Due to the overwhelming demands that COVID-19 has placed on the healthcare industry, the U.S. Dept. of Health and Human Services (HHS) is adjusting the compliance dates for providers and EHR developers and other involved parties to adhere to the finalized rules around Information Blocking. The rules were first introduced as part of the 21st Century Cures Act in 2016 in an effort to eliminate industry-wide information blocking practices. To review the most current updates related to interoperability, information blocking and the ONC Health IT Certification Program, visit the ONC’s Cures Act Final Rule website. Enforcement of noncompliance with the information blocking provision is fast approaching with publication of finalized civil and monetary penalties from the Office of the Inspector General of HHS (OIG). Non-providers, including Certified Health IT vendors, are expected to see fines as high as $1 million per violation. It is still unclear how provider penalties will stack up. Here’s some background on Information Blocking: In an effort to maximize short-term revenue or to compete for new clients, some developers of certified health IT, such as EHR vendors (as well as others) previously deliberately held back access to PHI. The implementation of the finalized rules around information blocking provides a comprehensive response to concerns about this anti-competitive behavior while supporting the overall goal of increased transparency for patients as well as access, exchange and usability of electronic health information. EHR vendors also will be required to enable a usable export of all patient records when a healthcare provider is switching health IT systems, as opposed to only providing the summary of care records, which is currently the requirement. Not only will this allow providers to switch EHRs more easily and completely, but it will also ensure that a complete patient narrative is being transferred for better patient care. As the ONC states, “Providers should be able to choose the IT tools that allow them to provide the best care for patients, without excessive costs or technical barriers.” There are eight exceptions to the information blocking ban that have been established to allow clinicians and hospitals common sense operational flexibility. These exceptions are grounded in protecting patient privacy, security, and handling situations where moving data isn’t a technically viable solution. The final rule also includes provisions for the HHS Office of Inspector General (OIG) to investigate allegations of information blocking and to coordinate the involvement of other government agencies, as well as provides anonymous reporting options and a certificate of compliance that organizations can sign to show they meet the guidelines. As the time for compliance approaches, and clinicians and hospitals continue to consider their options in choosing the EHR that best fits the organization, gaining access to protected health information (PHI) from the outgoing EHR vendor may remain a challenge. Even before the newest information blocking law was handed down, EHR vendors were required by law to return PHI to the covered entity in a reasonable and usable format upon termination of a contract. If your healthcare organization is or continues to have PHI held hostage by an EHR vendor, there are currently measures that can be taken to gain rightful access to data. Beyond filing a complaint with the U.S. Department of Health and Human Services, you can also start with these steps to help with the process: Familiarize yourself with the HIPAA Covered Entity portion of the gov website for additional information on how the vendor may be in violation of the HIPAA Privacy Rule. Formally communicate to the vendor that they are legally required to provide access to your ePHI in a reasonable and usable format. If you’ve already considered the above and still feel like you need additional guidance and tools to help facilitate dialogue to gain access to your PHI, consult with Harmony Healthcare IT. We can provide additional tools to help you continue to navigate conversations with your vendor around successfully accessing your PHI. We’re ready to talk about the best approach that will lead to your PHI residing where we’ve always believed it should be – with you and your organization. Note: This blog was updated from a previous version published on Nov. 9, 2020.