News

On April 5, a new federal rule turned OpenNotes goal into the law of the land.Now, virtually every US medical practice and health system must make all information in electronic health recordswith a few exceptionseasily accessible to patients at no charge. The mandate, part of the 20th Century Cures Act enacted in 2016, originally was supposed to go into effect November 2, but the US Department of Health and Human Services (HHS) at the last minute extended the compliance deadline due to the COVID-19 pandemic.The US Core Data for Interoperability lists 8 types of clinical information that must be shared: consultation, discharge summary, procedure, and progress notes; imaging, laboratory report, and pathology report narratives; and history and physical. The rule doesnt apply to psychotherapy notes kept separate from the patients health record or notes compiled in reasonable anticipation of use in a civil or criminal court case or an administrative proceeding. In addition, the mandate permits withholding information if doing so will substantially reduce the risk of harm to a patient or another individual, such as in a domestic abuse situation.

ONC Leader Gives Health IT Vision ONCs newly appointednationalcoordinatorMickyTripathiintroduced the2021ONCAnnual Meetingby sharinghis vision for the future of health IT strategy and policythroughout the healthcare system. He talked aboutthe agencysrole inresponding to the COVID-19pandemic,striving forhealth equitythrough the use of health IT(he calls it equitybydesign), advancing interoperabilityof health information, and reducing the burdenof health IT on clinicians.

When finalizing the proposed version, ONC should ensure the USCDI includes data needed for public health and health equity, which can help public health agencies fight the current pandemicand be better prepared for future crises, Talkington wrote in a letter to ONC.According to Pew, over 40 percent of lab results are missing important patient data.To strengthen USCDI, Pew recommended ONC:Require the use of US Postal Service (USPS) standard to boost patient matchingInclude key data elements, such as travel history, employment, and death dateAccelerate social determinants of health (SDOH) data integration

Information Blocking General

Electronic Health Information

Preventing Harm Exception

Reporting Claims of Information Blocking

With a projected start date of April 5, 2021, the program rule on Interoperability, Information Blocking, and ONC Health IT Certification, which implements the 21st Century Cures Act, requires that healthcare providers give patients access without charge to all the health information in their electronic medical records “without delay.” This includes things like open notes.

The content and manner exception limits information blocking to data thats part of the U.S. Core Data for Interoperability (USCDI) for the first 18 months of compliance, or April 5, 2021, through October 6, 2022.

The Arbour, Inc., doing business as Arbour Hospital (“Arbour”), has agreed to take corrective actions and pay $65,000 to settle a potential violation of the HIPAA Privacy Rule’s right of access standard. Arbour is located in Massachusetts and provides behavioral health services.In July 2019, a complaint was filed with OCR alleging that Arbour failed to take timely action in response to a patient’s records access request made in May 2019. OCR provided Arbour with technical assistance on the HIPAA Right of Access requirements. Later, in July 2019, OCR received a second complaint alleging that Arbour still had not responded to the same patient’s records access request. OCR initiated an investigation and determined that Arbour’s failure to provide timely access to the requested medical records was a potential violation of the HIPAA right of access standard, which requires a covered entity to take action on an access request within 30 days of receipt (or within 60 days if an extension is applicable). As a result of OCR’s investigation, Arbour provided the patient with a copy of their requested records in November 2019, more than 5 months after the patient’s request.

In fact, 89 percent of the audited entities failed to comply with access requirements. Another 67 percent failed to comply with providing the necessary content and to document adequate compliance in their breach notifications.

Patients and their primary carepartners may face a wide range of barriers when attempting to access their medical records. Loved ones often encounter even steeper challenges when requesting access to records of the deceased. These barriers to access are significantly underreported. The AMA has curated resources and the following tips as guidance for physicians and practices to avoid HIPAA misunderstandings, prevent unnecessary burdens for both patients and practices when accessing a deceased patients medical records, and prevent breakdowns in trust and communication between families, physicians, and practices, which may lead to additional trauma.

Throughout their care journey, patients may need access to their images on CD for a variety of reasons. Physicians also rely on timely access to patients images in order to care for their patients. The AMA recognizes that there is a lack of standardization in process, workflows, and communication in the realm of requesting images on CD. This guidance has been curated by the AMA to address the most frequently asked questions physicians may have about providing patients with access to their images on CD.