Despite Delay, No Time to Lose
On March 9, 2020, HHS announced two “transformative rules” – one from the ONC and the other from CMS – “that will give patients unprecedented safe, secure access to their health data”
In his blog post Part 1 – Payer Impact (published March 15 as part of a 4-part series on CMS/ONC interoperability regulations), John D’Amore counseled that “the most pressing things for health plans to be aware of are the near-term deadlines. Some expected these deadlines to be a few years out, but the final rule had a big surprise. Payer compliance begins January 1, 2021.” Specifically, that deadline was for establishment of the Patient Access API and Provider Directory API for Medicare Advantage (MA), Medicaid, and the Children’s Health Insurance Program; and for the Patient Access API for Qualified Health Plan issuers on federally-facilitated exchanges.
Now, in late April, CMS has just announced that because of the COVID-19 public health emergency it would exercise their “enforcement discretion” and effectively push out the deadline to July 1, 2021. But another key provision for health plans, the Payer-to-Payer Data Exchange slated for January 1, 2022, has not changed.
So, what is a health plan to do?
We recommend that payers continue full speed ahead, from two perspectives.
It’s about time. The regulations fulfill HHS’s mandate to ensure that patients and providers have complete health information no matter when or where it’s needed, as expressed in the bipartisan 21st Century Cures Act of 2016. Fast forward four years, in the midst of a pandemic, and it’s clear that the electronic health data sharing requirements demanded by Congress and defined by HHS are critical.
As stewards of member health, health plans should be in the vanguard of providing consumer-friendly, portable health data.
It’s also about time. That is, there’s no time to waste.
The CMS rule holds payers accountable for sharing “claims and other health information with patients in a safe, secure, understandable, user-friendly electronic format through the Patient Access API.” This is required for clinical information maintained by the payer with a date of service on or after January 1, 2016. To review the details:
- Access must be provided via the new standard for data exchange, Fast Healthcare Interoperability Resources (FHIR) Release 4. In lay person’s terms, this means that members must be able to access their health data from mobile-based apps of their choice.
- Mechanisms for authentication and access will follow industry standards such as OAuth2 and OpenID Connect Core.
- Information must be made available the next business dayafter being processed by a health plan.
- As detailed in our previous blog post, health plans will need to make specific types of information available: claims, encounters, remittances, cost-sharing and clinical data.
- Clinical data must use the US Core Data for Interoperability (USCDI), which contains standardized health data classes and data elements.
Although systems for administrative data are well established, many health plans are still behind the eight ball when it comes to managing clinical data. If you are behind now when clinical data is considered supplemental and claim data is king, you will be hard pressed to comply with the Patient Access API rule. From a practical perspective, the sooner you begin this IT project, the better.
In order to meet both the spirit and the letter of the law, there’s no time for delay.
“Delivering interoperability actually gives patients the ability to manage their healthcare the same way they manage their finances, travel and every other component of their lives. This requires using modern computing standards and APIs that give patients access to their health information and give them the ability to use the tools they want to shop for and coordinate their own care on their smartphones.”
Don Rucker, M.D., national coordinator for health information technology.