October 15, 2020 If you’re at all familiar with the 21st Century Cures Act, you may have heard the term ‘information blocking’ tossed around. Even if you’re not, you may be familiar with the ongoing healthcare battle to prevent information blocking and more effectively share patient information. If you’re not familiar with any of these things…well…keep reading anyways, if you’re an independent practice we promise this is going to be increasingly important information to know. A major goal of the Cures Act is to break down the barriers currently erected to interfere with, prevent, or discourage the access, exchange, or use of electronic Protected Health Information (ePHI) within the healthcare industry – otherwise known as information blocking. HIPAA outlines the specific ways information can be shared (and these rules still apply) but the statement of “sorry we can’t share that information because of HIPAA” is often applied incorrectly, and part of what the Cures Act hopes to correct. Deliberately blocking information that should be shared with patients and other appropriate covered entities, such as with Health Information Exchanges (HIE’s), can prevent or delay proper treatment and ultimately reduces the effectiveness of patient care. Before the Cures Act rules go into effect (November 2, 2020), organizations must reevaluate or remove any barriers currently in place that constitute information blocking. Not 100% what that really means? You aren’t alone, which is why the Office of the National Coordinator for Healthcare Technology (ONC) has created a helpful cheat sheet for what does and does not qualify as information blocking. There are some exceptions to what falls under the “information blocking” umbrella, including: All of these exceptions are only permissible provided certain conditions are met. In general, think of information blocking as refusing to share data even when there is no reason not to – i.e., none of these exceptions or regular privacy concerns apply. Where it gets tricky is when information sharing might – though the situation makes it unclear – violate HIPAA compliance regulations (really violate them, not just as an excuse). It’s always helpful to ask the experts in these circumstances – such as your HIPAA compliance program provider (*cough cough*).