The Cures Act and EHR: What Are the Best Practices

The Cures Act and EHR: What Are the Best Practices?

The Cures Act and EHR: What Are the Best Practices?

Healthcare professionals and patients in the United States are on the cusp of unprecedented regulatory changes that will impact automation, privacy, security, and how we manage access to patient data. The information blocking and interoperability rules of the 21st Century Cures Act are closely related to HIPAA and will begin to transform the whole industry in October 2022. 

The Cures Act is bipartisan legislation designed to help accelerate medical product development and bring new innovations and advances to patients who need them faster and more efficiently. It includes funding research, the FDA, and the opioid crisis. Notably, the Cures Act created new rules to encourage interoperability, prevent information blocking, and ensure patients can access their electronic health information.

The Cures Act will significantly impact how we manage electronic health information (EHI) and who can access and share patient information. This access and exchange will become more common among:

HIPAA entities:

  • providers  
  • payers

Non-HIPAA entities: 

  • personal health apps
  • mobile smartphone-based health apps 
  • related digital apps
  • any third parties that involve patients, providers, and payers
  •  

These rules cover more than just patients’ access to their information. The Cures Act will address all use cases where parties that exchange health information will be able to refer to rules to govern their requests for most uses of patient information, even if they are not directly participating in the process. Denying appropriate access, use, or sharing of EHI may result in the new information-blocking rules. Today, these rules act as a deterrent but will soon lead to direct penalties.

The interoperability and information blocking rules require the largest investment for providers and practices. Correct data sharing processes are essential for compliance as they cannot create unreasonable barriers to accessing, sharing, and using EHI. All electronic health record (EHR) interoperability features must be enabled and up-to-date.

Sharing data with your patients and other practices can help you improve outcomes and quality of care. Providing patients with easy access to their EHI can increase satisfaction and involve patients in their care. Seamlessly sharing data with other providers can also improve diagnosis, treatment planning, and outcomes. Complying with the new information blocking rules may require some up-front investment, but the result should be better, more coordinated care.

AIDA is ready to help you leverage the benefits of Certified Electronic Health Record Technology (CEHRT) and comply with the Cures Act the easy way. AIDA enables better patient health outcomes with innovative care transition technology. See what our team can do for your organization by scheduling your demo here.

  • Supports electronic transitions of care, closes referral loops, and gives hospitals straightforward and secure access to their patients’ records for outside organizations.
  • Makes getting patients’ personal health information less time-consuming and tedious for all involved parties while maintaining confidentiality.
  • Enables the use of Application Programming Interfaces (APIs) to help hospitals access and exchange health information in CEHRT more easily.
  • Enables electronic access to health information through advanced and secure technologies, including APIs, which provide patients with greater flexibility and choice in accessing and sharing their health information.

Over time, the Cures Act’s data sharing and interoperability provisions should help improve patient care. These rules, including information blocking rules, are designed to ensure patients can access their data from within apps of their choice. This enables patients to use their EHI in new and innovative ways that ensure that patients who move, switch insurance plans, or switch providers have complete portable medical records to support future diagnosis and treatment decisions.

 

In theory, patients will have more control over their information and expanded access, use, and sharing means that patients and other parties will soon have a highly controlled environment to share health information through a simple, automated online EHI. For example, with prior permission, a patient’s personal health app on a smartphone will be able to collect patient EHI and provide access to others. This convenience represents a giant leap in the accessibility, sharing, and usefulness of patient health information.

The Cures Act defines new requirements for product features, functionality, and program business practices that must be met to maintain EHR certification. EHR providers must complete development, certification, and upgrades within two years of the final rule’s effect. The new standard requires using APIs that conform to the HL7 FHIR Release 4 (R4) specification. EHR providers must adhere to the following business practices to maintain EHR certification:

 

  1. Encourage the flow of patient information by not breaking blocking rules
  2. Permit the electronic exchange, access, and use of health information
  3. Don’t stop customer communication with gag rules.
  4. Follow API business practices
  5. Conduct annual real-world product testing
  6. Perform product attestation biannually 

 

With these rules, the market should shift towards improving the accessibility of patient information and facilitating patient care. Healthcare providers should not rely on a single EHR provider for critical access to the patient information they need. These rules allow physicians to choose their preferred EHR provider, not who their hospital or community works with. While it may seem daunting at first, this will go a long way in helping patients and doctors see the benefits of electronic health records.

