Patients can now access all health information in electronic record sets


Image via pixabay.

Thursday, Oct. 6, marked another milestone for patients seeking access to information in their electronic health records. That’s the date federal information-blocking regulations expanded to enable patients’ access to all electronic protected health information (ePHI) in designated record sets. With some medical organizations pushing back on the deadline saying smaller medical centers aren’t ready for this or are unaware of the requirement (see below), journalists could find interesting stories querying hospitals to find out how they got ready for this requirement or how it’s going, or interview patients seeking information from their records and find out how easy it was to get that data. 

“October 6th is a big day because we’re saying if data is electronically accessible — meaning it’s on a computer system somewhere in your hospital — you’re required to make it available,” said Micky Tripathi, national coordinator for health information technology at the Office of the National Coordinator for Health Information Technology (ONC), during an Oct. 6 episode of the podcast Tradeoffs. “You might start to see…nursing notes or operative notes from a surgery or images from a last imaging.”

The 21st Century Cures Act directed ONC to implement a standardized process to report claims of so-called information blocking or holding information hostage in records. These rules originally were slated to go into effect in November 2020 but were extended until April 2021 because of the COVID-19 pandemic. That was the first deadline, with October 6, 2022, being the second.

As of April 5, 2021, health care entities were obligated to allow patients access to certain pieces of electronic health information represented in the United States Core Data for Interoperability (USCDI) v1 — a set of data elements for interoperable health information exchange. This included eight types of clinical notes, such as consultation notes, discharge summary notes, history and physical information, imaging narratives, laboratory and pathology reports, and procedure and progress notes. Kerry Dooley Young and I wrote a blog post about this for AHCJ last summer.

The recent expansion means organizations also must permit patient access to all electronic health information in a designated record set, according to a resource document published by OpenNotes. This could include:

  • Medical and billing records maintained by a health care provider
  • Enrollment, payment, claims adjudication, and case or medical management record systems
  • Other records used in whole or in part by a covered entity to make decisions about individuals 

There are eight allowable exceptions where an entity would not be found to engage in information blocking, including cases where health information can be temporarily taken offline while computer systems are updated, or where a provider or health system believes that releasing the information could result in harm to a patient or another person.

Information that is not considered electronic health information (EHI) also is exempt from the regulations. Some examples include psychotherapy notes; information compiled in anticipation of or for use in a civil, criminal or administrative action or proceeding; and health information regarding a person who has been deceased for more than 50 years.

Health organizations pushed HHS for extension

Although this requirement has been in the works for several years, 10 organizations, including the American Academy of Family Physicians, American Hospital Association and American Medical Association, on September 26 sent a letter to U.S. Department of Health and Human Services Secretary Xavier Becerra requesting a one-year extension to the Oct. 6 deadline, as well as the use of corrective action warning communications to providers/clinicians prior to imposing any monetary fines or beginning a formal investigation. They claimed that many smaller organizations weren’t ready for the change or didn’t know about the requirement, and expressed concern that health IT and electronic health record vendors haven’t updated their systems to comply with the regulation, Healthcare IT Today reported.

Members have been “working diligently” to meet the Oct. 6 deadline, the organizations wrote in their letter. “They are making every feasible effort, many with scarce resources, to ensure that they are prepared to be in compliance — from both a vendor readiness standpoint as well as from a comprehension standpoint.” While the organizations “strongly support patients’ need to access their information in a digital format … significant knowledge gaps and confusion still exist within the provider and vendors communities with respect to implementation and enforcement of information blocking regulations.” 

But the date stuck. “I am not aware of any intention to delay the October 6 deadline,” ONC spokesperson Kevin Eike told AHCJ at the time. The HHS public affairs office did not respond to AHCJ’s request for comment. 

Reporting on information-blocking data

The regulations are important. In late February 2022, ONC announced it had received 299 complaints of information blocking since it banned the practice the previous April, Becker’s Health IT reported. That breakdown indicated that most complaints (211) were filed against health care providers, followed by health IT developers (46). ONC maintains a webpage that tracks information-blocking claims. 

As of Oct. 24, there were 476 possible claims of information blocking, most of which were made by patients, followed by third parties on a patient’s behalf, health care providers and attorneys. Again, the vast majority of information-blocking claims were made against health care providers.

Information blocking claims, which can be submitted through ONC’s Information Blocking Portal, are confidential and restricted from public disclosure, so it won’t be easy to find violators to write about. The Cures Act prohibits ONC from disclosing information blocking claims or information that could reasonably be used to identify the source of the information, Steven Posnack, deputy national coordinator for health information technology at ONC, wrote in a recent blog post.

Additional resources

Creative Commons License

Republish our articles for free, online or in print, under a Creative Commons license.

Karen Blum

Karen Blum is AHCJ’s health beat leader for health IT. She’s a health and science journalist based in the Baltimore area and has written health IT stories for numerous trade publications.