Cures Act Summary 2022
Securely maintaining electronic patient data within healthcare organizations, while ensuring the right people have access to their data, has never been more important. Historically, health officials could not talk about patient data without acknowledging the Health Insurance Portability and Accountability Act (HIPAA). HIPAA was designed to develop a consistent set of standards to protect patients’ data from disclosure without their consent.
The 21st Century Cures Act (Cures Act) was first introduced in 2016 and was designed to do several things, among them encouraging choice and access for both patients and providers, and encouraging medical innovation and product development.
Notably, it contains provisions that streamline drug and medical device access, encourage medical research, seek to improve mental health services, and address the opioid crisis.
After the Cures Act was signed, it was passed to the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare & Medicaid Services (CMS). As a result, two sets of rules were added addressing interoperability, patient access, and information blocking provisions. The rules set the standard for all providers, payers, and technology vendors.
In summary, the Cures Act requires Health and Human Services (HHS) adopted regulations that prevent developers of certified EHR technology or health officials from engaging in information blocking.
What is information blocking?
Information blocking can be defined as any practice, healthcare provider, health IT developer, health information exchange, or health information network interfering with, preventing, or materially discouraging the access, exchange, or use of electronic health information (EHI).
What is EHI?
Electronic health information (EHI) is information that relates to:
- The past, present, or future physical or mental health or condition of an individual
- The provision of healthcare to an individual
- Past, present, or future payment for the provision of healthcare to an individual
While the original deadline for stakeholders to comply with the new rules was Nov 2, 2020, in October of 2020, HHS moved the information blocking compliance date to April 5th, 2021, due to the industry’s need to deal with COVID-19 related challenges.
Today, civil monetary penalties for not complying with information-sharing requirements have only been established for technology developers and health information networks. However, more than 75% of the complaints submitted to ONC have come from patients in reference to their providers.
Up until April 5th, 2022, enforcement of this rule has occurred on a request/complaint basis. Individuals that were refused access to their EHI would submit complaints in order to get access to their information. Now, healthcare providers can also be monetarily penalized for engaging in information blocking of vital health information to their patients. It is therefore more important than ever to ensure that applications, providers, and staff members comply with the Cures Act.