Most importantly for practices and providers, the Cures Act introduces new interoperability and data sharing requirements. These new rules are designed to encourage data sharing and ensure patients can access their data.

 

The most comprehensive of these is the Information Blocking Rule, which took effect on April 5, 2021. Under this rule, EHR providers, health information exchanges, and providers are prohibited from interfering with or preventing access, sharing, or use of EHI, with exceptions for security and privacy. However, the information blocking rules are designed to improve access to EHI, especially for patients. In most cases, practices must respond to requests to share data on time. Violations of information blocking rules are subject to fines of up to $1 million for each instance.

 

The information blocking rules are rolled out in stages. From April 5, 2021, to October 6, 2022, the new rules apply only to data contained in US Interoperability Core Data. After the initial introductory phase, these rules apply to all HIPAA-covered data, including claims and billing.

 

The Cures Act also includes provisions to encourage the use of APIs. Information blocking rules and others ensure that patients can access their data through the applications of their choice. By requiring EHR providers, health information exchanges, and providers to open their systems to APIs, the Cures Act will encourage innovation in quality comparison tools, health management applications, and cost calculators.

For compliance professionals, there will be a delicate balance between HIPAA, which protects patient information, and the Cures Act rules, which aim to open access to that information. At this point, perhaps the most crucial aspect of the new regulations is the automation of patient access and records management.

 

More recently, access, copying, and sharing of patient information were provided only for or during treatment, for payment and operational purposes for patient access, as part of a business partner providing services to affected entities, or for specific purposes after authorized disclosure with few exceptions. The bar is notably high for proof of who is requesting information and ensuring no breaches have occurred. Accessing patient information requests has been manually executed due to poor interoperability, the existence of mixed paper/electronic records, and the lack of automated exchange of information.

 

These manual processes are ripe for an automation upgrade to increase speed and efficiency, but that requires a federal law. EHRs will improve automation, as will systems containing other designated patient information. Other vendors will offer compliance automation to manage new processes and reduce this risk.

 

In addition to improved interoperability with API and EHI exports, automation from the new rules covers information blocking incidents and complaint investigations, digital/mobile health applications, and requests related to interoperability and patient access.

HIPAA is often blamed for barriers to patient information disclosure, primarily a byproduct of misunderstanding its complex rules. The result is that the free sharing of patient information is restricted to authorized or otherwise permitted parties, making the free data sharing vision challenging to achieve.

 

While reducing some of the burdensome aspects of HIPAA is a goal, the Cures Act is not designed to minimize the importance of HIPAA. The idea behind the rules is to create processes that automate the bulk of patient data access, replication, and exchange requests with little or no human intervention. Automating the collection, dissemination, and storage of patient information without HIPAA protections significantly increases the risk of breaches.

The Future of Post-Acute Interoperability

The Future of Post-Acute Interoperability

(KIRKLAND) November 2nd, 2020 – The HL7 FHIR Connectathon event happens three times a year in cities all around the world. This year the conference was virtual because of the COVID-19 pandemic. HL7 is the organization that is responsible for the ongoing development of FHIR (Fast Healthcare Interoperability Resource). FHIR is quickly becoming the new standard for healthcare interoperability, and because of a final rule released by the ONC this year, it should continue to gain rapid momentum.

The promise of FHIR is a modern REST-API-based architecture for communicating highly structured healthcare information using standard web protocols (HTTPS). HL7 coordinates the specification of standardized resources to facilitate this interoperability. HL7 provides a structure for many different groups of stakeholders to collaborate and ultimately vote on what standards should be created and how they should evolve over time.

The purpose of the HL7 FHIR Connectathon is to improve the quality of FHIR specifications through testing connections between different pieces of software. A Connectathon is broken up into different tracks that test different projects. One of the most exciting projects that participated in the Connectathon was the PACIO Project.

The PACIO Project is coordinated by a group of organizations led by The MITRE Corporation and sponsored by the Centers for Medicare & Medicaid Services (CMS). The purpose of the project is to advance interoperability between post-acute care, other providers, and patients. All PACIO documents and resources are open source to promote wide adoption.

