What physicians need to know
There’s nothing like landmark regulation released during a time of great uncertainty.
On May 1, 2020, the clock began ticking for health plans, providers and information technology (IT) developers to implement the Centers for Medicare & Medicaid Services (CMS) Interoperability and Patient Access final rule. For all of us struggling to cope with the COVID-19 “new normal,” there is more at stake with this coming wave of interoperability than may meet the eye. Now is the time to plan and take action.
What is the Interoperability and Patient Access final rule and why does it matter?
Put simply, individuals will have the option to take greater ownership and accountability for a broader and consolidated set of electronic health information (EHI) and, with individual consent, share that information with their health plan and providers. This will be supported by the creation of a system of regionalized data brokers who arbitrate the exchange of electronic health information with and from CMS-regulated health plans, providers and IT developers according to defined patient consent parameters. This new approach — the Trusted Exchange Framework and Common Agreement (TEFCA) — is still being considered by regulators but will likely follow the National Information Exchange Model (NIEM), a proven federal approach for the exchange of data within and across industries, including the Department of Homeland Security. This likely means that in the future:
Make no mistake, the new rule will create disruption in the health care marketplace. Federal regulators are doubling down on the idea that creating a more open system of exchange to a publicly owned virtual clearinghouse of claims and clinical data will force competition and innovation that is good for health care consumers. When the wave breaks, the health care landscape will look very different from today.
Why is interoperability particularly important to providers?
Historically, health plans and providers have been understandably reluctant to share information both for competitive and regulatory reasons. However, as the new rule is implemented, consumers will exercise increasing control as to how and with whom their EHI is shared. This will usher in unprecedented risk, including risk to privacy, as third-party developers are able to directly access patient data, and risk to monetization of data with the rise of new applications that circumvent traditional regulatory gatekeeping policy. Understandably, the costs to establish, maintain, audit and retain EHI will be borne by health plans, providers and potentially patients.
To stay relevant, health plans will need to embrace this new reality via a consumer-focused strategy and not just check the box. Survival requires not only getting on board with these newly defined needs but getting in front of them by putting the member at the center of value creation, while transforming how data is tracked and managed. This may take some deep, authentic introspection, and asking questions such as:
What does this rule mean for patients?
At its core, this rule is about transparency and giving individuals the ability to move across health plans and providers and have both their clinical and administrative information move with them and be accessible throughout their journey. Bottom line, certified IT developers will empower individuals to actively engage in their health care in an unprecedented way, through a seemingly limitless set of new use cases, such as these, at the highest level:
What to expect
In the near term, the industry will continue to lobby for scaled-back regulatory requirements and a longer implementation timeline. There will be operational pressure for health plans and providers to comply by adopting new technologies, workflows and governance models, as well as new investment and rapid growth of third-party developer solutions combined with a race to prototype, test and market these products.
Longer term we will see:
How should you respond?
First, it’s important to understand where you’re at and where you need to go. This includes launching a readiness assessment, governance, program planning and execution. Whether you’re a family practice in a retirement community or a publicly traded insurance carrier with a Medicare Advantage plan, you’ll need to evaluate options, ensure you meet the requirements, and align resources to pivot to take advantage of the changes coming.
Key drivers for providers
Customer experience
Ensure your brand strategy is centered on trust and establishes an authentic emotional connection with your members. Every member acquisition and retention touchpoint should be crafted with care, not only providing the information required but finding ways to anticipate member and prospective member needs. Also be sure your digital products and services are effortless to use, removing all points of friction and finding opportunities to increase engagement by personalizing content via insight from customer data. A well-designed customer experience will build brand preference, increase conversion and result in long-lasting relationships.
Strategic partnerships and vendor management
Understand your health information exchange and ensure you’re informed, proactive and strategic in how to collaborate with QHINs. Don’t just turn on FHIR APIs as a check-the box exercise. Develop short-, medium- and long-term strategies to identify, vet and partner with ONC-certified third-party developers to capitalize on innovative ways to improve patient experience and support better care coordination, both during a pandemic and in the new normal. Establish partnerships with QHINs and certified developers that enable a shift from seeking to control customer data, to a stewardship model that empowers member access. Prioritize your digital product development and vendor selection roadmap to remain relevant and viable as a business.
Regulatory compliance and data security
Have proven-effective compliance policies to inform third-party developer vendor selection. Ensure you have the right people, processes and technology for effective delegated entity oversight of interoperability technology vendors. Include new governance models for member consent, data sharing, patient privacy and data security, and monitor and audit systems and processes for:
Have best-in-class operational and technological capabilities to support members in their care journey and operational and technological capabilities to support providers in care coordination. Build in the ability to adapt quickly to evolving federal trusted exchange requirements, and ensure your member enrollment processes capture data-sharing consent. Include rapid risk stratification and predictive modeling at member enrollment, and take a proactive approach to member outreach, coordination and care management. Improve quality measurement to direct value-based care/payment and cost-containment investments.
Understanding the trusted exchange and how to work with it can provide you with a key strategic advantage. To stay relevant in the new normal, understand the evolving trusted exchange and interoperability rules and develop the infrastructure to integrate them into your business, invest in partnerships that enables best-in class-data as service to drive customer experience and optimize your relationship with trusted exchanges.