A set of new rules that aim to improve the interoperability of healthcare records and set a string of new requirements on healthcare providers was met with mixed reactions across the industry.
The two rules, from the Office of National Coordinator (ONC) and HHS, require healthcare providers to offer patients free, digital access to their healthcare records by 2021. This will be conducted through application program interfaces (APIs). All Medicare, Medicaid, CHIP and Affordable Care Act health plans will also have to share health data with patients through APIs.
Payers are also required to make provider directories publicly available by 2021, while hospitals and health systems are required to electronically notify healthcare providers about a patient’s admission, discharge or transfer from a hospital.
The rules were met with both support and some concerns among industry voices.
Cerner, the world’s largest health technology company, supported the flow of electronic health information and urged HHS Secretary Alex Azar to finalize the ONC’s proposed rule in late January.
“Consumers should have the right to access the health care information their providers have about them and dictate where they want it to go,” said Cerner CEO Brent Shafer in a statement. “Although existing laws allow patients to access their data, it doesn’t work.”
However, one of Cerner’s competitors, EMR company Epic, came out strongly against the proposed rule, with CEO Jud Faulkner penning a letter to Azar citing concerns over health system burdens and patient privacy. Another 60 health systems signed onto the letter, making it a significant opposition to the rules.
The American Hospital Association voiced harsher words about patient privacy after the rule came out.
“The rule lacks the necessary guardrails to protect consumers from actors such as third-party apps that are not required to meet the same stringent privacy and security requirements as hospitals,” AHA President and CEO Rick Pollack said in a statement. “This could lead to third party apps using personal health information in ways in which patients are unaware.
These guidelines are too important not to get right. We need to stand on the side of the patient by protecting patient privacy and strengthening security in this rule.”
The American Medical Association was one group that said it will take “aggressive action” to update its members with resources and tools to comply with the new rule. AMA still wants more information about certain provisions, including privacy controls and unnecessary EHR access, the complexity of information blocking, and API costs for healthcare providers.
“The AMA has been advocating on behalf of physicians and patients for over 10 years to ensure EHR usability, interoperability, and patient data and safety are top concerns when government agencies develop new policies,” AMA President Patrice A. Harris, MD, MA, said in statement. “As the AMA reviews the new rules, we will pay special attention to policies aimed at creating efficiencies in data exchange, reduction in physician burden, and patient control over and access to their data.”
AMA is not the only group worried about costs. Industry group MGMA is also worried about how the rule will work between vendors and providers.
"MGMA is concerned that the ONC rule permits EHR vendors to push API costs onto providers. We will lead industry efforts to protect medical groups from potentially excessive EHR upgrade fees to ensure limited practice resources are not diverted from patient care,” Anders Gilberg, senior vice president of government affairs at MGMA, said in a statement.
However, the group was supportive of the electronic notification requirement for hospital admission, discharges and transfers. This was also supported by the National Association of Accountable Care Organization (NAACOS),
NAACOS called the electronic notifications rule “a win” for population health management, and the group supported the requirement since it was proposed, according to Clif Gaus, Sc.D., President and CEO of NAACOS.
“With this change, ACOs can learn when one of their patients enters or leaves the hospital, allowing that patient’s primary clinician to step in and provide appropriate, well-coordinated care,” Gaus said in a statement. “We are grateful CMS listened to our request to add patient visits to the emergency department as part of its new requirements. For our health system to move to one that rewards value and supports alternative payment models, providers must be given appropriate data about their patients, and this includes alerts on hospitalizations.”
Another industry titan, AHIMA supported the general ideas in the final rule, but wanted to see an interim rule that would five ONC flexibility to make revisions when implementing the rule.
“We support the intent of the Cures Act to eradicate practices that unreasonably limit the access, exchange and use of electronic health information for authorized and permitted purposes including patient access to their health information,” AHIMA CEO Wylecia Wiggs Harris, PhD, CAE, said in statement. “However, given that the rule introduces a number of new definitions and terminologies and the significant economic impact of this rule, we are disappointed the Office of the National Coordinator for Health Information Technology did not heed stakeholders’ calls to issue an interim final rule.”