The rules, defined by the HHS Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS), mark the most extensive healthcare information policies the government has implemented since HIPAA. They require that both public and private organizations share information between patients and other healthcare third-parties in a secure manner.
ONC’s Cures Act Final Rule
The ONC’s Cures Act final rule was created to give patients free, secure access to health data, and to spur growth of new healthcare applications that will give consumers greater insight in their healthcare decisions. It aims to inspire interoperable systems that put patients at the center of providers, healthcare technology developers, and policy makers.
Defining what an Anti-Competitive Practice is, and is not
The final rule defines necessary practices that do not constitute “information blocking”, or preventing certain healthcare data from being shared with a patient. Updates ensure that providers using certified health technology have the ability to confer about usability, interoperability, user experience, and security when it comes to data like screenshots and video.
Standardized datasets and APIs
The final rule also specifies standards for interoperability through U.S. Core Data for Interoperability (USCDI), a comprehensive set of data standards that replaces the more limited Common Clinical Data Set (CCDS) from 2015. The USCDI is a standard set of core data classes that electronic medical records must contain, promoting seamless data exchange of clinical notes, allergy information, demographic data, and prescriptions across US-based providers and patients.
In order to provide developers a standard programming foundation, the final rule establishes two types of API-enabled read services:
- Services for a single patient’s data
- Services for multiple patient’s data
CMS’ Interoperability and Patient Access Final Rule
The CMS’ final rule builds on the technical requirements outlined by the ONC, defining federal programs that must comply.
The rule requires Medicare Advantage, Medicaid, CHIP and plans through the federal exchange to allow patients to access USCDI-formatted claims and health data electronically through the Patient Access API by January 21, 2021. Like the ONC rule, this will enable members of government health programs to access information through third-party healthcare apps.
New Requirements for Medicaid and Medicare Hospitals
The CMS final rule requires that all hospitals participating in Medicaid or Medicare send electronic notifications to other healthcare facilities when a patient is admitted, transferred, or discharged. The requirement aims to enhance care coordination across providers.
Are you compliant?
Addressing the compliance of your hospital, speciality clinic, or pharmacy starts with an evaluation of your technology stack. Systems like Salesforce Health Cloud that are broadening to cover emerging data models, like USCDI, are a great place to start when ensuring the scalability of your healthcare system.