The Office of the National Coordinator for Health Information Technology (ONC) and CMS recently released a final rule establishing penalties for health care practitioners who commit information blocking. Since 2022, allergists have been required to comply with ONC’s requirements governing the prevention of information blocking with respect to electronic health information (EHI). However, until now, ONC has not established the penalties for physicians violating the information blocking rule. Under the final rule, certain physicians who have committed information blocking may be penalized through CMS’s Merit-based Incentive Payment System (MIPS) program.
This article provides an overview of information blocking and the enforcement mechanism against MIPS clinicians (not hospitals or Accountable Care Organizations (ACOs). These enforcement provisions will take effect 30 days after the final rule is formally published in the Federal Register.
What Is information blocking?
Information blocking is broadly defined as an act or omission by a health care provider (including physicians and other qualified health care professionals) that is likely to interfere with access, exchange, or use of EHI. For example, information blocking may occur if an allergy practice refuses to provide a patient’s EHI to an unaffiliated provider for treatment purposes after the patient requested the transfer of data. However, an allergist is not considered to have committed information blocking if the practice meets one of the following eight exceptions:
- Preventing Harm Exception: The health care practitioner holds a reasonable belief that the act or omission of EHI will substantially reduce a risk of harm to a patient or another person that would occur if access or exchange is given, or EHI is used.
- Privacy Exception: The health care practitioner does not fulfill a request to access, exchange, or use EHI in order to protect an individual’s privacy.
- Security Exception: The act or omission of EHI is directly related to safeguarding the confidentiality, integrity, and availability of EHI.
- Infeasibility Exception: The health care practitioner does not fulfill a request to access, exchange, or use EHI due to the infeasibility of the request.
- Health IT Performance Exception: The act or omission of EHI involves reasonable and necessary measures for the benefit of the overall performance of the health IT, even if it makes it temporarily unavailable or degrades its performance.
- Content and Manner Exception: Under certain circumstances, the health care practitioner may limit the content of their response to, or the way they respond to, a request to access, exchange, or use EHI.
- Fees Exception: Under certain circumstances, an actor* may charge fees for accessing, exchanging, or using EHI.
- Licensing Exception: Under certain circumstances, an actor* may license interoperability elements for EHI to be accessed, exchanged, or used. (Health care practitioners are less likely to invoke this exception).
Enforcement of the information blocking prohibition
Alleged instances of information blocking can be reported to the Office of Inspector General (OIG). The OIG has the discretion to determine which claims of information blocking it would like to pursue. The OIG has indicated that it will prioritize complaints that:
- Resulted in, are causing, or have the potential to cause patient harm.
- Significantly impact a practitioner’s ability to care for patients.
- Were of long duration.
- Caused financial loss to federal health care programs.
Health care practitioners must have the knowledge that the information blocking violation is unreasonable and that the practice will discourage access to EHI. After the OIG determines that information blocking has occurred, it will refer the complaint to CMS to impose penalties.
If a MIPS clinician is determined to have committed information blocking, they will receive a “zero” score on the MIPS Promoting Interoperability performance category. The penalty will be imposed for the MIPS payment year during which the OIG notifies CMS that information blocking has occurred. However, this penalty does not apply to small practices (15 or fewer clinicians) that receive reweighting of the Promoting Interoperability performance category, as long as they do not submit data for the performance category.
Disincentives will be effective 30 days after the rule is published. However, no disincentives will be applied before the effective date.
With respect to data for the MIPS Promoting Interoperability performance category that is submitted as a group or virtual group, the final rule clarified that if the OIG determines the group has committed information blocking, CMS will apply the disincentive at the group level. However, if OIG determines that a single MIPS eligible clinician within a group has committed information blocking, CMS will apply the disincentive to the individual MIPS eligible clinician.
Similarly, ONC clarified that MIPS eligible clinicians will not be penalized for information blocking actions of a hospital they are affiliated with. Therefore, if a hospital commits information blocking, it will be subject to the separate penalties established for hospitals, but clinicians will not be penalized under MIPS simply for being affiliated with the hospital committing information blocking.
In addition, after a disincentive has been imposed, ONC will post on its public website information about the individuals who have committed information blocking, including the person’s name and business address, the information blocking practice, and the disincentive applied.
More information on the information blocking enforcement final rule is available in the College’s Risk and Compliance Toolkit.
The Advocacy Council – ADVOCATING FOR ALLERGISTS AND THEIR PATIENTS.
* “Actor” is used by ONC to encompass providers, health information networks, health information exchanges, and health IT developers of certified health IT. These two exceptions are not primarily utilized by providers – they are utilized more often by the other “actors.”
