Weiss Zarett Brofman | Sonnenklar & Levy, P.C. | Attorneys At Law

High Quality Services And Personal Attention

21st Century Cures Act Promises Greater Interoperability and Less Information-Blocking in Health Information Technology, Among Other Reforms

On Behalf of | Feb 17, 2017 | Articles, Healthcare Law, Medical Staff Privileges

By David A. Zarett, Esq.Email David

On November 30, 2016, the United States House of Representatives overwhelming passed the 21st Century Cures Act (“Cures Act” or the “Act”) with broad bipartisan support. It was swiftly passed by the Senate on December 7 and signed into law by then-President Obama on December 13. Billed as the most comprehensive piece of health care legislation since the Patient Protection and Affordable Care Act in 2010, the Cures Act is meant to address the task of expediting the discovery, development and delivery of treatments for disease. The House Energy and Commerce Committee (“ECC”), which worked extensively on the Act, describes it bombastically as “[a]n innovation game-changer, a once-in-a-generation, transformational opportunity to change the way we treat disease.”

A much-publicized provision of the Cures Act would provide the National Institutes of Health (“NIH”) with $4.8 billion dollars of funding for three signature research initiatives of the Obama Administration. These include the BRAIN initiative, the Precision Medicine Initiative, and Former-Vice President Joe Biden’s “Cancer Moonshot,” which aims to improve the early detection and prevention of cancer. Another noteworthy promise of the Act is the provision of $1 billion dollars of funding to the states over the course of two years to combat the opioid addiction crisis in America.

Though not among its more heavily discussed provisions, the Cures Act also contains sections related to increasing inter-operability among various health information systems to facilitate the free exchange of Protected Health Information (“PHI”) among providers. It also attempts to address concerns over “information-blocking,” a method used recently by large health systems to dis-incentivize and steer away referrals to outside providers by imposing intentionally burdensome requirements for the necessary exchange of PHI.

With the ubiquity of Electronic Health Records (“EHR”) necessarily comes the need for hardware and software through which to access, transmit and update the data. This need, naturally, spawned efforts from multiple vendors to market and provide competing systems for maintaining EHR. In the context of medical care, where physicians and other professionals routinely make referrals for various treatments both in- and out-of-network, problems have arisen with respect to the compatibility of competing EHR systems. The need for the exchange of EHR among the systems of competing vendors defines the desire for “interoperability.”

On a similar note, some hospitals and vendors have been accused of surreptitiously using EHR to enhance or maintain their control over their share of the healthcare market. With the widespread adoption of EHR, the government has received numerous complaints about information-blocking being used as a means to quash competition. One of the most publicized instances of purported information blocking occurred when the Connecticut State Attorney General began investigating Epic Systems (“Epic”) for claims that its information-sharing practices were being used by large hospital systems, such as Yale-New Haven, to steer referrals in-network at the expense of independent medical practices. Because Epic controls more than half the market in the state for EHR, outside physicians and practices claimed that the difficulty in accessing patient amounting to a coercion of practices to join the hospital and a punishment for those that were unwilling to do so. Connecticut thus became the first state to make information-blocking illegal, in June, 2015.

The Office of the Inspector General (“OIG”) has also issued guidance related to information-blocking and the use of EHR in the context of the Federal Anti-Kickback Statute (“AKS”). There is an AKS safe harbor that exists for the purpose of furnishing software or information technology to a potential source of referrals. However, the safe harbor is conditioned upon the donor of such technology not taking any steps to “restrict the use, compatibility or interoperability of the… EHR systems.” Taking such steps may also subject a provider to the forfeiture of incentive payments given by the Centers for Medicare and Medicaid Services (“CMS”) for the adoption of EHR, otherwise known as “meaningful use” payments.

The Cures Act contains a section devoted to “Ensuring Operability of Health Information Technology.” Interoperability is defined therein as technology which allows the secure transfer of electronically accessible health information and allows for the complete access, exchange and use of all electronically accessible health information without special effort by the party requesting it. The Act also provides six categories of standard for determining whether health information technology is interoperable, including (1) vocabulary and terminology; (2) content and structure; (3) transport; (4) security; (5) services; and (6) querying or requesting health information for access, exchange or use. The Secretary of Health and Human Services (the “Secretary”) is directed to issue guidance with respect to interoperability standards based on the above criteria, and to contract with one or more health care standards development organizations to bring the standards into being as soon as is practicable. The Cures Act goes on to set forth the processes for the creation of interoperability standards in great depth.

In addition to interoperability, the Act also sets out a firm definition of Information-Blocking. It is defined as preventing or materially discouraging the access, exchange or use of electronic health information when the actor knows or should know that their actions are likely to interfere with such access, exchange or use. This definition applies not only to qualified EHR, but also to other technology, business, technical or organizational practices necessitated by its use. The Cures Act also lays out four examples of information blocking: (1) contract terms, policies or business and organizational practices restricting use or exchange; (2) charging unreasonable prices and fees for technology and its use; (3) developing or implementing technology in nonstandard ways likely to substantially increase the cost, complexity or burden of sharing EHR; and (4) developing or implementing technology in ways that are likely to lock in users of specific EHR. The Secretary, however, is required to identify exceptions (possibly future safe-harbors) to the information-blocking provisions before they can be enforced. Compliance with the standards are mandated for hospitals, other providers, IT vendors and health information systems.

With respect to both interoperability and information-blocking, the Cures Act gives the Inspector General of the Department of Health and Human Services (the “IG”) the power to enforce the applicable provisions. Among other things, the IG is empowered to investigate vendors whose products are out of compliance with interoperability standards, as well as any vendor or provider who is engaged in information blocking without a legitimate purpose. There is a provision, however, which states that the Secretary shall ensure that health care providers will not be penalized for wrongful actions which were solely on the part of the vendor. A standardized process is to be created to respond to claims or information blocking or lack of interoperability, and the Secretary is directed to assess civil monetary penalties for noncompliance in an amount to be determined through the typical agency rulemaking process.

While the Cures Act itself does not impose immediate legal obligations upon providers or IT vendors, it does direct the relevant rulemaking and enforcement bodies to have such standards and penalties enacted within the next couple of years. Vendors will be required to certify compliance with HHS standards made after January 1, 2018 or risk decertification for noncompliance with respect to meaningful-use funds. Providers using the noncompliant systems provided by vendors, however, will be given a minimum of a one-year hardship deferment before their own meaningful-use funds are put in jeopardy if they are not at fault. It is the hope of the legislature and the many lobbyists and other supporters of the Cures Act that the promulgated rules will ultimately aid in fostering an environment where the full benefits of health IT can be realized while mitigating some of the pitfalls which those technological advancements have created.


Weiss Zarett Brofman Sonnenklar & Levy, P.C. is a Long Island law firm providing a wide array of legal services to the members of the health care industry, including corporate and transactional matters, civil and administrative litigation, healthcare regulatory issues, bankruptcy and creditors’ rights, and commercial real estate transactions.