If you attended HIMSS 2018, you may remember when Centers for Medicare and Medicaid Services (CMS) Administrator Seema Verma announced the MyHealthEData Interoperability Initiative on the mainstage. According to the statement released by CMS, the MyHealthEData initiative aims to “empower patients by ensuring that they control their healthcare data and can decide how their data is going to be used, all while keeping that information safe and secure.”
Ultimately, the goal of the MyHealthEData initiative is to give patients more control over their electronic health record system (EHR) data. CMS plans to achieve this by breaking down existing barriers to health data access—such as information blocking—by granting patients access to their own EHRs through the device or application of their choice.
This year, CMS didn’t wait for HIMSS to drop news of how they plan to continue working toward their goal of nationwide interoperability and patient empowerment. The day before HIMSS 2019, the Department of Health and Human Services announced proposals for new patient access and interoperability rules. These new rules capitalize on the fact that Americans spend a lot of time using smartphones and work to grant patients access to their EHR data electronically and free of charge.
What’s in the proposed rule?
These highly anticipated proposals draw on the vision of the 21st Century Cures Act and loosen constraints around data and information sharing. The proposed rule would promote critical components of interoperability such as data exchange between payers and participation in health information exchange networks.
In support of the MyHealthEData Interoperability Initiative, CMS proposed that by 2020 all healthcare organizations doing business with Medicare and Medicaid will be required to share claims and other health information with patients electronically through an open API. This will give patients more control over their information and allow them to take their health data with them when they change plans. Providers would also have to comply with new electronic notification requirements.
Additionally, the proposed rule would require:
- Payers to provide additional resources on EHR, privacy, and security
- Providers to comply with new electronic notification requirements
- States to better coordinate care for Medicare-Medicaid dually eligible beneficiaries by regularly submitting buy-in data to CMS
This rule would also allow CMS to publicly disclose providers partaking in “information blocking” or unreasonably limiting the availability, disclosure, and use of electronic health information.
Who is impacted by this proposed rule?
Barring a few exceptions, these requirements would affect providers, hospitals (including psychiatric and critical access hospitals), Medicare Advantage organizations, Medicaid managed care plans, Medicaid state agencies, CHIP managed care entities, and CHIP agencies operating fee-for-service (FFS) systems.
The rule also applies to payers offering Qualified Health Plans (QHP) through the federal marketplace and outside of it, but would not extend to insurers offering employer-sponsored health insurance or insurers offering stand-alone dental plans.
How do I ensure that I’m compliant?
These rules make patient information access the hottest new(ish) trend in healthcare. Agencies will need to grant patients access to certain information through a HIPAA compliant, open API. This data might include granting your patients access to:
- Claims and encounter data
- Provider directories
- Pharmacy directories
- Formularies (information about covered outpatient drugs and preferred drugs)
- Administrative data (enrollee identifiers, dates of service, and payment information)
There are time constraints on these requirements. Data must be made available to patients after one business day (following the claim processing or data receipt). For provider directory data, CMS would require plans to update the available information within 30 calendar days after changes are made or the entity receives updated information.
When will this go into effect?
This proposed rule will be finalized in an upcoming regulation expected to be released later in 2019. CMS has published this proposed rule in the Federal Register and will be accepting comments until early April.
Stay prepared with Formstack.
Formstack’s HIPAA compliant, open API solution offers hundreds of templates across the healthcare spectrum, making it easy to stay engaged with your patients and securely share data. From onboarding your patients to sending out referrals, Formstack strives to help you achieve interoperability goals across your organization, community, and beyond.
Indiana Health Group, a multidisciplinary mental health facility located in Carmel, Indiana, is always prepared to share data with patients when they make a request. Using Formstack, new patients can access and submit referral and registration paperwork via a link on the Indiana Health Group Website.
Read the full story: Indiana Health Group Offers an Efficient Patient Onboarding Experience
Whether you have an electronic health record system that you love in place or you’re struggling to share patient data with specialists, Formstack has a solution to make your organization more efficient. Start automating your patient registration process and avoid information blocking by adding Formstack to your workflow today.