Two New Federal Interoperability Rules: What You Need to Know

Payers and providers are increasingly vocal about their need for health information technology (HIT) systems to interoperate in a consistent and industry-wide manner. While the industry has made progress on this front, recent actions in Washington aim to accelerate the pace of progress while also demonstrating the government’s commitment to HIT interoperability.

On October 14th, 2016, the federal government announced two final regulations that impact the ongoing transformation to “full interoperability” in healthcare. One regulation was the nearly 2,400-page final rule from the Centers for Medicare and Medicaid Services (CMS) on implementation of the Medicare and CHIP Reauthorization Act (MACRA) that will transform the delivery of Medicare Part B.

The second, which was overshadowed by the MACRA rule, is the final rule from the Office of the National Coordinator (ONC) on Health IT Certification. While neither final rule is a silver bullet that can solve all of healthcare’s interoperability challenges, taken together they demonstrate the federal government’s ongoing commitment to moving the industry forward, and using greater regulatory authority to achieve a goal most people in healthcare—payers and providers alike—agree is crucial for the success of value-based care and payment, bending the cost-curve overall, facilitating care coordination, and improving patient outcomes.

The new rules focus on different segments of the healthcare market, but are complementary to each other. MACRA, bipartisan legislation passed by Congress in 2015, is focused on moving Medicare Part B physicians into a value- based system of reimbursement beginning in 2019. As part of this law, Congress charged the Department of Health and Human Services and the CMS with adopting policies that would lead to “widespread interoperability” in the healthcare delivery system.¹ The law defined “interoperability” as both the “exchange of information” and the use of exchanged information to facilitate care coordination and improve patient outcomes.

The final MACRA rule requires providers who are affected by it—nearly 600,000 clinicians across America—to attest that they are cooperating with the ONC Health IT Certification Program, and that they are not engaging in activities that would constitute “information blocking,” which is an unreasonable constraint imposed on the exchange of patient data or electronic health information.

While MACRA reassures clinicians that they will not be held responsible for failures of their health IT systems, the CMS cited a 2015 ONC report which found some providers actively engage in information blocking as a means of “control[ling] referrals and enhance[ing] their market dominance.”²

To address this concern, CMS will require participating providers to engage in a two-step attestation process. First, clinicians must attest that they have cooperated with all aspects of the ONC Health IT certification program. This means that if ONC undertakes an investigation of a certified health IT product, that providers must engage cooperatively in that investigation.

Second, providers must attest that they have acted in good faith to “support the appropriate exchange of electronic health information” by not taking action to “limit or restrict … interoperability of certified EHR technology”.³ This second set of attestations is critical to achieving interoperability, because it puts the onus on providers, not vendors, for affirming:

1. That their EHR technology complies with federal regulations;
2. That their EHR technology has been implemented in a manner that allows patients to access their electronic health information; and
3. That their EHR technology “allow[s] for timely, secure, and trusted bi- directional exchange” of electronic health information.⁴

Released on the same day, the new ONC rules seek to strengthen the agency’s enforcement authority by implementing what it calls a “direct review” process of instances of nonconformity by certified health IT. Under the old regulation, ONC delegates certification of health IT to ONC- Authorized Certification Bodies (or ONC-ACBs).

In the new rule, ONC augments the regulatory regime by allowing direct ONC review of certified health IT used in the field in two circumstances:

1. When the certified health IT is “causing or contributing to serious risks to public health or safety.”
2. When an ONC-ACB identifies a potential issue but is unable to fully investigate because it lacks authority or capacity to do so.

While the process for completing direct reviews remains to be defined, ONC believes it will lead to enhanced “accountability for health IT developers” and “greater confidence” among end-users. ONC also states their goal will be to bring health IT into compliance, but they reserve the authority to de- certify products that fail to do so.

Taken together, these two new rules promise to insert the federal government more intimately into the enforcement of health IT interoperability requirements. While it remains to be seen whether this new strategy will be effective in bringing about the transformative change that most in healthcare seek, it does create incentives for health IT vendors and providers to ensure their systems are compliant with the government’s interoperability mandates. And at the very least, these new rules confirm that we still have a journey ahead before we can say that healthcare has achieved the promise of full interoperability.

_{1 Public Law 114-10, § 106. April 16, 2015. https://www.congress.gov/114/plaws/publ10/PLAW-114publ10.pdf
2 Office of the National Coordinator for Health IT, Report to Congress on Health Information Blocking (April 10, 2015)
3 MACRA Final Rule, page 78 https://s3.amazonaws.com/public-inspection.federalregister.gov/2016-25240.pdf
4 MACRA Final Rule at 81}