HIMSS19: ONC unveils long-awaited information blocking rule

As a major conference on health IT gets underway, the Department of Health and Human Services on Monday morning released a hotly anticipated rule aimed at boosting interoperability.

The Office of the National Coordinator for Health Information Technology finally unveiled its information blocking rule (PDF), which was sent to the Office of Management and Budget for review in September.

The rule defines exceptions to data blocking, and fines that may be associated with the practice, and was mandated by the 21st Century Cures Act.

The rule requires that electronic health data be made available at no cost. But ONC has set seven exemptions where providers and health IT companies can withhold that information, including:

  1. To prevent physical harm to a patient or another person
  2. To protect privacy—ONC has included several sub-exceptions where this would be applicable
  3. To promote cybersecurity
  4. To recover costs incurred in sharing health data
  5. To decline a request for data sharing that is “infeasible”
  6. To license interoperability tools—provided the agreement is fair and reasonable
  7. To conduct maintenance or improves to health IT

Stakeholders that violate the rule, should it be finalized, could be penalized $1 million per instance of information blocking. The rule was dropped as the Health Information and Management Systems Society opens its conference in Orlando.

RELATED: Information blocking provisions will be ‘largely common sense,’ says ONC’s Rucker

“By supporting secure access of electronic health information and strongly discouraging information blocking, the proposed rule supports the bipartisan 21st Century Cures Act,” Don Rucker, national coordinator for health IT, said in a statement. “The rule would support patients in accessing and sharing their electronic health information while giving them the tools to shop for and coordinate their own healthcare.”

The Centers for Medicare & Medicaid Services also released a proposed rule (PDF) on Monday morning, which also takes aim at data blocking. The agency is suggesting that Medicaid, the Children’s Health Insurance Program, Medicare Advantage plans and Qualified Health Plans be required to make enrollee data immediately accessible by 2020.

Providers would also be required to adopt technologies to allow patients easier access to their data as they move between federal health programs. It also seeks to support ONC’s information blocking efforts by publicly posting providers or hospitals that engage in the practice.

If the rule is implemented on that timeline, it would ensure 125 million people have access to their health data immediately, CMS Administrator Seema Verma said.

“This unprecedented step toward a healthcare future where patients are able to obtain and share their healthcare data, securely and privately, with just a few clicks, is the beginning of a digital data revolution that truly empowers American patients,” Verma said.

Though CMS' rule doesn't directly target private payers, she said that the changes should push them to adopt more tools that allow patients to access their data, Verma said on a call with reporters Monday morning. Rucker noted, though, that private payer should be paying attention to regulations out of ONC, as they impact anyone who interacts with or uses an electronic health record.

In addition, private payers will be required to adapt to the proposed to changes in Medicare Advantage, Medicaid managed care and the Affordable Care Act exchanges, so that could drive greater uptake in the commercial space, Verma said.

 "It's going to have such a large impact already," she said.