While there is little agreement coming out of Washington, D.C., the last several years, that hasn’t always been the case. In fact, a significant piece of legislation received overwhelming bipartisan support in 2015 and was signed into law in December 2016. Like other large pieces of legislation, the 21st Century Cures Act (Cures Act) included components that addressed several distinct — but related — aspects of healthcare in the United States.
For example, the Cures Act was enacted to advance medical product development, bringing innovations to patients faster than before. Related, the Cures Act aims to bring patients’ perspectives into medical product development. Other aspects of healthcare are also included in the Cures Act, but in this column, I focus on those aspects of the act that address the sharing of health information.
Specifically, I will explore the information-blocking aspects of the Cures Act that fall under the purview of the Office of the National Coordinator for Health Information Technology (ONC). Consistent with traditional processes, a public comment period was held after the Cures Act was signed into law.
After comments were submitted, considered, and acted upon (when necessary), the ONC released the Cures Act Final Rule in June 2020. Also consistent with traditional processes, the ONC provides (and commonly adjusts) a timeline for health information technology (IT) vendors to bring their heath IT systems in compliance with published standards. In terms of information blocking and related regulations, the current timeline can be found here.
But in the realm of health information and the Cures Act, what is information blocking? According to the ONC, information blocking occurs when a practice limits “access, exchange, or use of electronic health information.” The Cures Act applies information-blocking standards to multiple groups, also referred to as “actors.”
For health IT developers, health information networks, and health information exchanges, the standard focuses on whether these groups know (or should know) that a specific practice is likely to limit access, exchange, or use of electronic health information. For healthcare providers, the standard focuses on whether the providers know the practice is unreasonable and likely to limit access, exchange, or use of electronic health information.
Patient Access Priority
ComputerTalk readers who were in practice prior to the early 2000s will remember the incredible efforts that began around 2004 to transition the U.S. healthcare system to an electronic information environment (i.e., electronic health records). That ongoing, multibillion-dollar effort primarily focused on providers’ and healthcare institutions’ use of electronic systems to manage health information.
As that work progressed to advanced uses of electronic health information and projects like OpenNotes demonstrated the value in patients’ access to their health information, an increasing amount of attention has been placed on patients’ access to their own health information. Considering the two primary electronic health information user groups, it should be apparent that both healthcare providers and patients can be subject to information-blocking practices.
As an example, providers can be subject to information blocking when (unsuccessfully) trying to access a patient’s information from another provider. Patients can experience information blocking when they are unable to access their electronic health information or experience unnecessary delays accessing their information.
In philosophical and practical terms, information blocking does not align with today’s focus on team care and engaging patients in their own care. In fact, a core benefit of the United States’ transition to electronic health information is providers’ ability to quickly access relevant patient data, even if the data is not created in their practice setting. For patients, the ability to access their health information represents a significant shift in their ability to engage the healthcare system.
As the quest for electronic health records I described focused on providers and healthcare institutions, today’s discussions surrounding information-blocking also focus on those groups’ information-sharing practices. This makes sense, as much of a patient’s healthcare data is generated in healthcare facilities (i.e., hospitals, clinics, etc.) and in their primary care provider’s clinical information system.
Additionally, the certified health IT systems and health information exchanges/networks specified in the Cures Act are the primary mechanisms by which electronic health information is shared. It is worth noting, however, that the Cures Act definition of “healthcare provider” includes pharmacist and pharmacy.
This may cause some concern among pharmacists, but it can also be viewed as another avenue to engage patients. The Pharmacist eCare Plan should be an important component of pharmacy’s participation in information sharing, and the Pharmacy Health Information Technology Collaborative is guiding those efforts.
At this time, the important date was Oct. 6, 2022. This is when the law granted patients full digital access to their health data. In other words, access to all data was required by this date. Future deadlines in 2022 and 2023 specify HL7 FHIR API compatibility and data export functionality requirements.
As many may anticipate, a subset of motivated patients will take the steps to learn how to access and use their data. A larger group of patients will desire access but will not have the knowledge or skills to do so, unless they have help. This has created a business opportunity for IT companies to create software tools to help patients navigate the process of accessing their health information.
Finally, it is worth noting that the ONC has established eight exceptions for the three groups of actors (i.e., providers, IT developers, and health information networks/exchanges). If an actor’s activity falls into one of these eight exceptions, the activity will not be considered information blocking.
The eight exceptions fall into two categories: 1) exceptions that involve not fulfilling requests for information, and 2) exceptions that involve procedures for fulfilling requests for information. The ONC provides specific criteria for each of the eight exceptions and can be accessed here.
As we wrap up 2022, requirements, deadlines, and expectations for the information-blocking provisions of the Cures Act have become clearer. Less is known about enforcement of the law. While pharmacy may not be center stage in most information-blocking discussions, pharmacists should remain aware of the law, and pharmacy IT vendors should also monitor the law’s impact on future product development and functionality. CT
Brent I. Fox, Pharm.D., Ph.D., is a professor in the Department of Health Outcomes Research and Policy, Harrison School of Pharmacy, Auburn University. He can be reached at foxbren@auburn.edu.