On March 9, the Centers for Medicare and Medicaid Services (CMS) finalized its Interoperability and Patient Access Rule (Interoperability Rule), which aims to enhance patients’ control over their healthcare information. As CMS drives toward a value-based system of care, the rule seeks to make patients more informed regarding their healthcare decision-making and to improve care coordination. According to National Coordinator for HIT Don Rucker, M.D., “[d]elivering interoperability actually gives patients the ability to manage their healthcare the same way they manage their finances, travel and every other component of their lives.”

The Interoperability Rule was originally scheduled to take effect on June 30, 2020, with varying compliance dates based on the applicable requirements. However, in light of the COVID-19 public health emergency, CMS has announced it will delay enforcement or exercise enforcement discretion for an additional six months.  Aspects of the rule apply to a number of other actors, including health plans, that are beyond the scope of this alert.

The Interoperability Rule was published in concert with the Information Blocking Rule published by the Office of the National Coordinator for Health IT (ONC), which generally prohibits practices likely to interfere with or discourage the access, exchange or use of electronic health information. For additional information regarding the Information Blocking Rule, see our previous alert.

Patient Admission, Discharge and Transfer Event Notification Requirement of Interoperability Rule

The Interoperability Rule introduces a new Medicare Condition of Participation (COP) that requires all hospitals to send electronic notifications to a patient’s healthcare providers (e.g., primary care practitioner) upon the patient’s admission, discharge or transfer (ADT). This requirement will go into effect on May 1, 2021. Using the COPs as the enforcement vehicle for this requirement places a hospital’s participation in Medicare at risk in the event of noncompliance. In issuing the final Interoperability Rule, CMS disagreed with commenters who argued this enforcement structure would be draconian, pointing out that a single minor infraction would be judged in light of the nature and extent of the hospital’s non-compliance and the risk it poses to patient health and safety, rather than automatically triggering penalties.

In response to the proposed rule, commenters also expressed concern the COP may encourage providers to be overly hasty in sending patient information, potentially leading to inappropriate disclosures. For example, hospitals may have difficulty accurately confirming the identities of the providers receiving the messages. CMS downplayed concerns about this risk, insisting that the rule should not be construed to conflict with HIPAA or other applicable law. CMS stated that the hospitals are only required to make a “reasonable effort” in such situations; however, it remains unclear how flexible regulators enforcing the Interoperability Rule will be when interpreting this “reasonableness” standard. The introduction of the Information Blocking Rule further complicates the analysis: if a hospital determines it cannot make an ADT disclosure due to HIPAA concerns, it must also ensure it meets an exception to the information blocking prohibition or risk being found noncompliant.

Other Impacts of the Interoperability Rule on Providers

Reporting of Providers Engaging in Information Blocking

CMS will publicly report eligible clinicians, hospitals and critical access hospitals that may be information blocking, based on their attestations to certain Promoting Interoperability requirements in connection with the Merit-based Incentive Payment System (MIPS). Eligible providers will be required to attest that they:

  1. Did not knowingly or willfully limit or restrict the compatibility or interoperability of certified EHR technology;
  2. Implemented technologies, standards, and policies reasonably calculated to ensure that the EHR technology conforms with applicable health IT requirements and specifications; and
  3. Responded in good faith to requests for electronic health information.

A CMS website and the Physician Compare website will display any “no” responses by eligible providers and thereby implicitly indicate which providers have attested that they are in compliance with the information blocking requirements. While a specific compliance date has not been established, CMS will begin this reporting in late 2020.

Reporting of Providers Failing to List or Update Digital Contact Information

CMS will also publicly report the names of providers who have not added digital contact information to their entries in the National Plan and Provider Enumeration System (NPPES), with the goal of encouraging providers to make this contact information available to facilitate care coordination and data exchange. CMS has stated reporting will begin in late 2020, but a precise date has not yet been announced.

If you have any questions regarding this new Interoperability Rule, please contact the authors.