Skip to main content
Skip to footer
patient interacting with doctor and nurse

Understanding upcoming information blocking regulations and compliance

Leaning into interoperability and information sharing

by Josh Mast

Published on 9/22/2022

Interoperability of healthcare information has long been a driving focus of the work we do at Oracle Cerner. The healthcare industry should celebrate how far it has come as a whole, while also recognizing that there are still many challenges that require more work and collaboration to move forward. Large challenges seldom have simple solutions; however, those challenges could be even more rewarding to meet head on.

“It is immoral for any organization to block the flow of information that could help individuals—and their providers—make better-informed decisions about their care.”

Neal Patterson, Cerner co-founder and former chairman and CEO, made this statement about the need for true interoperability in healthcare to the members of the US Senate Committee on Health, Education, Labor and Pensions (HELP) in 2015, when the panel was considering the basic outline of what would become the 21st Century Cures Act of 2016. Just over seven years later, information blocking regulations, stemming from the Cures Act, are set to expand in scope from US Core Data for Interoperability version one (USCDI v1) to all Electronic Health Information (EHI) on October 6, 2022.

Now is the time for the healthcare industry to take the next step toward compliance with the information blocking restrictions and exceptions as they are formally documented in regulation or with the information sharing requirements, as many now prefer to call them. Compliance with these rules will lead to additional considerations for each impacted organization around development and implementation.

Information blocking scope expansion and information sharing

The information blocking restrictions and exceptions were broadly written to cover practices across a wide set of actors in the healthcare landscape, but a finding of information blocking is very fact-specific. This difference between regulatory language and regulatory impact, while understandable, leads to a need for additional guidance specific to each actor and to certain situations. That guidance, as well as updates to the regulatory language itself, will likely be issued for years to come, creating a shifting landscape.

This leads to a shift from focusing on information blocking to focusing on information sharing. Under this approach, if everyone were to practice information sharing, which at a high level is sharing necessary information when applicable and lawful, then the changes in information blocking restrictions would not have a significant impact on them.

The information blocking definition and compliance framework are rooted in requirements that already exist. These requirements can be legislative, regulatory, or even contractual, but when there is a need to share healthcare information, these requirements often already apply. For example, HIPAA already grants patients a right to a larger set of electronic health information (EHI) than the information blocking framework requires, and HIPAA provides the ability to share health information in certain instances with or without obtaining patient consent.

Beyond HIPAA, there are many laws and regulations that already require the sharing of health information, such as the public health reporting requirements of the Promoting Interoperability Program and the recent Admission, Discharge, Transfer (ADT) Condition of Participation. Organizations may have contractual commitments to share information. They also may need to adjust contract terms to ensure they are not unlawfully restricting access, exchange, or use of EHI or providing access, exchange, or use in a discriminatory manner when a right to that information may exist elsewhere.

In most cases, individuals and entities are already following the rules and are working to share the information in an acceptable and appropriate manner. But there is still quite a bit of work ahead of the industry to achieve true interoperability, and there are areas in which the road will likely be more difficult, especially when looking beyond Certified EHR Technology (CEHRT) and beyond the USCDI data set with clear standards for all adopted data elements.

However, most organizations are striving to comply and lack the requisite intent the information blocking definition requires. Compliance for many organizations will likely only create a need to re-evaluate and update current practices, policies, procedures. We must all strive to prioritize the work required to reach the ultimate vision of interoperability outlined by many in the healthcare industry. There is work ahead of us all to make this vision a reality, but we look forward to the challenge.

Industry preparedness and resources

Beyond Oracle Cerner’s ongoing efforts to advance interoperability, we have actively worked with others in the industry to promote understanding and create guidance in how to comply with these requirements. We participated in a workgroup with the American Health Information Management Association (AHIMA), American Medical Informatics Association (AMIA), and the Electronic Health Records Association (EHRA) to outline considerations on what the definition of EHI may mean to actors under information blocking and how the information included in those definitions may vary. Along these lines, we also helped lead The Sequoia Project’s Information Blocking workgroup in the development of several documents intended to help individuals and entities understand the implications of and comply with the requirements of the information blocking definition.

For Oracle Cerner clients, we have issued additional guidance and information, online resources, and regulatory consulting available to provide support.