COVID-19 challenges meeting Interoperability and Patient Access rule deadlines
Near-term deadlines spelled out in the Interoperability and Patient Access final rule will be difficult for hospitals to meet, especially smaller organizations that have limited IT staff and capabilities.
Achieving new information sharing capabilities will be made more difficult by resource challenges facing U.S. hospitals as they prepare for a potentially overwhelming crush of COVID-19 patients.
Exchanging patient information
Among other requirements, the final rules will force providers – by September – to exchange certain types of electronic patient information as a condition of Medicare participation. These event notifications will need to go to a variety of other provider organizations that would benefit from having updated patient information.
Implementing the IT to achieve this will require providers to install new software applications, dedicate staff to install and test it, and push the limits of current information-sharing capabilities.
COVID-19 is likely to soak up available resources, contended Mari Savickis, vice president of public policy for the College of Healthcare Information Management Executives. While the final rules have provided “a fair amount of flexibility, I’m a little worried about the strain that our healthcare system is under right now,” Savickis added.
Fast track for notifications
By September, the Centers for Medicare & Medicaid Services rule specifies that hospitals – including psychiatric facilities and critical access hospitals – must be able to send notifications about admissions, transfers and discharges to a wide range of recipients, including the patient’s primary care practitioner, post-acute-care services providers and suppliers, and other practitioners responsible for the patient’s care. Providers also can send notifications to payers and other providers, according to an analysis by Audacious Inquiry.
“Hospitals, or an intermediary that facilitates exchange of health information on their behalf, can tailor the delivery of notifications based on the preferences of the receiving provider,” the Audacious Inquiry analysis noted. Intermediaries must be able to connect to a wide range of recipients and not impose restrictions.
“CMS expects hospitals to have policies and procedures in place to identify the provider(s) who should receive a notification and incorporate this information into the notification system,” the advisory firm noted. The notification requirement will be enforced through the survey and certification process; CMS is expected to issue interpretive guidelines to surveyors on how to ascertain compliance.
This will be easier said than done, asserted Randy McCleese, who heads Sparksbridge Consulting and is interim CIO at Twin Lakes Regional Medical Center in Leitchfield, Kentucky, a 75-bed community hospital. He believes the biggest challenge will be ensuring that notifications are being sent on a consistent basis.
Hospitals large and small will be dependent on their healthcare IT vendors to meet this new regulatory requirement by updating software systems with the new functionality, he said.
“Updated software will need to be installed and tested,” McCleese explained. “Depending on the size of the organization, this can take a significant amount of time, anywhere from a few weeks to months. Several staff members are involved in any system update, and this is no exception, and there will be staff involvement for some additional time to ensure the correct data is being sent as required.”
IT involvement will decrease over time, but “IT is still responsible for ensuring that the required data is being delivered (on an ongoing basis), and this additional requirement is one more item to add to the already long list of responsibilities.”
In its comments on the proposed rule, CHIME had sought more time for the requirement to be implemented, Savickis said. “We asked for 36 months, but at least this requirement is more narrow – the number of (entities) that you have to share information with isn’t as large. And the fact that you don’t have to include a diagnosis in this communication is helpful.”
The requirement also highlights the need for improved patient tracking and a standardized way to match patient identities – CHIME has long sought the federal government to overturn or review a longstanding ban on researching the creation of a national patient identifier.
“Interoperability is more desperately needed than ever, which requires a way to uniquely identify patients,” Savickis noted.
According to a CMS summary of the rule, two other regulations facing providers are looming on the horizon.
Beginning in late 2020, and starting with data collected for the 2019 performance year data, CMS will publicly report eligible clinicians, hospitals and critical-access hospitals that may be information blocking, based on how they attested to certain Promoting Interoperability Program requirements.
“Knowing which providers may have attested can help patients choose providers more likely to support electronic access to their health information,” the CMS summary noted.
Also, the rule enables the agency to begin publicly reporting in late 2020 those providers who do not list or update their digital contact information in the National Plan and Provider Enumeration System (NPPES).
“This includes providing digital contact information such as secure digital endpoints like a Direct Address and/or a FHIR API endpoint,” the summary noted. “Making the list of providers who do not provide this digital contact information public will encourage providers to make this valuable, secure contact information necessary to facilitate care coordination and data exchange easily accessible.”
The rule also stipulates the use of FHIR version 4.0, the emerging normative standard from HL7 for data exchange, but Savickis said many provider organizations are still transitioning to using the latest version of the standard. CHIME conducted “a pulse check of members, and they’re all over the map in terms of who has FHIR 4. It’s not just something you just turn on tomorrow.”
Healthcare organizations are now laser-focused on how they’ll manage the expected onslaught of coronavirus cases, and that extends to IT departments as well.
“We (feel) we can do what the government asks us to do; we just need the right time to do this,” Savickis added. “But some of these deadlines will be a little tight. When you add in crippling impact of COVID-19 on the healthcare sector, it just throws a wrench in the process.”
The pandemic will be especially challenging to smaller provider organizations that don’t have extensive IT departments or financial resources to pay for additional support, McCleese added.
“The COVID-19 pandemic has already pulled IT resources, so this will certainly add to the problem,” he said. “Preparedness progress is extremely aggressive, and IT is being pulled away from typical IT functions to help in other areas of the organization. For example, the most recent request is to provide anyone and everyone (IT included) to staff facility entry points to monitor patient and visitor entrants.”
The COVID-19 crisis has amplified significantly in recent days. “I was out last week, and have been back in the office for only two days,” McCleese said. “What a change in intensity and focus. I have not sensed panic but a very real seriousness about whether the organization can meet the anticipated needs of the community. Everyone I have encountered understands the urgency of the situation and is preparing.”
Fred Bazzoli is a contributing writer to Healthcare IT News.
Healthcare IT News is a HIMSS Media publication.