How CIOs can prepare for future regs — but first, a history lesson

Studying recent federal initiatives can give executives valuable lead time by having a better sense of federal health policy.

5. HDM establish rules.jpg
Being a student of rules can help CIOs anticipate change and adjust strategies.

This article is part of the January 2023 COVERstory.

U.S. healthcare regulations are vast and complex. To bring clarity to current policy and get a sense of what’s to come, it’s helpful to take a 30,000-foot view and a glance in the rearview mirror. 

From these vantage points, it’s clear that regulations during the past three or so decades have been driving toward patient empowerment and improving the quality, efficiency and safety of healthcare.  

But healthcare doesn’t happen at 30,000 feet – it happens in the trenches where policy details aren’t so clear. How can providers comply with regulations? To what end? By when? With what technology? Using which standards? Facing what penalties?  

There are no simple answers, but providers don’t have to — and shouldn’t — navigate the regulatory environment alone. Evaluating your partner's ecosystem can help you determine which partners can guide you toward not only meeting minimum requirements, but also complying in a way that aligns with your organization’s strategic initiatives and prepares you for regulatory changes in the future. 

The big picture: Putting people first 

Federal agencies envision an empowered healthcare delivery system centered on the evolving needs of patients and providers. As patient care expands beyond treating a person at a physical location, healthcare policy is driving prioritizing convenience, access to care and improving the overall patient experience. 

Healthcare provider needs also are changing. Providers are increasing their use of healthcare technology that reduces clinicians’ administrative burden and helps them increase efficiency to enable greater focus on improving health outcomes. Caring for the whole patient rather than focusing treatment based on data available in the electronic health record is part of this vision. 

As our healthcare delivery system moves toward value-based care, it is critical that the technologies designed to support this model are understood and adopted at scale by patients and providers.   

Provider organizations must follow the lead of federal agencies in unlocking data and integrating workflows and technology that help transform data into actionable insights within and outside of the organization.  

The future of the healthcare delivery system centers on technological innovation such as predictive analytics, genomics and artificial intelligence, which enable providers to deliver a diagnosis, improve outcomes and allow more time for patient interaction. These insights will provide better patient outcomes and care coordination, and that will, in turn, improve the quality of care with more emphasis on cost control for healthcare organizations. 

Foresee the future by looking back 

While few of us need (or have time for) a history lesson, it’s wise to consider recent regulatory changes in the context of what came before them. Knowing where they come from helps us understand where they’re going in the future.  

For instance, the Interoperability and Patient Access Final Rule and Final Cures Act Rule from Centers for Medicare & Medicaid Services and Office of the National Coordinator for Health IT, respectively, are designed to make healthcare data more broadly available to patients and prohibit healthcare organizations from blocking patient access to data.  

While patients have had the right to access their healthcare data and move it from one place to another under the Health Insurance Portability and Accountability Act, passed in 1996, this process became challenging with the adoption of electronic health records. 

Jump forward 12 years to 2008, when lawmakers passed the Health Information Technology for Economic and Clinical Health (HITECH) act. This required healthcare providers to demonstrate meaningful use of their EHRs and was a major step in modernizing from paper to electronic records. Despite this step forward, data sharing among health systems, payers, patients and other organizations was a different challenge. 

To address this, in 2010 the President’s Council on Advanced Science and Technology (PCAST) published a report on how healthcare data exchange, or interoperability, should roll out in the future. The report focused on clinician access to electronic healthcare functionality and establishing a robust platform for developers to build on creating seamless cross-organization data exchange.  

A second report highlighted the inefficiencies in meaningful use and the lack of an interoperable healthcare infrastructure. The PCAST taskforce provided recommendations to the U.S. health exchange paradigm that would ultimately make way for information blocking and patient access rules to come. 

In 2014, lawmakers released the JASON Report, which recommended that “healthcare interoperability be reoriented away from ‘siloed legacy systems’ toward a centrally orchestrated interoperability architecture based on open APIs and advanced intermediary applications and services.” The JASON report is one of the first bodies of legislative work that gave health IT leaders an idea of how systems should be conceptually arranged to meet API requirements in the future. 

This eventually led to the 21st Century Cures Act, which is designed to empower patients with access to their health data through apps of consumers' choosing. The Cures Act, passed in 2016, did not specify how to make this happen, leaving the details to CMS and ONC, which released their final rules in 2020. 

With the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), passed in March 2020, legislators offered relief funding to providers to support pandemic-related lost revenue. The legislation provided accelerated adoption of telehealth services and eased restrictions on virtual care services. 

These policies and legislative reports have served as essential steps toward patient and provider empowerment — giving patients ownership over their healthcare data and enabling providers to use health IT tools that will help them provide the best care possible.  

Principles for staying ahead of regulations 

Healthcare provider CIOs should understand and comply with regulations to prepare for the future of healthcare delivery. 

Principle 1: Monitoring output from federal agencies can give advanced warning of what is likely to become a compliance requirement in the future. For example, those monitoring the PCAST taskforce in 2010 had a 12-year head start on building out an API strategy to meet compliance deadlines that started hitting in 2022.  

Principle 2: It is critical to understand how implementation timelines of different federal mandates affect organizations, as well as what technical infrastructure gaps exist. Executives also must define a consistent process for data exchange inside and outside their organizations. 

Principle 3: By complying with regulations, you’ll help your organization avoid fines and penalties, and benefit from more loyal patients who are engaged in their own care. Compliance also enables better data insights to help drive quicker, more accurate decision-making — not only for the patient but also for business operations as well. 

With actionable insights and improved patient outcomes, healthcare organizations will be better poised for success in VBC reimbursement models. Providers must enable patient access and control of their data, putting tools and the policies in place to inform decisions for patients and to transform data into shareable insights to benefit the entire healthcare ecosystem. 

Abigael Grippe is a strategy analyst for Lyniate

More for you

Loading data for hdm_tax_topic #reducing-cost...