Two New Federal Rules Aim to Expand EHR Interoperability and Patient Access to Electronic Health Information

Last Updated: Mar 12, 2020

EHR-Tablet-Medical-RecordsTwo new rules on access to electronic health information were finalized by the U.S. Department of Health and Human Services (HHS) on March 9, 2020.

The final rules – created in response to provisions in the 21st Century Cures Act - seek to enhance electronic health record (EHR) interoperability, prevent data blocking, and allow patient access to electronic health information at no cost.

Here is an overview of the regulations, one released by the Centers for Medicare and Medicaid Services (CMS) and the other released by HHS’ Office of the National Coordinator for Health Information and Technology (ONC).

CMS Rule on Interoperability and Patient Access

The Centers for Medicare and Medicaid Services' (CMS) final rule requires CMS-regulated payers (i.e. Medicaid, the Children’s Health Insurance Program, Medicare Advantage plans, and Qualified Health Plans on federally-funded exchanges) to do the following:

  • Create a Patient Access Application Program Interface (Patient Access API) – Plans would be required to Implement and maintain a secure, standards-based API that allows patients to easily access their claims and encounter information, including cost, as well as a defined subset of their clinical information through third-party applications of their choice. The Patient Access API must be implemented by Jan. 1, 2021.
  • Enable Payer-to-Payer Data Exchange – CMS-regulated payers are required to exchange certain patient clinical data at the patient’s request. Payers will be required to implement this process by Jan. 1, 2022.

CMS says the Patient Access API will enable patients to take their health information with them as they move from plan to plan and from clinician to clinician.

 Some of the additional provisions in CMS’ rule include:

  • Preventing Information Blocking – Beginning in late 2020 and starting with data collected in the 2019 performance year, CMS will publicly share information on health care organizations and clinicians that are engaging in data and information blocking.
  • Requiring Digital Contact Information – Beginning in late 2020, CMS will publicly report the names and National Provider Identifiers (NPIs) of those providers who have not added digital contact information to their entries in the National Plan and Provider Enumeration System (NPPES).
  • Requiring Payers to Offer Provider Directories – CMS-regulated payers (except QHP issuers on federally-funded exchanges) to make provider directory information publicly available via a standards-based API. 
  • Requiring a Condition of Participation (CoP) - All Medicare and Medicaid participating hospitalswould be required to send electronic notifications to another health care facility, or community provider or practitioner when a patient is admitted, discharged, or transferred.
  • Requiring states to send enrollee data daily beginning April 1, 2022 for beneficiaries enrolled in both Medicare and Medicaid.

ONC Rule on Interoperability and Information Blocking

The other rule, issued by ONC, is a complement to the CMS’ interoperability rule outlined above. ONC’s regulations include provisions such as:

  • Requiring that patients can electronically access all of their electronic health information (EHI), structured and/or unstructured, at no cost.
  • Implementing information blocking provisions of the 21st Century Cures Act. There are 8 exceptions to the definition of information blocking with certain exceptions for reasonable and necessary practices like protection of patient privacy. Information blocking generally refers to any practices that interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information.
  • Calling on the health care industry to adopt standardized APIs to help users easily and securely access and exchange electronic health information between systems whether it is a smartphone, mobile application, or an EHR.

Key recommendations found in both rules should offer benefit to EHR end users as both rules require expansion of data EHRs deliver to physicians and patients; vendor oversight, fee limitation, and information blocking condition of certification; real world testing; and the adoption of modern interoperability standards.

Additional Resources

You can find details on the new interoperability regulations below:

Pennsylvania Medical Society members with questions can also contact our Knowledge Center at 855-726-3348 or


Leave a comment
  1. richard stacey | Apr 21, 2020

    <a href=""></a>

  2. richard stacey | Apr 21, 2020
    Here are some more specifics about what's required to implement the patient access part of the rule

    Login to be able to comment

    Leave a comment