanced privacy and security: The proposed rule does not sufficiently address Cures’ directives to protect patient data privacy and ensure health IT security, according to the groups. “Further, it is imperative that the Committee continue its oversight of privacy and security issues that fall outside of the Health Insurance Portability and Accountability Act (HIPAA) regulatory framework.” They also noted that “there is building concern that data will be commoditized by app developers and other third parties and used in ways not intended by patients.”
- Appropriate implementation timelines: ONC should establish reasonable timelines for any required use of certified health IT (CEHRT). Providers must be given sufficient time to deploy and test these systems, which must take into account competing regulatory mandates, they said.
- Revised enforcement: The U.S. Department of Health and Human Services should use discretion in its initial enforcement of the data blocking provisions of the regulation, prioritizing education and corrective action plans over monetary penalties, according to the letter.
Indeed, in its proposed rule, ONC implements the information blocking provisions of the 2016 Cures Act, which defined information blocking as interfering with, preventing, or materially discouraging access, exchange, or use of electronic health information. Violators can be subjected up to a $1 million fine if they are found to be bad actors.
In June, organizations expressed major concerns with the government’s proposals, particularly as it relates to their vagueness, as well as timelines that some feel are far too aggressive. One group— Health Innovation Alliance (HIA)—went as far as to formally call on ONC specifically to rescind its regulation, noting that the information blocking exceptions to the proposed rule are so vague that "they will produce a market worse than today's status quo."
“The administration owes it to patients, physicians, Congress and our nation to listen and act on these concerns,” Jesse M. Ehrenfeld, M.D., chair of the AMA’s Board of Trustees, said recently. “We still have a chance to get these policies right. It is possible to improve access to medical information while promoting privacy and transparency.”
To this point, during a May Congressional hearing on the proposed rules, Sen. Alexander expressed his concern to ONC and CMS senior officials that the administration could potentially be moving too fast in its implementation of the proposals. “In 2015, I urged the Obama Administration to slow down implementation of Stage 3 of the Meaningful Use program. They did not slow down, and looking back, the results would have been better if they had,” said Alexander at the time, who later in the hearing said MU Stage 3 was “terrifying.”
While the original timelines had the rules being finalized sometime later this year, it’s now expected that given the concerns detailed by stakeholders, the release of the final regulations will be pushed back.