Some key concepts of the PACIO Project are:

• The patient should be at the center of healthcare information exchange

• Structured data about a patient’s plan of care and status should be readily available

• Health information should be accessible to the patient and/or their designated representative through a centralized, user-friendly portal

The PACIO team that participated at HL7 Connectathon 25 was focused on creating a proof-of-concept that demonstrates the use of FHIR to exchange data for two purposes:

1) Integration of CMS assessment data elements from the Data Element Library (DEL) into health IT systems

2) Exchange patient level Cognitive and Functional Status data between multiple health IT systems for consumption by clinicians, patients, and their representatives

Both of these purposes coalesce around assessment requirements established by the IMPACT Act of 2014. CMS developed standardized patient assessments in several categories, including Cognitive and Functional Status for exchange between different stakeholder groups, including patients. The PACIO team was able to demonstrate that both purposes could be managed using FHIR resource implementation as specified by PACIO’s current implementation guides. They did this using simulated version of real health IT software facilitated by stakeholder representatives with the different software companies.

Though the PACIO team’s work is not yet being used in any health IT production environments, it represents a bright future where health information exchange can be fast, standardized, and accessible to all stakeholders. The PACIO team also demonstrated a patient-facing portal that reported the FHIR-exchanged assessment data into a very organized and navigable user-interface that appeared well-suited for use by clinicians and approaching a functional state for patient consumption as well. It was very exciting to see this work take shape as part of this proof-of-concept.

It is AIDA’s goal to participate actively in the PACIO Project in the coming months as it is very well aligned with our company goals and roadmap for the future. For those of you who have personal experience working in the post-acute world, as I do, I’m sure you are aware of the many challenges that are faced by clinicians and their support staff when it comes to collection, interpretation, and conveyance of healthcare information. AIDA is a leader amongst a new and powerful crop of software tools that will facilitate much more efficient and transparent exchange of vital information. The work that HL7 International and the PACIO Project is doing is foundational to many improved patient outcomes facilitated by companies like AIDA Healthcare and others.

At AIDA, our purpose is to advance user-friendly, FHIR-focused interoperability between acute and post-acute settings. Today, our focus is on care management and referral management for continuously growing number of care provider types. Looking forward, we anticipate a shift in focus toward patient-facing interfaces and broadened support for leading EMRs. If you would like to learn more, please visit aidahealthcare.com or send me a note on LinkedIn.

PACIO is a trademark of MITRE and is used with permission from The MITRE Corporation.

Published on November 2, 2020

AIDA is Ready to Help with your COVID-19 Response

AIDA is Ready to Help with your COVID-19 Response

(KIRKLAND) March 23, 2020 – In response to the COVID-19 outbreak, AIDA Healthcare, creators of Artificial Intelligence Discharge Agent (AIDA), a patent-pending, HIPAA-compliant software platform focused on helping patients, hospitals, health systems, and ACOs connect with all post-acute care providers and improve the patient transition process, announced that it will offer Patient Choice at no cost to hospitals currently being impacted by COVID-19.

Patient Choice is part of the AIDA platform, which simplifies the complexity of the patient transition process for all providers in the care continuum, helping to achieve clarity about each episode of care. AIDA creates clarity by offering a deeper level of information about downstream providers and a technology-driven approach to communicating with them, which increases efficiency, reduces length of stay, and reduces hospital readmissions.

“With the spread of COVID-19, concerns are mounting about hospital bed capacity. Hospitals are focused on preparing for high-utilization and will need to improve efficiency around the patient discharge and transition process. Accurate and live data sharing across multiple providers throughout the care continuum is crucial to meeting this need”, says Julian Paraschiv, CEO, AIDA Healthcare. “Hospitals are anticipating large caseloads of COVID-19 patients and case management efficiency is more important than ever. According to recent reports, nearly two-thirds of the nation’s estimated hospital beds are already occupied. We know that hospitals are facing a huge challenge and AIDA is committed to assist them during this time.”

AIDA PATIENT CHOICE BENEFITS

• With 1-click filters, determine which post-acute providers are willing to provide care for recovering and sub acute COVID-19 diagnosed patients.

• Match patients’ commercial insurance with contracted post-acute providers anywhere in the country.

• Access to AIDA’s database of more than 2,500 active SNF, HHA, IPR, LTCH, Hospice, DME, and other care providers, including CMS star ratings.

• Share provider profiles with patients and family members by email, text, or as printed handouts.

• Easily document activity in Patient Choice inside existing EHR/EMR.

• Access real-time analytics dashboards that monitor usage and compliance.

• Quick implementation as a web-based solution that does not require installation by an IT team and does not require case managers to input PHI or PII.

Additionally, AIDA is offering AIDA Provider Admission Module for FREE indefinitely to all post-acute care (PAC) providers nationwide. The module allows PACs to receive referrals from acute care hospitals.

Published on March 23, 2020