CMS and ONC Rules: Impact on Health IT Vendors
As they consider how they will comply with these rules, developers of health IT solutions should ask themselves following:
- In what formats does your organization store all data comprising the USCDI?
- What type of data is stored in your organization?
- What systems do you connect with, and where is protected health information housed?
- If you store patient protected health information in your system, you must have a FHIR API that allows patients to access their data.
CMS and ONC Rules: Impact on Providers
As they consider how they will comply with these rules, leaders of provider organizations should ask themselves the following:
How are you managing ePHI? Is your organization — either intentionally or inadvertently — blocking information?
- Do you have the technical capability for bulk data sharing?
- Do you have the technical capability to meet the CMS’s Condition of Participation requirement of sending real-time e-Notifications to patient-identified providers?
- Are you prepared to educate your patients about the benefits and risks of accessing their data using third-party apps?
CMS and ONC Rules: Impact on Payers
As they consider how they will comply with these rules, leaders of payer organizations should ask themselves:
Do you have the technical infrastructure to implement and maintain a secure, standards-based Patient Access API that allows patients to easily access their claims and encounter information, including cost, as well as a defined sub-set of their clinical information through third-party applications of their choice?
- Do you have the technical infrastructure to implement a FHIR-based Provider Directory API?
- Do you have in interoperability solution that integrates easily with your existing systems?
- How will your infrastructure support all requirements for payer-to-payer exchange?
- Do you have the infrastructure to build, manage, maintain, expose, and govern FHIR APIs?
- Can your vendor partners enable use cases outside of the CMS requirements, such as those outlined by the DaVinci Project and SMART on FHIR?
And Keep in Mind:
By failing to meet this requirement, vendors risk losing ONC certification, as well as being named on the ONC’s list of information-blocking offenders.
- Vendors must rely on the Oauth 2.0 protocol to ensure patient data security.
- Vendors that have taken the “walled garden” approach to storing patient data will have to restructure business models regarding how they store and allow access to patient data.
- For the first two years after the rules go into effect, data access and exchange will be restricted to USCDI, which is the minimum data you need to be able to transmit as a vendor, as a provider organization is that core data set.
How We Can Help
Corepoint and Rhapsody — were the first integration engines on the market to feature built in FHIR capabilities.
Rhapsody continues to invest and expand our current native FHIR capabilities, ensuring our products can enable interoperability success in tomorrow’s regulatory climate, while adding critical business value today.
Corepoint and Rhapsody can fit into virtually any infrastructure footprint. Because we specialize in healthcare interoperability, our products can support interaction with virtually any other system vendors will find within a health IT ecosystem.
With our suite of FHIR-native tools implementations can be built quickly and efficiently.
Rhapsody has the best in KLAS services team for the interoperability market and can provide health IT vendors the resources to meet tight implementation timelines.
Rhapsody partners with a number of innovative, trusted health IT vendors and consulting groups that can assist with compliance concerns.
How Rhapsody Health Solutions Can Help You Accelerate FHIR Deployments
FHIR can be used in a variety of workflows for everything from remote patient-monitoring devices to large multi-facility hospital information systems. FHIR not only enables new workflows, such as those related to patient engagement, but also more traditional communications between applications. The current versions of Corepoint and Rhapsody integration engines can be used to support workflows in many ways, with or without FHIR, such as:
- Traditional application-to-application interoperability within the four walls
- External connectivity
- National exchanges
- Mobile applications
- Home health devices
Have a question about how the CMS and ONC rules will affect your organization? Drop us a line and we’ll get in touch with you.