Health Plans: Take These 4 Steps to Comply with New Information Blocking Rules

Now that the rules promoting interoperability have been finalized, here’s how payers can prepare to take full advantage of the freer exchange of healthcare data.

On March 9, 2020, the two separate rules issued by CMS and ONC against Information Blocking became final. The administration lauded the release by touting the consumer benefits: “Americans will now have electronic access to their health information on their smartphone if they choose.” While that impact is undeniable, health plans, on the other hand, likely have a more pressing near-term question, “Now what?”

As we wrote in our last article on this topic, just over 40% of health plans report progress on interoperability, which leaves some work to do. One industry leader echoes concerns about the complexity of complying with the rules in a recent comment. “In the near term, information is going to be messy and incomprehensible, for the most part, but over the long term, it creates a dynamic where access is the first step to be able to do something important with the data.”

With that very astute observation in mind, we have outlined a 4-step plan for health plans to move forward during the “messy” beginning and make progress toward the actionable data goals of interoperability.

1. Get important stakeholders on board

If you haven’t done so already, your first step should be to form a steering committee made up of knowledgeable contacts from affected areas of the health plan: privacy and security officers, compliance, IT, finance, member support. Their input will be invaluable as you assess your current state of readiness.

The team can collectively identify: 

• Where all electronic health information is held within the organization. List all systems and the type of information each contains. Go deep and wide to corral everything that could possibly fall under this broad definition, as well as to set yourself up beyond compliance toward strategic advantage. 
• Policies and procedures that address information sharing. Includes HIPAA compliance, IT policies, and internal agreements covering confidential and proprietary information. 
• What workflows have been implemented to accommodate EHI requests. Includes how they are processed, who reviews, turnaround times, security tests, and any documentation around these processes.

2. Highlight barriers to compliance

While your team assesses the current state of affairs, they are bound to find roadblocks keeping your health plan from sending and receiving EHI in a timely manner. The look-back period for consumer inquiries is 5 years, including for members who have changed plans. Can you aggregate and return information to members within 1 to 2 days?

Technical challenges are the most likely barriers that health plans will have to grapple with. Of note, the myriad of disconnected systems that house EHI. Consider initiating a trial request to send and receive information on a tight turnaround and evaluate your success along the way. 

You’ll want to look for potential blind spots now, before it’s an emergent situation. For instance, if you’re able to accommodate the request, but in doing so, it sidelines key personnel from their primary work functions. Or, maybe the process falls through a communication gap — either internal or with a third-party. Perhaps it’s impractical to retrieve information from systems at all. Document any obstacles.

3. Make a plan

Your audit to reveal the current state of your organization’s ability to share EHI likely highlighted some known quantities as well as a few surprises. The next step is to make a plan to overcome those gaps in communication and technical requirements.

Communication. Initiate new internal processes, and amend contractual agreements with third-party vendors and business associates and providers, if needed. The EHI ecosystem is vast, and eliminating information blocking will require these relationships to evolve accordingly. 

Technology. The ONC rule provides more specifications on the technical side. The finalization of these rules could finally urge all healthcare stakeholders to settle upon the normative version of FHIR (v. 4) to standardize APIs. We have written before how APIs promise to help connect our disconnected systems and promote information sharing. A great deal of patient healthcare claims information has already been made available through open APIs, with more planned; it’s only a matter of being able to receive that information. Because your adjudication and processing systems likely use the EDI X12 standard, you may have to support both for a while.  

Image source. 

In addition, new algorithms, analytic capabilities, blockchain and machine learning (ML) capabilities can help parse unstructured data, deal with increased data volume, and otherwise unlock the value of the data.  

4. Communicate about your progress

This rule demands transparency, so start by communicating openly about your progress with internal stakeholders as well as providers, service suppliers and technology vendors. Opening the lines of communication is essential to breaking down the work silos that hinder interoperability.

Also, consider getting involved in the FHIR community, by piloting and testing at connectathons. The process may not be as onerous as you imagine; providers and health plans alike have been pleasantly surprised by 90-day infrastructure compliance timelines. Communicating with the governing body for future-ready standards and exchanging best practices with like-minded stakeholders promises to move the entire industry forward.

Bottom Line: The Carrot Before the Stick

If your health plan maintains their focus on the benefits to members, progress towards your strategic goals are sure to follow. According to Don Rucker, M.D., national coordinator for health information technology, “A core part of the rule is patients’ control of their electronic health information which will drive a growing patient-facing healthcare IT economy, and allow apps to provide patient-specific price and product transparency.” 

While penalties for information blocking have yet to kick in (the stick), the strategic advantage carrot is particularly enticing. The U.S. healthcare system has been “promoting interoperability” for years, and the finalization of these rules finally codifies the standards that enable that goal. Now is your opportunity to fully embrace advanced technology and the freer exchange of health information to enhance care coordination, lower costs and improve outcomes.