Are We There Yet? Delivering on the Promise of Digitizing Healthcare Information

Delivering on the Promise of Digitizing Healthcare Information

On May 1, 2020, the Department of Health and Human Services (HHS) published two Final Rules in the Federal Register targeted at improving interoperability[i] and patient access to health information[ii]. One Rule from HHS’ Office of the National Coordinator for Health Information (ONC) and another from its Centers for Medicare and Medicaid Services (CMS).

In its March 9, 2020 press release announcing the Final Rules, HHS stated that “these final rules mark the most extensive healthcare data sharing policies the federal government has implemented, requiring both public and private entities to share health information between patients and other parties while keeping that information private and secure.”[iii] The US healthcare industry is already feeling the impact of these rules. Many believe that the long-hoped-for destination of improved care and reduced cost is finally in sight. Others fear that this latest turn will only lead to increased costs and decreased privacy and security of patients’ electronic health information.

In a new article published in the Health Care Compliance Association’s Compliance Today magazine, I reflect on the road the healthcare industry has traveled to get to this point. The article reviews the latest government policy turn away from promoting the adoption of healthcare technology and toward promoting interoperability of that technology. It examines how that turn is expressed in the requirements of the new Rules and concerns raised at the potential impact of the regulations on the privacy and security of electronic health information. Finally, I take a look ahead at the possible implications for the industry.

HCCA has made the article freely accessible on its content platform for the next six months. You can access the article here. My thanks to HCCA for the opportunity to contribute my thoughts on this important subject.

Copyright 2020 Compliance Today, a publication of the Health Care Compliance Association (HCCA)

[i] Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Interoperability and Patient Access for Medicare Advantage Organization and Medicaid Managed Care Plans, State Medicaid Agencies, CHIP Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, and Health Care Providers, 86 Fed. Reg. 25,510 (May 1, 2020)

[ii] 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program, 86 Fed. Reg. 25,642 (May 1, 2020)

[iii] “HHS Finalizes Historic Rules to Provide Patients More Control of Their Health Data.” HHS.Gov, U.S. Department of Health and Human Services, 9 March 2020, available at https://www.hhs.gov/about/news/2020/03/09/hhs-finalizes-historic-rules-to-provide-patients-more-control-of-their-health-data.html

Newsletter

Sign up for our monthly newsletter discussing hot topics and access to invaluable resources.


Related Blogs

Assumed Breach Simulation: Lateral Movement Explained

Assumed Breach Simulation: Lateral Movement Explained

A cyberattack doesn’t always start with an exposed perimeter. Sometimes, all it takes is a single compromised workstation — compromised through social engineering attacks, use of weak access management. To help clients gauge the potential for a breach to occur through these attack vectors, I and my colleagues on Clearwater’s Technical Testing team perform what is called assumed breach testing – a cybersecurity assessment that evaluates an organization’s ability detect, respond to, and recover from a breach.
RSA 2025 Recap: AI, Innovation, and Identity Take Center Stage

RSA 2025 Recap: AI, Innovation, and Identity Take Center Stage

The cybersecurity world descended on San Francisco last week for RSA Conference 2025, and Clearwater was proud to be there alongside our Redspin colleagues. From AI to identity, from innovation to infrastructure, this year’s RSA reflected both the rapid evolution of cybersecurity technology, and the mounting pressure on organizations to stay ahead of new threats. Here’s what stood out to our team on the ground.
Clearwater at RSA 2025: Spotlighting Healthcare Cybersecurity and Critical Infrastructure

Clearwater at RSA 2025: Spotlighting Healthcare Cybersecurity and Critical Infrastructure

Clearwater is heading to RSA this year, and we couldn't be more excited to join the global cybersecurity community from April 28–May 1 in San Francisco. With an impressive lineup of speakers, innovative sessions, and timely conversations about the future of cyber regulation, we’re looking forward to digging into what matters most to the healthcare sector—paying special attention to sessions on protecting our nation’s critical infrastructure.
No results found.

Connect
With Us