Camilla Frejlev Bæk, Independent Contractor

How the CMS Interoperability and Patient Access final rule empowers the patients but puts pressure on the payers and providers

This year in March the ONC and CMS released their Interoperability and Patient access rules in final form to support interoperable, seamless and secure access, exchange, and use of electronic health information with a focus on patients and payers. The rules are designed to give every patient in the country along with their healthcare providers secure access to see, obtain, and use all electronically available health information relevant to their healthcare. The rules cover data sharing for improved care continuity, patient access to information, and the prevention of information blocking. 

The rules also aim to increase innovation and competition by fostering an ecosystem of new applications to provide patients with more choices in their healthcare. 

In this post I will highlight the importance of the rules being implemented and applaud the initiative. However, I would also like to raise a word of warning about the complexity of implementing the rules to their full extent and point out that the time available for implementation is rapidly approaching. I would also like to put forward a suggestion on how this can be achieved rapidly in a cost-effective, resource-saving way while at the same time ensuring high data quality. 

What does this mean for patients? 

The patient is at the center of healthcare, and putting them in charge of their health records is a key piece of patient empowerment in healthcare. Patient empowerment is at the center of the Department of Health and Human Services (HHS) work toward a value-based health care system that is responsive to the needs of patients. 

The ONC Cures Act Final Rule defines and implements the interoperability requirements outlined in the 21st Century Cures Act.   

The benefits to the patient from the new rules are: 

  1. Ease of access to their records 
  • The Final Rule enables patients’ access to their health care record via any app of their choice implemented via API based interoperability between their provider’s electronic record and their smartphone or other modern software apps. 
  1. Protecting patient privacy and security 
  • The rule supports secure patient access to their electronic medical record data. Patients will be able to use applications they authorize to receive their data from their medical records, using the same highly secure protocols already used in other industries such as travel and banking apps. 
  1. Promoting the ability to shop for care and manage costs 
  • It aims to expand patient choice in healthcare by increasing the availability of data that can support insights about care quality and costs. 

What does it mean for providers and payers? 

The ONC rule applies to healthcare providers that are participating in CMS funded health IT programs, such as Promoting Interoperability, as well as to a broader definition of providers listed in the Public Health Service Act. It intends to support the seamless and secure access, exchange, and use of electronic health information (EHI). It focuses on standardized application programming interfaces (APIs), implementing the information-blocking provisions of the Cures Act. Further it prohibits “information blocking” by payers and health systems, who will be required to provide data though an API to give patients access to their data and establishes secure API requirements to support patients’ access to and control of their electronic health information. Finally, it requires that EHRs provide clinical data necessary to promote new business models of care. 

The CMS rule applies to all Medicare and Medicaid participating short-term acute care hospitals, long-term care hospitals, rehabilitation hospitals, psychiatric hospitals, children’s hospitals, cancer hospitals, and critical access hospitals (CAHs). The CMS rule requires health plans in Medicare Advantage, Medicaid, and HIP to share claims data electronically with their patients. Further, it creates a ‘Condition of Participation’ for all Medicare and Medicaid participating hospitals, which mandates that they send electronic notifications to another health care facility or community provider/practitioner when a patient is admitted, discharged, or transferred. Finally, it requires the states to submit enrollee data daily for beneficiaries enrolled in Medicare and Medicaid. 

The benefits to providers are: 

  1. Making patient record information requests easy and inexpensive for patients and providers 
  • Modern technology allows clinicians and hospitals to easily provide patients with access to their information in a fully automated, low-cost manner. Secure, standardized application programming interfaces (APIs) allow for this access without special effort on the part of the clinician or the patient. 
  1. Allowing choice of apps 
  • Clinicians, hospitals, and health systems should be allowed to benefit from a competitive, vibrant app marketplace. The rules call for open APIs, which encourage secure access to data for applications and will help ensure these certified APIs are made available in a way that is safe, secure, and affordable. The APIs support innovation in the marketplace for health IT app developers. 
  1. Information blocking 
  • The information blocking rules are a genuinely innovative and serious attempt by HHS to better enable the flow of data across the health system. The rules prohibit any activities that restrict the free flow of clinical information between providers, patients, and other relevant interested parties such as Health Information Exchanges (HIEs).  The rules also define the practices that are considered reasonable and necessary and therefore would not constitute information blocking. The rules establish exceptions to allow clinicians and hospitals common sense operational flexibility, including protecting patient privacy and security as well as handling situations where moving data is technically infeasible. 
  1. Improving patient safety 
  • One of the less well recognized elements to the new rules is the emphasis on improving safety of health IT. The final rule encourages transparency around patient safety issues including the sharing of end user screens which today are commonly restricted by so called “gag clauses” in contracts between hospitals and EHR vendors. 

