Another 21st Century Cures Act deadline is approaching. January 2022 is the current time period for healthcare payers to meet the mandate of creating an operational health data exchange as part of the Payer to Payer Data Exchange rule. While the language in the new interoperability rule explains some aspects of the mandate, there are many open questions about how to meet the requirements. Many payers are left wondering how to ensure compliance without specific guidance from The Centers for Medicare & Medicaid Services (CMS) and The Office of the National Coordinator for Health Information Technology (ONC).
Having raced to meet the July 2021 enforcement date for the first part of the rule on provider directories and patient access APIs, payers have little time to act on creating payer to payer health data exchanges, especially without enough information to go on. Yet, while it's possible CMS will still act to delay the deadline and allow time for publication of better rules, the risk is too great for payers to simply wait and hope for a reprieve.
What We Know about the Payer to Payer Data Exchange
On January 1, 2022, health plans regulated by CMS must exchange the USCDI v1 data set, in electronic form, at the patient's request, which is a one-time send. This will allow healthcare patients to take their health information with them as them move from a Sending Plan to a Receiving Plan, creating a cumulative healthcare data set.
The interoperability mandate also explicitly states the requirements for both sending plans and receiving plans, as well as guidelines about how to handle patient-initiated requests for health data transfers. There is also detailed information about how a chain of health data transfer might occur if and when a patient repeats this sending process multiple times. We go further into the process of transferring health records across systems in our paper.
What We Don't Know
The biggest hanging question is around the encouragement by CMS to use APIs for the transmission of health information from payer to payer. The question being: How?
Since the requests for health information transfers go to the sending plans, payers run into a potential technology barrier with the receiving healthcare plans. It's unclear whether the specifications for how to accomplish this data exchange was omitted in the language of the final rule. Perhaps CMS intended for the Patient Access API to support both "put" and "get" functionality. Perhaps they meant for plans to use Flat FHIR as a national standard to allow the push of the data from the sending plan. The explanation was not provided in the final rule.
Additionally, there are questions around how receiving plans should manage the healthcare data provided to them. The Receiving Plan is not required to treat the health data as their own, but it must be included in plan enrollee records. The rule is not proscriptive about how the data should be used, but indicates future requirements may come.
And all of this really just scratches the surface of the questions that remain around the data exchange rule, as the deadline for this part of the interoperability mandate quickly approaches. The Payer to Payer Data Exchange part of the rule was simply not written with the same level of sophistication as the Patient Access API section.
What Should Payers Do?
Payers must decide whether they want to become compliant in a manner that seeks to address the spirit of the rule or whether they want to take the shortest path to being compliant. From there, there are a number of steps they should take to find the shortest path to success.
Download this white paper for a comprehensive look at the Payer to Payer Data Exchange requirements for the exchange of health information between plans. We share our recommended steps to reach compliance and get closer to completing the journey toward real interoperability.