Interoperability and Patient Access
The CMS final rule: what it is, who gets impacted, and how to plan for the future
This paper contains a detailed summary of the Interoperability and Patient Access Final Rule in healthcare and the 21st Century Cures Act, along with technical and implementation standards. The paper explains how the ruling impacts healthcare enterprises and technology firms and provides a planning guide for implementation of the requirements.
The MyHealthEData initiative was announced at the HIMSS 2018 conference, following which the Office of the National Coordinator (ONC) and CMS released the Interoperability and Patient Access Final Regulation on May 1, 2020. The regulation implements the key provisions of the 21st Century Cures Act and empowers patients with control of their own healthcare records. The deadline to implement the final rule is early- to mid-2021. There is a list of infrastructure and technology updates that payers, providers, and Health IT vendors need to implement to comply with the ruling.
For payers, the first milestone is in January 2021, which gives them less than six months to put their action plan together. The CMS has announced a temporary policy of relaxed enforcement due to the COVID-19 crisis which may extend to July 2021. Nevertheless, the payers must have the technical infrastructure in place to share patient claims, encounters, and clinical data stored in their databases in a format that can be easily consumed by third-party developers and applications. The data must be made available in FHIR compliant APIs (Application Programming Interfaces), and USCDI prescribed vocabulary standards along with a robust patient authentication and identification standard.
For providers, including the healthcare systems, the ruling is relatively more straightforward with most of the technical implementation burden being on the EMR systems, payer systems, and other technology vendors. Provider organizations only need to attest to not blocking information and providing digital contact information to NPPES online records.
The technology vendors must conform to the vocabulary standards and attest to the technical and implementation standards. In this paper, using Damo’s ICEATM framework, we have highlighted the applicable impact of the ruling on each of the four types of technology providers.
This paper explains how the CMS Interoperability Rule impacts healthcare enterprises and technology firms, and provides a roadmap to plan for the future.
- Executive Summary
- The Rule
- Inclusions and Exclusions
- Key Terminologies
- Technical Standards
- Fast Healthcare Interoperability Resources (FHIR) Standards for APIs
- SMART IG / OAuth 2.0
- OpenID Connect
- Content and Vocabulary Standards
- Implementation Standards
- Policies Applicable to Payers
- Policies Applicable to Providers
- Implementation Strategies for Technology Firms: ICEATM Framework
- Implementation Strategies for Healthcare Enterprises
- Healthcare Providers