Complexity in the implementation of the new rules 

So, what does this really mean in practice? Let me paint you a picture: 

A patient’s medical record at Main Street Family Practice includes Type 1 Diabetes (in an ICD-10 code say E 10.9, “Type 1 diabetes mellitus without complications”). Lab tests several months later confirm a COVID-19 positive test result (coded in LOINC 94531-1, RT – PCR test). This patient also suffers from allergy symptoms which are documented using SNOMED. This patient has also visited Downtown Urgent Care Clinic where his medical record includes tobacco use (1 pack/day), but at the urgent care clinic it is documented using a local or proprietary EMR code.  Now you have an idea of how easily a patient’s medical record fills with references to several standard and non-standard coding systems.   

The above example appears to be comprehensive in that it uses LOINC to document labs and SNOMED to document allergies, however it is riddled with codes and references to non-standard documentation and terminology. To adhere to the USCDI standards, the ICD-10 coding E10.9 for “type 1 diabetes” should be coded to SNOMED 313435000 “Type 1 diabetes mellitus without complication”. In addition, the local/proprietary EMR code for smoking status needs to be mapped to the relevant SNOMED code 56578002 “Moderate smoker (20 or less per day)”.  Both examples require mapping from the source code system (ICD-10 or local) to the standard target code system outlined by USCDI.  

The new rules require that every patient will have to access their data electronically regardless of where they receive care. This electronic access is through a patient centric API and will deliver patient data on demand. We already know that this data is stored in several different systems with different coding. The rules state that the data belonging to this unique patient shall as of July 2021 be accessed by the patient in a useful format, in order for him/her to make valid healthcare decisions and gain insights about care quality and costs. 

There are some challenges with the above scenario. Will all providers and payers be able to deliver a patient’s data in a useful format? Will FHIR as a standard with the patient APIs be enough to service the patient with this data? Will the payers and providers make the time limits for implementation to be compliant with the new rules? Will the data be relevant and easily comprehended by the patient? 

In our experience, many providers and payers manually manage clinical data language and coding in spreadsheets and hard-coded tables. While we agree that this CAN be done in a manual way, we don’t believe it SHOULD be done in this manner.  This manual process ties up valuable resources — time and money — in time-consuming, cumbersome routine tasks with high risk of the human factor errors. 

How Rhapsody Semantic can help you comply 

We believe these initiatives are a great step forward for improving interoperability in the United States. However, we also believe that payers and providers will encounter problems when implementing the rules, because patient data is stored in so many different coding systems.  

Don’t worry, we can help you comply. 

We can empower you to speak the CMS interoperability language fluently. 

Rhapsody Semantic offers you a CMS interoperability solution covering all the vocabulary code sets and terminology areas you need to standardize within, all in one solution with tools for mapping and automatization along with future proof updates. 

This solution offers you the possibility of normalizing the data and mapping it to the right format. HealthTerm can be an integrated component to the ecosystem you are present in, acting as a filter on the way from source to target data to accept standard format and ensure that you are compliant with the rules. 

Normalization using Rhapsody Semantic

Finally, if you are a payer or provider facing challenges with implementing the Interoperability and Patient Access final rule, please don’t hesitate to contact us to discuss how Rhapsody can help. 

Sources: Guidance/Guidance/Interoperability/index 

For further reading check out: 

Related Blogs

Rhapsody Health Solutions Team

ONC regulation is here: What you need to know

AI is driving new regulation from the ONC. Learn more about how the HTI-1 rule impacts healthcare technology development.

Read more

Sameer Sule, Chief Information Security Officer

Trust is always the foundation

Rhapsody understands the importance of keeping data secure and is committed to providing secure, stable, reliable, and high-quality solutions for healthcare organizations.

Read more

Rhapsody Health Solutions Team

How to solve healthcare data quality issues using semantic interoperability

Semantic interoperability is key to building a strong foundation of usable healthcare data and can improve quality of care.

Read more