EHI under information blocking rule set to grow – Health

To print this article, all you need to do is be registered or log in to Mondaq.com.

The 21st Century Cures Act’s Information Blocking Rule, codified at 45 CFR Part 171, is intended to improve the access, exchange, or use of electronic health information (EHI), and generally prohibits “actors” knowingly interfere with such access, sharing, or use, except as required by law or specified in an information blocking exception. An “actor” is defined as a healthcare provider, certified health information (IT) technology developer or health information exchange (HIE)/health information network (HIN). Currently, the scope of EHI subject to the information blocking rule is limited to data items listed in the United States Core Data for Interoperability (USCDI v1) data classes. This data includes, but is not limited to, patient demographics, assessment and treatment plan, clinical notes, health issues, lab tests and results, medications and procedures.

Effective October 6, 2022, the EHI covered by the Information Blocking Rule will extend beyond USCDI v1 to all electronic protected health information (ePHI) to the extent such information would be included in a designated set of records, whether or not the records are used or maintained by or for a Covered Entity as defined by the Health Insurance Portability and Accountability Act (HIPAA). As such, ePHIs generally used, maintained, stored, created, and disclosed by covered entities and business associates under HIPAA will now be subject to the information blocking prohibitions. This information will include the following electronic records: medical, billing, enrollment, payment, claims adjudication, case management, or medical care records, and any other records used, in whole or in part, to make decisions about people. Information that is not considered EHI for the purposes of the information blocking rule includes psychotherapy notes; information compiled in reasonable anticipation of, or for use in connection with, any civil, criminal, or administrative action or proceeding; employment records; school records; files concerning a person who has been dead for more than 50 years; and anonymized data.

As the scope of the information blocking rule is set to expand, it will be important for healthcare providers, certified health informatics developers and HIEs/HINs to ensure that they do not engage in practices likely to hinder the exchange, access and use of the IEH. In doing so, it should be noted that there are two different knowledge standards for actors who may be subject to enforcement action. Healthcare providers meet the standard of knowledge if they know the practice is unreasonable and is likely to interfere with access, sharing, or use of the EHI. Certified health informatics developers and HIEs/HINs meet the knowledge standard if they know, or should know, that a practice is likely to interfere with the access, sharing, or use of the EHI. A process to assess EHI requests and ensure employees are made aware of the rule and its exception should make compliance easier for all involved.

The content of this article is intended to provide a general guide on the subject. Specialist advice should be sought regarding your particular situation.

POPULAR ARTICLES ON: US Food, Drugs, Healthcare, Life Sciences

TCPA: Health Care Exemption

Duane Morris LLP

The United States District Court, Northern District of Illinois, recently ruled that a plaintiff’s lawsuit under the Telephone Consumer Protection Act (“TCPA”) survived a motion to dismiss …