Innovation Through Regulation: ONC Final Rule

ONC Final Rule with MediSked Privacy Officer Tyler Blake

In March 2020, the Office of the National Coordinator for Health Information Technology (ONC) released the latest in a series of rules and regulations mandated by the 2016 21st Century Cures Act. These rules and regulations, known together as the “ONC Final Rule,” are designed to promote health IT interoperability, seamless data exchange, and easier access and use of electronic health information (EHI). Many of these provisions will now be taking effect throughout 2021 and 2022.

Interoperability and Data Exchange

Interoperability is defined as the ability of systems and devices to exchange and interpret data. As detailed in an earlier blog post, there are many benefits to a highly interoperable health IT infrastructure from improving member safety to better member engagement, streamlined workflows with lower costs, and improved health outcomes. In keeping up with the modern landscape of highly coordinated care through new forms of case management and payer-provider arrangements, the ONC Final Rule includes the adoption of the United States Core Data for Interoperability (USCDI) standard. This new standard establishes minimum data classes that are now required to be interoperable across all different types of providers and health IT, which will ensure the use of common sets of data.

In addition to the USCDI, health IT interoperability is being improved through the adoption of standardized Application Program Interfaces (APIs). These new API standards will ensure that disparate health IT systems can properly communicate member and population health information through the standardization of security, access, publicly accessible technical documentation, and other requirements.

Access and Use of Electronic Health Information

The ONC Final Rule will also promote the access and use of EHI by defining rules and prohibitions on “Information Blocking”. Information blocking is defined by ONC as unlawful actions taken by a healthcare provider, health IT developer, health information network, or health information exchange that is likely to interfere with the access, exchange, or use of EHI. In essence, these entities are prohibited from taking actions that prevent an otherwise authorized exchange or access to health information. This can come in many different forms – from having nonstandard health IT that increases the burden of accessing or exchanging EHI, to implementing health IT in ways that impede innovations and advancements in health information access, exchange, and use, including care delivery enabled by health IT.

Removing barriers and expenses to the free flow of authorized information will help our industry reach true person-centered interoperability. With information following the person regardless of system, platform, technology, or type of care provider, individuals will be able to be served wherever they are by a care team that will have a whole-person perspective. This should help improve health outcomes and keep the individual’s whole picture of health at the center and focus of their care. 

MediSked’s mission is to improve lives, drive efficiencies, and generate innovations for human service organizations that support our community. MediSked, as a provider of Certified Health IT, develops integrated and interoperable solutions that facilitate and promote the goals of the ONC Final Rule in alignment with our mission. MediSked’s solutions support real-time data exchange and integrations with health information exchanges of all forms. MediSked is intimately familiar with the rules and regulations established by ONC and the 21st Century Cures Act, and strives to ensure that our solutions are compliant with the latest available guidance. If you’re interested in learning more about how MediSked’s solutions can help your organization, please request a demo.

Tyler Blake

Tyler Blake

Tyler Blake is the Privacy Officer at MediSked, LLC and has been with the company for over four years. His work focuses on industry research and maintaining regulatory compliance with state and federal laws such as HIPAA and HITECH, as well as analyzing, drafting, and implementing new policies to ensure MediSked’s continued compliance for the clients we serve.

Related Topics