Advanced Search

Tech & Innovation in Healthcare

Compliance:

Is a ‘Cures Act’ Rule Follow-Up in the Works? Find out

Published on Wed May 31, 2023

Learn about the feds’ proposed changes.

Now that the COVID-19 public health emergency (PHE) is in the rearview mirror, the feds are jumping back onto interoperability reform. Recent entries to the Federal Register have proposed clarifications for rules issued during the pandemic.

Refresher: As the nation struggled with the COVID-19 PHE in May 2020, the HHS Office of the National Coordinator for Health Information Technology (ONC) dropped the 21st Century Cures Act final rule in the Federal Register, addressing the original legislation signed into law in December 2016. The Centers for Medicare & Medicaid Services (CMS) published adjacent policies under its Interoperability and Patient Access final rule that complemented and coordinated with ONC’s update.

In 2021, ONC slowly began implementing key points and requirements from the Cures Act final rule. Last year, the Biden administration added funding for additional rulemaking targeting information blocking in its fiscal year (FY) 2023 budget for the Department of Health and Human Services (HHS).

Now: On April 18, ONC published a notice of proposed rulemaking (NPRM) in the Federal Register titled “Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing” or HTI-1 for short. ONC hopes to improve on past policies and further implement Cures Act provisions, focusing on electronic health record (EHR) certification, information blocking, and protected health information (PHI) safeguards.

“In addition to fulfilling important statutory obligations of the 21st Century Cures Act, implementing these provisions is critical to advancing interoperability, promoting health equity, and supporting expansion of appropriate access, exchange, and use of electronic health information,” offers ONC National Coordinator Micky Tripathi, PhD in a release.

“We look forward to reviewing public comments on ONC’s proposed rule.”

Consider These 4 Key Points

The proposals are broad, touching on the cornerstones of health IT — provider interoperability and transparency as well as patient access and privacy. Additionally, the proposals are collaborative with ONC working in tandem with the Agency for Healthcare Research and Quality (AHRQ), the Food and Drug Administration (FDA), the HHS Office for Civil Rights (OCR), the Department of Veterans Affairs (VA), and the Federal Trade Commission (FTC) specifically to bolster “predictive decision support interventions (DSIs) used in healthcare,” an HHS release says.

“While many of the proposed revisions are highly technical in nature and geared toward developers of health IT, the Proposed Rule is aimed at furthering ONC’s goal of advancing health information exchange and interoperability,” explain attorneys Justin Chavez and Vimala Devassy with law firm Baker & Hostetler LLP in online analysis. “This is the first significant proposed rule since the ONC Cures Act Final Rule was passed in 2020,” Chavez and Devassy remind.

Here’s a look at four policies on the table:

1. Information blocking: The HTI-1 proposals redefine information blocking while offering a more in-depth analysis of “actor,” which was a point of consternation among providers after the 2020 final rule release, according to the rule. ONC also revises and expands on exceptions under its data sharing provisions.

2. EHR certification: In addition to revising the EHR certification program, HTI-1 also aims to endorse “the United States Core Data for Interoperability (USCDI) Version 3 as a standard within the certification program and establishing an expiration date for USCDI Version 1 as an adopted standard …,” the release says.

3. DSI: How artificial intelligence (AI) and machine learning (ML) will impact providers’ decision-making and factor into healthcare outcomes is not only a timely topic, but one that ONC aims to certify via DSIs and eventually regulate, the proposed rule suggests. “The intent of this certification criterion is to ensure the availability of sufficient information on decision support interventions based on predictive models, including machine learning and artificial intelligence, through a more comprehensive list of source attributes and through the conduct and documentation of risk management activities,” ONC says. “That information is intended to enable selection and use of fair (i.e., unbiased), appropriate, valid, and effective interventions.”

ONC also offers that an added bonus of the certification criterion would be “transparency into evidence-based decision support interventions by requiring that products allow [clinical decision support] CDS to be enabled based on specific data classes.”

4. HIPAA: There are several HIPAA-related provisions, but one that looks at offering patients the right to restrict access to PHI is critical. “We propose a new certification criterion specifically focused on supporting patient preferences related to their right to request a restriction on certain uses and disclosures of their PHI under the HIPAA Privacy Rule,” ONC notes in the rule. “This proposed functionality is focused specifically on supporting one health IT enabled mechanism for a patient to request a restriction on disclosure and for a covered entity to honor that restriction using a certified Health IT Module.”

Timeline: ONC will accept public comments on HTI-1 through June 20.

Resource: Find ONC’s resources, including webinars and fact sheets here. You can also read and weigh in on the proposed rule.

Other Articles in this issue of

Tech & Innovation in Healthcare

View All