Digital Health – Aperture Law Group

Proposed Interoperability Rules Receive Unreserved Endorsement from Past Policymakers

June 5, 2019
Jill DeGraff
Data Interoperability, Digital Health, HealthIT, Information Blocking, ONC, Privacy

Health Affairs published a blog post yesterday, penned by each of the former National Coordinators for Health IT. They offer unanimous and unreserved bipartisan support for the ONC and CMS' proposed health IT interoperability rules. Their unified show of support delivers a significant counterweight to comments made by influential industry groups, which recommend a longer window to implement the rules or completely different approaches. Here is a highlight of the comments made the former health IT policy leaders: Rapid advancement of APIs enabled by data standards is critical. Open APIs have been safely and effectively deployed in other industries, including financial services, energy and retail consumer services. HL7 FHIR is an appropriate foundational standard for open APIs in healthcare. Efforts to further advance this standard is critical. Regulators did well to include clinical notes and their provenance as data elements in the U.S. Core Data for Interoperability, so that they can be included in the first set of required open API standards. Real world testing of open APIs will be a critical implementation step for the safe and effective adoption of open APIs in healthcare. Expansion of the interoperability and API framework to health plans is game-changing. Including health plans…

I submitted a comment to the Office of the National Coordinator for Health IT today. Below is the text. Dear Dr. Rucker, I appreciate the opportunity to comment on the proposed rules for data interoperability, information blocking and the ONC’s health IT certification program. I counsel HIPAA covered entities and vendors of healthcare technologies on privacy, data security and contracts. This vantage point gives me a point of view about consumer privacy and data portability. I would like to offer my comments on the information blocking rule, particularly in regard to the "promoting privacy" exception and, more broadly, the policies that give effect to the individual right of access under HIPAA. The HIPAA Privacy Rule and Data Portability Between Covered Entities The HIPAA Privacy Rule includes detailed specifications that govern the permissible disclosure of PHI between covered entities, but it does not affirmatively require these disclosures to be made. This is a critical juncture where data portability gets stuck. The information blocking rule fills a critical gap in the HIPAA Privacy Rule, by inducing health care providers and their respective supply chains to facilitate data portability with other HIPAA covered entities, or else face negative consequences under the enforcement authorities…

The ONC Doesn’t Address Financing for Data Interoperability. It Needs To.

April 18, 2019
Jill DeGraff
Data Interoperability, Digital Health, HealthIT

In the dot.com era, I worked for a technology company that helped online retailers securely process credit card payments. We provided a toolkit for web developers, so their sites could accept standardized card information from consumers. After authorizing them to our servers, we exchanged payment transactions on the backend with the payment card industry's established payment processing infrastructure. The network charged a nominal transaction fee; we added a small transaction fee on top of that; and online merchants paid this fee from proceeds for the goods and services they sold to consumers. These steps were essential for paving the last virtual mile between consumers and retailers. In healthcare, data interoperability isn't limited to paving the virtual last mile because the standards for data interoperability's infrastructure are still being codified. Setting these standards, and creating guardrails to protect public and private investments in the nation's health IT infrastructure, are the point of the Cures Act's provisions for modernizing health information technology. The ONC's recently proposed rules on data interoperability and its health IT certification program would set these standards and guardrails for the immediate time, informed by industry engagement and consensus around the technical components of data interoperability. Alongside these standards…

Would Health IT APIs Become a Public Utility under the ONC’s Proposed Rules?

March 21, 2019
Jill DeGraff
Data Interoperability, Digital Health, HealthIT, Information Blocking, Technology Procurement and Contracting

The Cures Act directs the Office of the National Coordinator for Health IT (ONC) to implement Conditions and Maintenance of Certification that require EHR vendors to provide open APIs without special effort. In its proposed rule, the ONC not only proposes technical standards and technical outcome expectations to facilitate access, exchange and use of electronic health information using FHIR-based APIs; it also takes direct aim at rent-seeking business practices and behaviors that it believes interfere with data interoperability. This blog reviews the ONC proposal to restrict the fees that health IT developers would be permitted to charge for their certified API technologies, and offers some thoughts about the impact the fee proposals could have in the market. Background The ONC’s proposal to regulate fees on API technology would apply to EHR vendors, which would be required to implement the proposed certification criterion for FHIR-based “standardized API for patient and population services” within 24 months after final rules take effect. Other health IT vendors have the option of presenting API technologies to the ONC for testing and certification under the ONC Health IT Certification Program. API Technology Suppliers with certified API technologies would be subject to proposed Conditions and Maintenance of…