Office of the National Coordinator for Health Information Technology (ONC)

On March 9, 2020, the Office of the National Coordinator for Health Information Technology (“ONC”) and the Center for Medicare and Medicaid Services (“CMS”) published their long-awaited final rules that seeks to promote interoperability. Market participants waited longer than usual for this rule due to the Department of Health and Human Services (“HHS”) extending the comment period at the request of a variety of stakeholders.

The ONC’s rule (the “Final Rule”) supports interoperability by prohibiting “information blocking”.  Affected organizations (see below) will want to be considering the impact on contracts and developing compliance policies that reflect the requirements of the Final Rule. One aspect of needed compliance relates to the Final Rule’s exceptions to information blocking including a newly-added “content and manner” exception.

Generally, information blocking is defined as an action by an actor interfering with, preventing, or materially discouraging access, exchange, or use of electronic health information[1]  (“EHI”). Actors include health care providers, health IT developers, health information exchanges, or health information network. In the proposed rule, the ONC proposed seven exceptions to conduct that might otherwise be deemed information blocking. However, in the Final Rule, ONC created eight exceptions. Further, the ONC defined two categories of exceptions: (1) Exceptions that involve not fulfilling requests to access, exchange, or use EHI and (2) Exceptions that involve procedures for fulfilling requests to access, exchange, or use EHI. Each of the eight enumerated exceptions are categorized as follows:


Continue Reading ONC’s New Information Blocking Prohibition Affects Health Care Providers, Health IT Developers, Health Information Exchanges, and Health Information Networks

January 28th marks Data Privacy Day which commemorates the signing of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.  This international treaty is the first of its kind to address privacy and data protection.

Strong privacy and cybersecurity safeguards are paramount to the success of companies and the