Deciphering HHS' Proposed Information Blocking RulesElise Sweeney Anthony of ONC Describes Provisions Designed to Boost Information Sharing
Two proposed rules released this week by the Department of Health and Human Services aim to define and discourage inappropriate blocking of the secure sharing of health information, says Elise Sweeney Anthony of the Office of the National Coordinator for Health IT.
The information blocking proposals are among the many provisions in ONC's 724-page proposed rule, 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program," released on Monday.
In addition to ONC's proposal, the Centers for Medicare and Medicaid Services also issued its own 250-page proposed rule dealing with interoperability and patient access to health information, as well as information blocking.
The 21st Century Cures Act spells out that healthcare providers, healthcare information exchanges, health information networks and certified health IT developers can be held accountable for information blocking, Anthony explains in an interview with Information Security Media Group at the HIMSS19 conference in Orlando, Florida.
"Information should absolutely flow to support patient care, patient involvement in their care and providers having the information needed to provide care," Anthony says.
The proposed ONC rule, however, lists seven "exceptions" for when failure to share data should not be considered a violation, taking into consideration privacy and security issues, she points out.
In the interview (see audio link below photo), Anthony also discusses:
- Examples of information blocking that could be prohibited if the proposed rules are adopted - and the potential penalties that could be imposed by HHS' Office of Inspector General;
- How the ONC and CMS newly proposed rules align;
- The status of the ONC draft of its Trusted Exchange Framework and Common Agreement, or TEFCA, which also aims to help fulfill a call for increased health data exchange in the 21st Century Cures Act;
- ONC's proposals for requiring certified health IT vendors to support encrypting authentication credentials and/or multifactor authentication in their products.
In her role as executive director of policy at ONC, Anthony leads the agency's engagement on a range of policy efforts. Previously, she served as ONC's deputy director of policy, where she led the agency's coordination with CMS on the electronic health record incentive program regulations. Before joining ONC, Anthony spent several years spearheading a variety of health improvement initiatives at a law firm.