CMS recently issued additional guidance for physicians regarding Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) and Quality Payment Program final rule requirements surrounding certified electronic health record technology (CEHRT) sharing. Physicians eligible to participate in the Merit-based Incentive Payment System (MIPS) are required to demonstrate that they “have not knowingly and willfully limited or restricted the compatibility or interoperability of their certified electronic health record (EHR) technology.” The new CMS guidance outlines three specific criteria that providers must attest to in order to meet MACRA and MIPS requirements in the first quarter of 2018. Collectively, the three physician statements demonstrating compliance with the requirements are referred to as the “Prevention of Information Blocking Attestation”.
The Prevention of Information Blocking Attestation includes the following:
- A MIPS eligible clinician must attest that they did not knowingly and willfully take action (such as disabling functionality) to limit or restrict CEHRT compatibility or interoperability.
- A MIPS eligible clinician must attest that they implemented technologies, standards, policies, practices, and agreements reasonably calculated to ensure, to the greatest extent practicable and permitted by law, that the CEHRT was, at all relevant times connected in accordance with applicable law, compliant with all standards applicable to the exchange of information (45 CFR Part 170), implemented in a manner that allowed for timely access by patients, and implemented in a manner that allowed for the timely, secure, and trusted bi-directional exchange of structured electronic health information with other providers [42 U.S.C. 300jj(3)].
- A MIPS eligible clinician must attest that they responded in good faith and in a timely manner to requests to retrieve or exchange electronic health information, including from patients, health care providers [as defined by 42 U.S.C. 300jj(3)], and other persons, regardless of the requestor’s affiliation or technology vendor.
CMS issued this additional guidance to remind providers of their responsibilities to promptly share medical information with patients and other clinicians, and not engage in information blocking. Many physician and provider practices use vendors for their information management systems; they now have an affirmative responsibility to ensure their vendors facilitate compliance with the information sharing mandates. Failure to meet these requirements and provide attestations may result in financial penalties.
Under MIPS, providers become eligible for either bonus payments or penalties based on their performance, including evidence of quality improvement, cost reduction or maintaining current levels of spending; efficient use of EHRs; and clinical improvement activities such as later office hours and greater use of care coordination. The Prevention of Information Blocking Attestation provides a mechanism for physicians and providers to demonstrate that they have made reasonable efforts, in good faith, to comply with the EHR requirements under MACRA through implementation and use of CEHRT to exchange electronic health information. As these requirements necessitate new protocols and technology measures for sharing of information, physicians and providers must continue to be ever vigilant and mindful of security updates to maintain data privacy and safety. This will ensure the integrity of compliance with HIPAA privacy laws for Protected Health Information.