Updates from the ONC

By Dr. Jay Anders, Chief Medical Officer, Medicomp Systems
Twitter: @MedicompSys
Twitter: @medicompdoc
Host of Tell Me Where IT Hurts – #TellMeWhereITHurts

Micky Tripathi, National Coordinator for Health Information Technology at the U.S. Department of Health and Human Services, joins me for a conversation about interoperability and to discuss the latest developments with the 21st Century Cures Act.

But first, I share a bit about a recent chat with an old colleague about the responsibility of interoperability – specifically, the responsibilities that providers have in receiving and sharing information. Interoperability is a current hot topic, but these are issues clinicians have struggled with for years.

I welcome back Tripathi, who was a TMWIH guest in 2021. In his National Coordinator role, Tripathi leads the formulation of federal health IT strategy and coordinates federal health IT policies, standards, programs, and investments.

Episode NOW on Demand

Tripathi provides some background on the pieces of the 21st Century Cures Act that fall under the ONC’s domain, particularly information blocking, standards, and TEFCA (Trusted Exchange Framework and Common Agreement). The Act first passed in 2016 and in April 2021, all actors, including providers, health information networks, and certified technology developers were required to comply with the information blocking rule. Initially, the regulation required the sharing of a minimum data set –– the U.S. Core Data for Interoperability (USCDI) –– which is available in almost all EHRs. On October 6, 2022, the requirements were expanded to “all electronically accessible information.”

The ONC also regulates standards. Tripathi explains that the law required a minimum dataset (the USCDI), which is updated every year. In addition, the ONC has put into place a requirement for a standard interface – the FHIR app – across all EHR systems based on modern internet conventions. By the end of 2022, every provider should have that standard interface available to them, allowing them to give patients access to their records, as well as to share information with other providers or public health organizations.

Tripathi notes that TEFCA also falls under his office’s responsibility. TEFCA basically addresses network governance, including the technical framework and legal requirements for the nationwide exchange of information, which is expected to go live in 2023.

I ask Tripathi to share some of the feedback he has heard from folks about the interoperability initiatives. Tripathi admits there is a very wide spectrum of perspectives, including much that is positive from patients and providers. And although the information blocking provisions create an obligation for providers to share information, many providers recognize the benefits of accessing information they weren’t able to view previously and are strongly supportive of the mission’s overall objective.

Tripathi explains that the provisions don’t allow providers to choose what information is shared; information must be shared unless it falls under certain exceptions, such as the patient asking that the information not be shared. Some providers worry that sharing certain aspects of a patient’s record, such as lab results, before the clinician has had a chance to review, may create unnecessary anxiety or confusion. However, Tripathi views such concerns as “transition issues” that will, in time, be addressed with new mechanisms that also balance the need and desire for transparency.

Tripathi and I then discuss some of the complexities of the CURES Act. For example, the ONC was given the authority to define information blocking and exclusionary exceptions, but enforcement is the responsibility of the Office of Inspector General (OIG). Both the ONC and OIG receive complaints, but the OIG is responsible for reviewing them and deciding which to investigate and who is in violation. In terms of penalties, the OIG can assess health technology vendors and HINs with penalties of up to $1 million per incident, put providers have what is called “appropriate disincentives” – which are defined by the HHS Secretary. Given the complexities, there is still work to be done defining policy, but Tripathi says, “We will absolutely have enforcement for providers.”

Tripathi anticipates that the first QHINs will be approved in early 2023 and implemented later in the year, giving them the responsibility and opportunity to exchange information with different parties. He also sees a variety of data middlemen that may aggregate messy data, normalize it, and analyze it on behalf of contracted parties. He also believes it may be necessary to educate people on how to manage their clinical data, given they will have greater access to their own information. Although there are many legitimate and valuable services that can be provided directly to patients as consumers, Tripathi warns there are also bad actors who will take advantage of the situation and use patients’ information in ways they don’t anticipate.

As we wrap up our conversation, we agree that data responsibility on the provider side is not a new issue but one that has troubled clinicians since the time of paper records. However, electronic systems offer advantages when managing thousands of records, and the quality of data will get better as technology improves. For example, technology can help providers search, screen, and filter data, as well as provide audit trails.

Finally, I finish with my signature question: “If there’s one thing that you could change in healthcare IT, what would it be?”

“I think it would be that we figure out the right business model to allow payment for value,” says Tripathi. He notes that “we’re making steady progress,” but believes that the minute providers participate in meaningful value-based purchasing, they think about what’s in the best interest of the patient, do the right set of things, and say they need all of a patient’s data – and interoperability.

This article was originally published on the Medicomp blog and is republished here with permission.