With wider EHI scope compliance on tap for 2022, ONC offers clarity
Leaders from the Office of the National Coordinator for Health IT offered some help for healthcare organizations who will face broader information blocking compliance in 2022 – specifically with regard to the sharing of electronic health information, or EHI.
In a blog post, Kathryn Marchesini and Michael Lipinski offer providers, certified health IT developers and health information networks/exchanges some clarity on a deceptively simple question: "So, what is EHI anyway?"
This past year, of course, ONC's information blocking regulations took effect on April 5. But to give those covered entities a phased-in way of compliance, the info blocking rules covered only a subset of EHI – specifically information represented by the data elements identified by United States Core Data for Interoperability v1.
"A USCDI data element is the most granular level at which a piece of data is represented in the USCDI for exchange (e.g., patient date of birth, medications, or procedure note)," note ONC officials.
Beginning on October 6, 2022, however, covered actors will be subject to info blocking claims for the full scope of EHI ("except when an information blocking exception applies or a law requires that the information not be shared").
So what comprises EHI? More can be learned in ONC's FAQs. But the basic definition is that it's electronic protected health information, ePHI, "to the extent that it would be included in a designated record set, regardless of whether the group of records are used or maintained by or for a covered entity."
The EHI definition incorporates terms defined by HIPAA rules – but "specifically excludes psychotherapy notes as defined in the HIPAA Rules and information compiled in anticipation of legal proceedings, which is consistent with the individual 'right of access' standard" in HIPAA.
Moreover, it's defined by three key points:
- Information must first meet the definition of electronic Protected Health Information.
- Information must also meet the definition of a Designated Record Set.
- HIPAA-regulated entities should already know what information that they maintain is EHI.
Much more detail is available in the ONC blog post .
While the compliance date is still nine months away, "there’s no need to wait until October 6," Lipinski and Marchesini point out. "Anyone ready to share more than the USCDI v1 is welcome and encouraged to do so as permitted under applicable law."
Read more in ONC's fact sheet.
Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News is a HIMSS publication.