Interoperability Matters: The CMS Final Rule and the Path To Compliance
By Dr. Peter S. Tippett, CEO, careMESH.
We are all accustomed to digital tools in our personal and professional lives. Every day, we communicate and receive notifications from others through various methods, such as email, text messaging, online chat sessions and by completing online forms.
We share “structured” documents like spreadsheets, presentations, software source code, or other files by attaching them to email or posting them in shared drives. We also solve misunderstandings, ask questions, drive workflows and coordinate things with “unstructured” content.
In other words, we are living the benefits of full interoperability, allowing different people and organizations to collaborate effectively. Interoperability minimally requires participants to have all three of these capabilities: notification, file sharing and messaging.
To ease communications, reduce provider burden, deliver coordinated patient care, drive down costs and improve outcomes, healthcare needs the same three capabilities. By effortlessly connecting every provider, practice, and hospital, we will deliver an efficient and patient-centric healthcare system.
Earlier this year, before COVID radically changed 2020, the Centers for Medicare & Medicaid Services (CMS) released its Interoperability and Patient Access Final Rule (CMS-9115-F). The rule leverages the might of the agency to “break down barriers in the nation’s health system to enable better patient access to their health information, improve interoperability and unleash innovation, while reducing burden on payers and providers.”
The final rule is far-reaching in its objectives, addressing gaps among payers and healthcare providers, and has seven broad provisions, with three that apply to providers:
1. Admission, Discharge, and Transfer (ADT) Event Notifications (applicable spring 2021) — The most significant impact on hospitals will be due to the (ADT) Event Notifications provision. CMS has modified Conditions of Participation (CoPs) to require most hospitals, including Psychiatric and Critical Access Hospitals, to make a “reasonable effort” to send electronic event notifications to “all” Primary Care Providers (PCPs) or their practice. This will apply for Emergency Department (ED) patients, inpatient admissions and discharges, and transfers to another healthcare facility or community provider. Together with the CMS Promoting Interoperability Programs (formerly Meaningful Use), these initiatives will make pragmatic and substantive progress toward healthcare interoperability. Some states like Florida (FL CS/HB 843) imposed a similar rule that became final in 2019.
This new rule addresses notification; a substantial part of healthcare’s longstanding communications problem. Many Health Information Exchanges (HIEs) have an ADT-oriented notification function, but they and related vendors typically require the PCP to buy the vendor’s service or join the HIE.
In both cases, the PCP typically also needs to provide and maintain a list of their patients and the event notification process itself is often cumbersome for the recipient. Even the best HIEs struggle to get participation from small and independent practices, which immediately limits the reach and effectiveness for participating hospitals.
2. Public Reporting and Information Blocking (applicable late 2020) — The Information blocking portion of the Final Rule prompts hospitals to follow both the letter and spirit of the MU/PI programs as well as their respective parts of the 21st Century Cures Act. Achieving this standard should be relatively straightforward for most hospitals. Their Electronic Health Record (EHR) vendor should provide the necessary technology and deploying it is typically completed or is at least well underway. From a technology perspective, this should not be a significant burden for hospitals.
3. Digital Contact Information (applicable late 2020) — To send Protected Health Information (PHI), such as a digital medical record to another provider, facilities need to know where to send it. The digital contact information provision aims to provide a public directory of Direct Protocol and HL7 FHIR endpoints as part of the NPPES National Provider Identifier (NPI) directory. The rule requires individual providers like Doctors, Nurse Practitioners (NPs) and Physician Assistants (PAs) to post their digital addresses in their NPI record or be “shamed” later through inclusion in a public list of providers who have not complied. Compliance should take a few minutes per provider on average.
DirectTrust has long published a directory of all public Direct addresses, and EHR vendors complement that with a range of private addresses. Hospitals and practices can already access these directories, so making a copy of them in another place won’t, by itself, improve communication significantly.
The real challenge in creating an effective directory is that extensive work is needed to align digital addresses with locations, people, organizations, workflows (e.g., an address used for patients’ surgical pre-op) and data capabilities. Sometimes a message is sent to the practice, other times to the doctor, and still others to a particular location or workflow function. A truly comprehensive directory needs to be able to support all of these common use cases.
Third-party directories are now available from vendors that provide additional delivery and failover services. This new capability expands current EHR reach to the whole country of providers, practices and workflows, integrates seamlessly into standard EHR functions, and keeps users working within existing clinical workflows. It also dramatically reduces the effort of each individual hospital to build these capabilities organically.
Overall, these new regulations take a big step towards expanding patient data exchange. However, the timing could undoubtedly have been better. With COVID and the many impacts it has had on hospitals (revenue loss, employee shortages, strained Clinical and IT staff), it’s a difficult time for hospitals to engage in new projects. Nevertheless, COVID also taught a crucial lesson: now more than ever, hospitals need exactly this type of communication. This goes far beyond compliance.
In my conversations with hospital leaders across the country, I’ve heard many times that better interoperability will reduce the effort it takes to share COVID test results and improve care coordination and follow-up. Hospitals can reach far beyond compliance to bring real value during COVID and afterward—for the hospital and physician by:
- Reducing administrative burden
- Reducing readmissions
- Including the patient record, not just a thin notification
- Reducing extensive manual effort in directory upkeep
- Outsourcing the management of Direct Messaging and fax failures
- Better engaging outside practices and practitioners—increasing revenue
- Creating a path for new levels of communication going forward (e.g., community-wide texting, inbound referrals, more efficient workflows and much more)
Now for the good news
Hospitals can readily implement new digital capabilities to comply with these new ONC and CMS programs. This is the era of secure, cloud-based tools, rapid identity-proofing, turn-key implementation, and flexible user interfaces, after all. Third-party vendors offer nimbleness and innovation while leveraging the foundational work of the interoperability and communications components of MU, PI, MIPS/MACRA and the Final Rule to drive benefits across all providers without compromising competitiveness. Without needing to build an accurate, national provider directory or distribution channels, this is precisely the type of function that hospitals and systems should look to outsource.
Using current EHR capabilities and built-in technology standards that have long been mandated by ONC and CMS, innovative hospitals can leverage the power of their existing EHR infrastructure and rich datasets to both comply with the Final Rule and greatly expand communications with the outside. Patients will benefit from improved care coordination and operational efficiency that bring disparate providers together—through a patient-centric communications model that allows for the secure flow of the right information, in the right place, at the right time.