Summary of New ONC and CMS Notices of Proposed Rulemaking for Health IT

Bill Hersh1William Hersh, MD, Professor and Chair, OHSU
Blog: Informatics Professor
Twitter: @williamhersh

During the Healthcare Information Management Systems Society (HIMSS) conference, the Office of the National Coordinator for Health IT (ONC) and Centers for Medicare and Medicaid Services (CMS) each dropped a Notice of Proposed Rule Making (NPRM) concerning functionality, interoperability, certification, and others aspects of electronic health record (EHR) use.

These rules are required as described in the 21st Century Cures Act, which was major legislation to modernize aspects of biomedical research and health IT that passed with wide bipartisan majorities. I saw the act as a chance to “clean up” some of adverse and unintended effects of the Health Information Technology for Clinical and Economic Health (HITECH) Act (aka, meaningful use).

The Web page for the ONC NPRM not only has the 724-page proposed rule, but also a set of nine readable and understandable fact sheets about the rule and another seven devoted to aspects of the information blocking rule. A slide presentation from the HIMSS conference has a number of nice figures that diagram aspects of big picture. The fact sheets and slide presentation present a nice segue to then word-search in the 724-page PDF to find specific details.

Here is my summary of the key points of the ONC rule:

  • A new US Core Data for Interoperability (USCDI) that adds provenance information, 8 types of clinical notes, additional demographic information, and pediatric vital signs to the former Core Clinical Data Set
  • APIs to access USCDI using FHIR, with a base set of 13 Resources and two specific data fields within the Patient Resource that must be supported
  • SMART Application Launch Framework, using the OAuth2 and OpenID standards
  • Conditions and maintenance of EHR certification, with additional pediatric-specific criteria
  • Requirement to be able to export data for a patient and for all patients (when provider changing EHRs)
  • Rules for information blocking and allowable exceptions
  • Allowable fees to support information exchange (but not to the patient to access their data)
  • Standards Version Advancement Process to allow developers to choose among the versions of standards currently approved by National Coordinator
  • No developer gag clauses that prohibit discussion and demonstration of problems

The CMS NPRM is a companion rule that goes into more detail on some aspects, per its headings, some of which include:

  • Patient Access Through Application Programming Interfaces (APIs)
  • Health Information Exchange and Care Coordination Across Payers
  • API Access to Published Provider Directory Data
  • Care Coordination Through Trusted Exchange Networks
  • Public Reporting and Prevention of Information Blocking
  • Provider Digital Contact Information
  • Advancing Interoperability in Innovative Models

Clearly these rules are a necessary recalibration of our EHRs and their data, aiming to make them more patient-centric, clinician-friendly, and responsive to the EHR marketplace. While I suspect some smart people will come up with some good ideas why one thing or another should be changed in the final rules, my interpretation of the NPRMs is that they pretty much hit the target. I am confident they will lead to improved systems and our ability to do good with the data.

This article post first appeared on The Informatics Professor. Dr. Hersh is a frequent contributing expert to HITECH Answers.