Ready or not, information-blocking requirements now apply to the entire set of electronic health information (EHI). EHI is defined as electronic protected health information to the extent that it would be included in a designated record set such as a physician’s or a hospital’s billing or patient records.
Earlier this month, the second phase of federal regulations stemming from the 21st Century Cures Act went into effect, and the AMA has detailed what the latest information-blocking requirements mean for physicians and their practices (PDF).
Specifically, a physician’s obligations to provide information no longer only applies to the narrow subset of health records defined by the federal U.S. Core Data for Interoperability (USCDI) standard. Federal information-blocking requirements have now shifted to all electronic medical information maintained by your practice or hospital.
While there are no enforcement provisions in place now, this next phase will be trickier for physicians to navigate. Requestors—whether they are patients, insurers, physicians, caregivers or others who have a right to the information—can ask for significantly more information, yet federal guidance and technology is still lacking.
The AMA joined nearly a dozen medical, hospital and other health organizations across the health care continuum in sending a letter (PDF) to the Department of Health and Human Services (HHS) asking that Secretary Xavier Becerra postpone the information-blocking compliance deadlines for one year because physicians, vendors and other stakeholders were not fully prepared to meet the deadline.
The letter points to issues regarding EHR vendor readiness, lack of information-blocking education, patient data privacy, and the ability of small physician practices to comply. The deadline was not postponed, but the AMA continues to work with the federal government to iron out details.
Learn more with the AMA Ed Hub™ course, “Information Blocking Regulations: What to know and how to comply.”
Going forward, several issues—outlined below—need to be worked out for physicians and others to be compliant and to ensure that patients and others get the information they need without exposing information that would violate privacy.
Inconsistency as to what EHI includes. There are discrepancies as to how EHI is defined across health care communities, which can make it potentially challenging to provide exactly what is being requested. The AMA is working to help create a consistent definition.
Most EHR systems are not ready to handle requests. A recent College of Healthcare Information Management Executives survey found that of health care organizations queried, 39% reported they were concerned about receiving their upgrade on time.
While physicians were required to provide EHI as of Oct. 6, EHR vendors are not required to have the tools in the marketplace until Dec. 31—and some EHR vendors may not meet their end of the year deadline.
In addition, because of the inconsistency in the definition of EHI, there is the potential that the EHR vendor may define EHI differently than the physician and provide a system that doesn’t do what the physician expects it to do.
Privacy concerns. As more information is sent, there is a big concern about what records will be sent, who will have access to them, and that sensitive medial information is difficult to strip out of EHI requests. For example, office notes can contain information about a reproductive health issue or a previous abortion that doesn’t apply to a request was made from a patient’s insurer or employer.
There are steps physicians can take to ease the transition under the new regulations.
Think about the policies and procedures your office has in place to release information. Have conversations with the office administrator or other staff in charge of releasing records— ask what is being done to be compliant under the new rules.
Talk to and engage your EHR vendor. Your EHR vendor is also subject to the new EHI requirements and therefore must provide you and your practice support in complying with the information blocking regulations.
If you can’t send EHI in a way that protects patients’ information or complies with state law, physicians can use one or more of these eight exceptions (PDF). Make sure your medical practice or health system has information blocking policies and procedures in place before the use of any exception.
Look at your state law. If state laws explicitly prohibit the sharing of certain information, that trumps the federal information blocking regulation. For example, California recently passed a law that gives the physician a chance to review labs before they are sent to patients.
The law is aimed at reducing the chance that life-altering test results are sent to patients without physician review and the opportunity to provide important context. This New York Times article discusses the real-world downsides to HHS’ implementation of the Cures Act.