Information Blocking FAQs – The April 5th Implementation Deadline Has Passed; What Providers Need to Know
iStock-information-blocking-4.jpg (iStock-information-blocking-4.jpg)

Monday, April 5th, marked the deadline for compliance with the information blocking regulations implemented by the Office of the National Coordinator for Health IT (ONC).  As a follow-up to our earlier FAQs on these new rules, which can be found here and here, this is a third series of answers to the questions that we’ve been receiving.  

What are the penalties for failure to comply with the information blocking regulations?      

In the 21st Century Cures Act (the Cures Act), Congress established that developers of certified health IT and health information networks and exchanges would be subject to civil monetary penalties of up to $1M per violation for engaging in information blocking. Health IT developers are also subject to the Conditions of Certification under the ONC’s Health IT Certification Program.  Proposed regulations pertaining to penalties are available here.

On the other hand, for health care providers, the penalties for failure to comply are still unclear. The Cures Act provides that health care providers who engage in information blocking may be subject to “appropriate disincentives” as set forth by the HHS Secretary. It is anticipated that regulations will be proposed soon to create these “disincentives.” For current participants in the Centers for Medicare and Medicaid’s (CMS) Merit-based Incentive Payment System (MIPS), attestations with respect to information blocking have been included for several years. As the definition of information blocking is now set through the ONC rules, failure to comply with the ONC rules could be viewed as a breach of the MIPS attestations. 

In short, compliance with the new information blocking rules is now required, but the penalties for providers are not yet fully fleshed out. 

Given that these large penalties can apply to a health information network (HIN) or health information exchange (HIE), can a health care provider also be an HIN or HIE?

 A health care provider can be an HIN or HIE. An HIN/HIE is an individual or entity that determines, controls, or has the discretion to administer any requirement, policy or agreement that permits, enables or requires the use of any technology or services for access, exchange, or use of electronic health information:

  • Among more than two unaffiliated individuals or entities (other than the individual or entity to which this definition might apply) that are enabled to exchange with each other; and
  • That is for a treatment, payment, or health care operations purpose.

For example, a hospital system that provides its EHR system to independent community doctors will likely be treated as both a health care provider and an HIN/HIE. 

Are providers now required to provide open access to their notes to patients?

In general, yes. As part of the United States Core Data for Interoperability (USCDI) data elements, clinical notes must be provided to the patient.  These elements include consultation notes, discharge summary notes, history and physical, imaging narratives, laboratory report narratives, pathology report narratives, procedure notes and progress reports. 

While this may be a change to many providers, patients have reported that having access to their notes has improved understanding of their health and medical conditions, helped them feel more in control of their care and to have more successful conversations and stronger relationships with their doctors. Given that notes will be open to the patient, providers should consider what they might do to make records understandable to patients, for example, writing out “shortness of breath” (as opposed to using the acronym SOB).  Additional tips for how to write patient-accessible notes are available from the Open Notes website here

Posted in Privacy

This blog/web site presents general information only. The information you obtain at this site is not, nor is it intended to be, legal advice, and you should not consider or rely on it as such. You should consult an attorney for individual advice regarding your own situation. This website is not an offer to represent you. You should not act, or refrain from acting, based upon any information at this website. Neither our presentation of such information nor your receipt of it creates nor will create an attorney-client relationship with any reader of this blog. Any links from another site to the blog are beyond the control of Pullman & Comley, LLC and do not convey their approval, support or any relationship to any site or organization. Any description of a result obtained for a client in the past is not intended to be, and is not, a guarantee or promise the firm can or will achieve a similar outcome.

Subscribe to Updates

About Our Connecticut Health Law Blog

Alerts, commentary and insights from the attorneys of Pullman & Comley’s Health Care practice on legal developments affecting hospitals, physician groups, pharmaceutical and medical device companies as well as other health care providers and suppliers.

Other Blogs by Pullman & Comley

Education Law Notes

For What It May Be Worth

Working Together

Recent Posts


Jump to Page