Securely sharing your private health information and data.
As part of an effort to make it secure and easier for your healthcare providers such as your health plans, doctors, and facilities to access your private health records, the Centers for Medicare and Medicaid Services (CMS) has provided ways for all parties to work together in a standardized manner. This is called Interoperability and Patient Access rule.
Simply put, if you have decided to share your health information with your new doctor, health plan, or other providers, this is where you can grant access. To do so, click on the link below and follow the instructions (By clicking on this link, you will leave CCHP’s website):
(LINK to come)
The Interoperability and Patient Access final rule (CMS-9115-F) delivers on the promise to put patients first, giving them access to their health information when they need it most and in a way they can best use it. As part of the MyHealthEData initiative, this final rule is focused on driving interoperability and patient access to health information by liberating patient data using CMS authority to regulate Medicare Advantage (MA), Medicaid, CHIP, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs).
Lack of seamless data exchange in healthcare has historically detracted from patient care, leading to poor health outcomes, and higher costs. The CMS Interoperability and Patient Access final rule establishes policies that break down barriers in the nation’s health system to enable better patient access to their health information, improve interoperability and unleash innovation while reducing the burden on payers and providers. Patients and their healthcare providers will have the opportunity to be more informed, which can lead to better care and improved patient outcomes, while at the same time reducing burden. In a future where data flows freely and securely between payers, providers, and patients, we can achieve truly coordinated care, improved health outcomes, and reduced costs.
Ensuring the privacy and security of patient information is a top priority for CMS. Identifying the right standards can help data flow securely and efficiently. CMS, in partnership with the Office of the National Coordinator for Health Information Technology (ONC), has identified Health Level 7® (HL7) Fast Healthcare Interoperability Resources® (FHIR) Release 4.0.1 as the foundational standard to support data exchange via secure application programming interfaces (APIs). CMS is adopting the standards for FHIR-based APIs being finalized by HHS in the ONC 21st Century Cures Act rule at 45 CFR 170.215. These requirements support the privacy and security of patient information.
CMS is taking additional steps to provide payers and patients with opportunities and information to protect patient data and make informed decisions about sharing patient health information with third parties. For instance, as part of this final rule, a payer may ask third-party application developers to attest to certain privacy provisions, such as whether their privacy policy specifies secondary data uses, and inform patients about those attestations. CMS is also working with payers to provide information they can use to educate patients about sharing their health information with third parties, and the role of federal partners like the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) in protecting their rights.
Patients have a right under HIPAA to access their health information. We believe they also have a right to know their health information is exchanged in a way that ensures their privacy and security. We are working to balance these important issues in a way that empowers patients to be in charge of their healthcare.
To learn more about Interoperability and Patient Access, visit the CMS fact sheet here. (By clicking on this link, you will leave CCHP’s website).
