On October 6, the expanded definition of electronic health information (EHI) under the information blocking rule went into effect, in what the government hailed as “data liberation day.”
Under the 21st Century Cures Act information blocking requirements, certain actors are prohibited from engaging in information blocking regarding EHI. In general, information blocking is a practice that is likely to interfere with the access, exchange or use of EHI, but does not include practices that are covered by an information blocking exception or are required by law. Health care providers, health information networks and certain electronic health record (EHR) developers are subject to the information blocking rule.
Until October 6, EHI only included information represented in the United States Core Data for Interoperability (USCDI) version 1 data elements. The USCDI version 1 included data that is typically found in EHRs, such as medications used, past procedures, allergies and certain clinical notes. But as of October 6, EHI is no longer limited to the USCDI and it includes nearly all of a patient’s electronic record, including broader categories of notes, more test results and images. The change means that patients and others legally seeking health care data may find it easier to obtain a broader set of their records from actors. However, the change also presents a challenge for providers and other actors who are now responsible for making a larger suite of information more readily available. Legal and compliance officers should ensure that they have reviewed their practices to minimize risk.
Despite the regulatory change, the information blocking rule is not yet enforced by the government. The Department of Health and Human Services Office of Inspector General has proposed, but not yet finalized, a rule that would allow for up to $1 million in penalties to be imposed on EHR developers and health information networks. The government has not yet proposed an enforcement scheme for health care providers.