Proposed Federal Rules Could Transform How Electronic Health Records Support Care

Draft offers path to improve data sharing, public health support, and patient safety

Navigate to:

Proposed Federal Rules Could Transform How Electronic Health Records Support Care
Doctor wearing protective face mask on medical consultation at home
Getty Images

The federal Centers for Medicare and Medicaid Services (CMS) on May 10 released a draft rule—the Inpatient Prospective Payment Systems rule—that would help determine how hospitals are reimbursed for providing care. Despite the seemingly technical goal, the proposed regulations could transform how health care organizations exchange data and report on the quality of care they provide.

These rules touch on several areas of hospital operations. In particular, the health IT components could significantly improve how electronic health records (EHRs) help inform public health agencies’ activities, ensure patients receive safe and effective care, and automatically report data to authorities. The changes would help modernize how hospitals share information through their electronic record systems so doctors and nurses can provide the best care possible.

The CMS announcement is only one step in the process. The draft rules are open for comments through June, and the final version is slated to take effect at the start of 2022.

Better data exchange to support public health

The COVID-19 pandemic highlighted the importance of rapid, accessible data to address public health crises and the challenges that come from not having this data. In prior years, being able to send certain information to public health agencies electronically was optional for hospitals and providers. The proposed CMS rules would require hospitals that participate in Medicare’s Promoting Interoperability (PI) Program—a payment program that can help determine hospital reimbursement rates—to prioritize reporting their data to public health agencies electronically. This change should give those agencies more complete and up-to-date information to inform their responses to future health crises.

Public health data reporting broadly covers four main categories: case reporting, which provides health departments with information about patients who have certain conditions; lab reporting, which lets health departments know how many people have tested positive for an illness; syndromic surveillance, which provides community-level data on health threats; and immunization registry data, which offers information about individuals’ vaccine status and community-wide immunization rates. The CMS rules would require hospitals in the PI program to attest that their systems can share data electronically with public health agencies for all four use cases. Such connectivity would ensure that agencies can track health concerns and respond quickly, based on the best available information.

Easier access to data for patients and providers

Also included in the CMS proposal is an optional measure in the PI program that allows hospitals to demonstrate that they are exchanging important clinical information with other providers. Hospitals could achieve this if their EHRs can send, receive, and incorporate data via health information exchanges (HIEs), which are entities in states or regions that help share information among groups that have a legitimate need for it, including other providers, hospitals, and public health agencies.

In particular, systems would have to be able to exchange data included in the Common Clinical Data Set or the current version of the United States Core Data for Interoperability. Both include the most important information about patients, such as demographics, a list of their medications and medical histories, allergies, immunizations, and other background that clinicians consistently need to provide quality care. To exchange data with HIEs, hospitals would have the option to use application programming interfaces (APIs), tools that can gather information from multiple sources and aggregate it in one place. Moreover, those APIs could be based on the Fast Healthcare Interoperability Resources standard, the most commonly used standard in health IT. This would allow providers to access specific pieces of information, rather than having to sort through pages of unnecessary or unhelpful records.

Greater focus on health IT safety

The proposed rule would also require hospitals to regularly assess the safety of their EHRs and whether their design or implementation in health care facilities could inadvertently contribute to medical errors.

To do so, hospitals would use the Safety Assurance for EHR Resilience (SAFER) Guides, a series of nine checklists developed by the Office of the National Coordinator for Health Information Technology (ONC), the agency that oversees health IT. The guides include categories such as system interfaces or configuration, patient identification, and reporting and follow-up on test results, any of which can introduce errors that put patients at risk. To be compliant, hospitals would need to attest that they completed the assessments for all nine guides and repeat the process annually.

Increased use of APIs to share information

The draft rules also include a request for feedback on ways to encourage greater use of APIs in health care. These interfaces are commonly used in other parts of the economy, such as to help people book airline flights or hotel stays online, but their use in health care has been limited. APIs could be used to automate data reporting for EHRs. For example, CMS asks hospitals to annually report certain quality measures, such as rates of hospital-acquired infections, to collect information on health care outcomes. Using APIs to conduct this reporting could reduce the burdens on hospitals.

ONC is developing rules to govern the types of data that APIs must be able to access and share among EHRs. CMS is similarly collecting feedback to expand the use of APIs to share data, as well as how these tools could streamline quality reporting programs and reduce burdens on hospitals and providers through automated data sharing.

Beyond these proposals, additional rules could be needed to encourage vendors to make these and related goals a priority. Still, the CMS proposal marks a step toward safer, more effective health IT systems. And implementation of these rules would help bring better care for patients and support for communities facing health crises.

Molly Murray manages The Pew Charitable Trusts’ health information technology project.