Key Provisions in the Bipartisan Health Information Technology Legislation
A key event in Congress affecting health information technology occurred last week when the Chairman and Ranking Member of the Senate HELP Committee issued a discussion draft of their coming bipartisan legislation on health information technology (health IT). This is a bill which is likely to have traction. Specifically, on January 20, 2016, Senators Lamar Alexander (R-Tenn.) and Patty Murray (D-Wash.) released draft Senate HELP Committee legislation to improve health IT and electronic health records (EHRs). This builds on legislation passed in the House and bills introduced in the Senate. A mark-up in the Senate HELP Committee is scheduled for February 9, 2016.
This ambitious legislation addresses many of the same areas as other recent bills, including information blocking, transparency, a star rating system for EHRs, usability, and interoperability. It also contains provisions on governance of health information exchange, safety, and patient access to data. If it passes, the bill will impact both users and producers of health IT and EHRs, including providers and technology companies. The Senate HELP Committee indicated in a press release that it is seeking feedback and the bill is likely to undergo changes before passage.
Recommendations from HHS and New Advisory Committees
- Reduce Administrative Burden: The bill requires the Secretary of the U.S. Department of Health and Human Services (HHS) to develop a strategy and recommendations to address the regulatory and administrative burdens related to EHRs, including a focus on activities related to incentive programs, certification, standards, patient access, privacy and security, research, public health, and quality measures.
- Public Advisory Committees: The bill replaces the current Health IT Standards and Health IT Policy Committees with a new Health IT Advisory Committee, along with new procedural requirements and expectations for deliberations and recommendations.
Changes to the Health IT Voluntary Certification Program
- Specialist Products: The bill requires that the current voluntary EHR certification program be extended to products for medical specialties, including pediatrics.
- Transparency and Usability: Under the bill, ONC would gain authority to more effectively address transparency and usability through the certification program. ONC could require health IT developers to make summaries, screenshots, videos, and other information available to show how technology meets certification criteria. Furthermore, certification criteria would address security, user-centered design, and achievement of interoperability.
- Information Blocking: As a condition of certification, health IT developers would have to attest that they do not block information and that they permit unimpeded communication between health care providers and authorized certification bodies to support HHS enforcement. (See more in depth discussion on information blocking below).
- Health IT Rating System: The bill calls for the development of a certified health IT star ratings system. Certified health IT developers would report on criteria at least every two years to receive star ratings. Those that receive one star must improve their ratings or face fines or decertification. The GAO must report on the star ratings methodology to Congress and post ratings of each certified health IT product.
- Criteria for Patient Access: The legislation also requires that ONC develop specific certification criteria on patient usability, including providing patient information in an easy to understand, longitudinal format, offering support for patients to electronically share information, and requiring that the HIT Advisory Committee develop standards focused on patient access and usability.
Interoperability and Health Information Exchange
- Interoperability: The bill defines interoperability as health IT that has the ability to securely exchange electronic health information with and use electronic health information from other health IT without special effort on the part of the user.
- Information Blocking: The bill defines information blocking to include: 1) health IT developer, exchange, or network actions that interfere with, prevent, or discourage access to or exchange or use of electronic health information; and 2) providers' knowing and unreasonable blocking of electronic health information exchange for patient care. It requires implementation through regulation. As stated above, the bill requires that certified health IT developers attest that they will not block information. It also gives OIG the authority to investigate information blocking and false attestations related to information blocking, subjecting violators to civil monetary penalties.
- Governance of Health Information Exchange: The HITECH Act required ONC to create a governance mechanism, but ONC has not yet done so. The bill would require HHS to convene partnerships to build consensus and develop a trusted exchange framework, including a common legal agreement for network information exchange. The bill also would require HHS to create a health care provider directory of digital contact information.
- Patient Matching: GAO would conduct a study of ONC and other stakeholder policies and activities to ensure appropriate patient matching. The study would focus on privacy and security, matching rates, reducing matching errors, and reducing duplicate records.
- Patient Access to Health Information: The bill calls on HHS to encourage health information exchange organizations to partner with providers, plans, and other entities to offer patients access to their electronic health information in a longitudinal format and to educate providers on ways to provide patients with data. In addition, the bill amends the HITECH Act so that if an individual requests protected health information (PHI) from a business associate, the business associate may either provide the individual with the PHI or provide the PHI to another person designated by the requestor.
Leveraging Health IT to Improve Patient Care and Safety
- Registries: Certified health IT must be capable of transmitting, receiving, and accepting data from registries and vice versa.
- Patient Safety: Under the bill, health IT developers are treated as providers for patient safety activities. This enables developers to participate in patient safety organizations (PSOs) with protections from disclosure of the data they submit.
For more information, please contact the professional(s) listed below, or your regular Crowell & Moring contact.