The 21st Century Cures Act Compliance Tips for Providers and Payers

The 21st Century Cures Act (“Cures Act”) was signed into law in December of 2016 with authorized funding of $6.3 billion. It was directed to the National Institutes of Health (NIH) for multiple varied initiatives focused on population health. After quite a few years of work, the Cures Act resulted in two rules: the ONC Cures Act Final Rule and the CMS Interoperability and Patient Access Final Rule. Both rules aim to provide patients with better access to care, ensure the implementation of newer standards that would enable greater access, and coordination in patient care.

In this article, you will learn about:

• The ONC’s 21st Century Cures Act Final Rule
• CMS Interoperability Final Rule Impact on Healthcare Providers
• CMS Interoperability Final Rule Impact on Payers
• Controlled Substance Utilization Review and Evaluation System (CURES) - California’s Prescription Drug Monitoring Program

The ONC’s 21st Century Cures Act Final Rule

The ONC's Final Rule majorly talks about the patients' electronic access to their health data. However, with the understanding that this is the prime goal, the rule also supports the provider's needs in areas like clinical data sharing and addressing the industry-wide information blocking practices that EHR providers have often stipulated. While electronic access to medical records on the part of the patient was an existing requirement under the new Meaningful Use guidelines from 2018; the shift in focus here is to provide it in such a way that it enables health IT developers to create the next-gen applications with the capacity to power healthcare, as we transition into the world of value-based care and beyond.

The Final Rule has brought about the following changes:

Access to EHI

The rule stresses the importance of patients having access to their Electronic Health Information (EHI) when required and in the format they would like to consume. Therefore, it becomes mandatory for providers to ensure that the patients are provided with programmatic access to the EHI contained in their systems through the HL7 FHIR^® APIs so that patients get to access such data using the web or through smartphone applications.

Electronic Medical Record (EMR) information blocking

A gag clause refers to a provision of a contract that exists between a managed care organization and a health care provider. It generally restricts the amount of information a provider could share with a beneficiary or that limits the circumstances under which a provider may recommend a specific treatment option. EHR providers often block physicians’ efforts to improve the usability and security of their systems and workflows by including language in the contracts. This rule ensures that the “Gag Clauses” in EHR vendor contracts are prohibited.

This rule requires patients to be provided with better access to their medical records and states that fines for compliance could go up to $1 Million per violation.

Patient data requests

Patients are now free to request their data at any time in a fully automated manner, thereby eliminating all the administrative work required to enable patient access to their medical data. This has already been a requirement under the law through the Meaningful Use changes in 2018. As a result, clinicians can now focus on providing care without worrying about providing patients with medical record access.

CMS Interoperability Final Rule Impact on Healthcare Providers (a.k.a "Hospitals")

CMS recently introduced new interoperability mandates for healthcare providers based on the Cures Act regulations that must be implemented by July 1st, 2021.

The new mandate stresses the following:

Conditions of Participation (CoP) API

Requirement:
 

All hospitals are expected to fulfill the requirement of sending Admission, Discharge, and Transfer (ADT) messages to other providers who are also involved in the provision of patient care. The goal of this requirement is to facilitate improved care coordination across providers to enable other providers to reach out to patients post-discharge and ensure that their follow-up care is implemented correctly.

Required data:
 

Admission, Discharge, and Transfer Information.

Steps to meet the requirement - 314e’s guide
 

• Create FHIR^® API endpoint that will extract Admission, Discharge, and Transfer (ADT) information for the patient from the hospital EHR using HL7 V2.x standard;
• Convert to FHIR^®; and
• Send a notification to the referring providers, community providers, and hospitals of choice using an automated solution.

CMS Interoperability Final Rule Impact on Payers (a.k.a "Insurance companies")

CMS recently introduced new interoperability mandates for health plans (MA organizations, Medicaid FFS programs, CHIP FFS programs, Medicaid Managed Care Plans, and CHIP Managed Care Entities) based on the regulations of the Cures Act that must be implemented by July 1st, 2021.

These include:

Patient access API

Requirement:

Payers are required to make patient claims and encounter data available through the Patient Access API; this would include the cost and also a defined subset of members’ clinical information that must be available to third-party applications of their choice through a secure HL7 FHIR^® (Release 4.0.1).

Required data:

Adjudicated claims (including pharmacy), encounters with capitated providers, provider remittances, enrollee cost-sharing, and a subset of clinical data, including lab results ( maintained under the impacted health plan).

Steps to meet the requirement - 314e’s guide

• Create FHIR^® API endpoint that will extract clinical and financial information for the member from payer systems using X12 EDI, CCD, and other proprietary formats, etc.,
• Convert to FHIR^®; and
• Provide the required information to third-party applications.

Provider directory API

CMS requirement:

Health plans must make available FHIR® API-based list of providers that are in-network through a public-facing digital endpoint on the payer’s website. In addition, provider directory updates must be available through an API within 30 days of receipt of new data or changes to existing directory data.

Required data:

Provider names, network status, addresses, phone numbers, and specialties.

Steps to meet the requirement - 314e’s guide

• Create FHIR^® API endpoint that will extract payer network information (provider names and network status, addresses, phone numbers, specialties) from payer network management software systems;
• Convert it to FHIR^®; and
• Provide the information to an endpoint that could be made available on the payer’s website.

Payer to payer data exchange - send and receive member data with other plans (Jan 2022)

CMS requirement:

Payers must fulfill the requirement of permitting the exchange of patient data at the member’s request so that members can take all their data with them as they move between payers using the clinical data specified under U.S. Core Data for Interoperability (USCDI) version 1.

Steps to meet the requirement - 314e’s guide

• Create FHIR^® API endpoint that will extract clinical and financial information for the member from payer systems using X12 EDI, CCD, and other proprietary formats, etc.,
• Convert it to FHIR^®; and
• Provide the required information to third-party applications.

Controlled Substance Utilization Review and Evaluation System (CURES) - California’s Prescription Drug Monitoring Program

Cures database integration with EMR (Ongoing)

Requirement:

CURES 2.0 (Controlled Substance Utilization Review and Evaluation System) is a database of Schedule II, III and IV controlled substance prescriptions dispensed in California, serving the public health, regulatory oversight agencies, and law enforcement. California law (Health and Safety Code Section 11165.1) lays down a requirement for all Californian licensed prescribers authorized to prescribe scheduled drugs to register for access to CURES 2.0 by 1st July 2016 or upon issuing a Drug Enforcement Administration Controlled Substance Registration Certificate, whichever occurs later.

Required data:

• Prescription history and prior patient activity reports
• Prescription information from the CURES database to providers in real-time to providers at the point of care
• Key insights into the patient’s prescription levels and their thresholds as stored in the CURES database and help physicians manage prescriptions

Steps to meet the requirement - 314e’s guide

Create an integration solution with the local EMR of the healthcare provider using the web service that is offered by the state of California - https://oag.ca.gov/cures/iews

The ONC Cures Act Final Rule and the CMS Interoperability and Patient Access Final Rule were enforced with the intent to provide patients with enhanced care and make them free from any worries about accessing their health data. The rules also help the caregivers focus on providing care and not be burdened with anything else. As far as the providers are concerned, the standards set by both the rules help with integrating newer applications into the workflow. This solution approach suggested in the article could help providers and payers satisfy the requirements of easy and inexpensive access to patient health data while ensuring smooth compliance with the 21st Century Cures Act.