The new 21st Century Cures Act is about to change healthcare IT, and most of the industry never saw it coming.

Passed easily on Wednesday by the House of Representatives, the bill is expected to sail through the Senate next week. It is supported by President Obama, who undoubtedly will sign it.

Much of the bill focuses on significant FDA regulatory changes, support of mental and substance abuse-related healthcare, and funding for programs such as Vice President Biden’s Precision Medicine Initiative, the Brain Research Through Advancing Innovative Neurotechnologies Initiative, cancer research and regenerative stem cell-based medicine. It also includes mandates to improve healthcare IT—most notably, in relation to nationwide interoperability and information blocking. Suddenly, those “Interoperability Pledges” that EHR vendors signed earlier this year will not be toothless expressions of good will.

Certain sections of the 996-page Cures bill are focused on “improving quality of care for patients” in the area of information technology, with interoperability the front and center concern. HHS will receive $15 million in funding to change ONC’s certification process to help push interoperability and fight information blocking by EHR vendors.

Specifically, HHS will change the conditions of Meaningful Use certification of healthcare IT to include interoperability. To be certified, vendors will not have taken “any action that constitutes information blocking” or “take any action that may inhibit the appropriate exchange, access, and use of electronic health information.” They may not prevent HIT interoperability and must develop application programming interfaces (APIs) or other technologies to enable the application to be “accessed, exchanged and used without special effort.” The vendors also must have successfully tested the “real world use of the technology for interoperability.”

The act also places strong emphasis on providing patients’ access to their electronic health information in a single longitudinal format that is “easy to understand, secure and updated automatically.” It recommends that ONC include this in Health IT certification, as well as providing the ability for patients to electronically communicate their health information to providers. HHS will convene with industry stakeholders to develop regulations that provide specific definitions and criteria. Vendors found to be blocking information are subject to penalties of as much as $1 million per violation.

The act also provides for greater support of networks exchange to advance an interoperable health information technology infrastructure, “for the purpose of ensuring full network-to-network exchange of health information.” The focus will be on establishing public-private partnerships to build consensus and develop a “trusted exchange framework, including a common agreement among health information networks nationally.”

Also See: Is information blocking finally on its last leg?

While no private or public health information network will be required to adopt the trusted exchange framework, federal agencies may require adoption within their networks. Health information exchanges are prohibited from information blocking, as are providers, and are subject to penalties of as much as $1 million.

Within three years of the Cure Act’s enactment, HHS must establish a “provider digital contact information index” for access by healthcare professionals and facilities.

The act also establishes a Health Information Technology Advisory Committee that will unify and replace the existing HIT Policy Committee and the HIT Standards Committee, to provide recommendations and report to ONC. Priority target areas for HHS and the HIT Advisory Committee, working with private and public healthcare stakeholders, will be:



“Achieving a health information technology infrastructure, nationally and locally, that allows for the electronic access, exchange, and use of health information, including through technology that provides accurate patient information for the correct patient, including exchanging such information.”

The promotion and protection of privacy and security of health information in health information technology, especially in the area of accounting of disclosures and protections of sensitive information. The act includes “the segmentation and protection from disclosure of specific and sensitive individually identifiable health information with the goal of minimizing the reluctance of patients to seek care.” This emphasis on segmentation of information is significant in the mental health / substance abuse world, where the existing inability of IT systems to separate out data that has not been authorized for disclosure inhibits data exchange and analysis.

The facilitation of secure access to health information by individuals, family members, caregivers and guardian including when related to age or other disability, cognitive impairment, or dementia.

The committee is authorized to determine other targets, and indeed, the act appears to be recommending specific emphases. It suggests considering targets related to population health, improving child healthcare, and use of telemedicine and “self-service” technologies, and patient matching, among others.

If you were at HIMSS’ 2016 Conference, you couldn’t miss the 20-feet long banners and overall chatter about “The Interoperability Pledge.” Software vendors were challenged by ONC to pledge voluntarily that they would facilitate communication of health information between providers, patients and other healthcare stakeholders. ONC appeared to be preparing for a combined industry/government initiative to get us over the long-time hump of non-interoperability between our many varied EHR systems. Indeed, vendors representing 90 percent of EHRs used by hospitals nationwide signed up.

And then? Nothing. Little has changed. Pledges were voluntary.

But now, with the new 21st Century Cures Act, compliance is going to be the name of the game, once again—and this time, for HIT vendors. It’s about to be time for them to step up and follow through.