Healthcare Information

By: Brian Field

6E9A1516-lower-res-e1630337874585

With the ever-changing climate of technology, the Health Insurance Portability and Accountability Act (HIPAA) continues to make patient-centered modifications intended to protect personal health records. Key components to the most recent updates to HIPAA include prohibition of records withholding.

The inspiration for the recent changes come from the Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS). A goal of both entities is to protect the health of all Americans and ensure essential human services. The OCR continues to reinforce a focus on patients regarding health and health records by aiming to eliminate technical barriers and reducing or eliminating cost to patients.

Following HIPAA law changes can be daunting, but if there is one thing to keep in mind, it is that HIPAA prioritizes patients. The information below is a snapshot of what you should know as you navigate health records storage for your patients before, during, and after their care with you has ended:

On May 1, 2020, the Centers for Medicare and Medicaid Services (“CMS”) published final rule CMS-9115-F known as the Interoperability and Patient Access final rule. “This final rule is the first ehrsiner_770-300x200 phase of policies centrally focused on advancing interoperability and patient access to health information.” 85 Fed. Reg. 25511. CMS states that this rule “puts patients first by giving them access to their health information when they need it most, and in a way they can best use it.” Policies and Technology for Interoperability and Burden Reduction, CMS.gov. The rule requires coordinated communication between patients, providers, and payers. These changes largely require the use of improved and updated technology, and CMS provides implementation support here. Although many of the requirements under the final rule went into effect on January 1, 2021, because of the hardships posed by COVID-19, “CMS will not enforce these requirements until July 1, 2021.” Id.

Payors carry the brunt of this regulatory change. Without detailing all requirements under the rule, a few are as follows. CMS-regulated payors must maintain a secure, standards-based application programming interface (API) that will support the exchange of patient electronic health information (“EHI”). These payers must also maintain a patient-facing API allowing patients to access their EHI, including information about claims and costs, and make provider directory information publicly available through an API. Further, payors are required to implement a process for exchanging data, which is not required until January 1, 2022.

Governed hospitals will soon have a duty to send event notifications of a patient’s hospital “admission, discharge, and/or transfer to another healthcare facility or to another community provider or practitioner” to “improve care coordination.” Interoperability and Patient Access Fact Sheet, CMS.gov (Mar. 9, 2020). CMS-regulated providers are encouraged to register all interoperability digital contact information through the National Plan and Provider Enumeration System (NPPES). A list of providers who fail to do so will be publicly available as a way to incentivize compliance. Landi, H., CMS’ New Interoperability Rule Requires Major Changes for Payers, Hospitals. Here are 6 Key Elements, Fierce Healthcare (Mar. 9, 2020).

Articles Posted in Healthcare Information

Healthcare Treats Patients, HIPAA Protects Them: Recent Changes to the HIPAA Laws and How These Changes Affect the Healthcare Community

By: Brian Field

CMS’ Interoperability and Patient Access Final Rule Soon to Be Enforced