As the digital pillar undergirding the structures that support Michigan’s learning health systems, MiHIN monitors the environment for issues related to regulatory and legal frameworks and behavioral expectations. July’s THE DOWNLOAD featured Shreya Patel, MiHIN Chief Policy and Privacy Officer, who presented a broad overview of general themes taken from recent policies that impact our ecosystem, including insights on information blocking, behavioral health information exchange and cross-sector data sharing.
Information Blocking
Information blocking is an initiative out of the office of The National Coordinator for Health (ONC), that prohibits actors from engaging in practices that are likely to interfere with the access, the exchange, or the use of electronic health information. The three sets of actors subject to this rule are healthcare providers (which is a term used very broadly and covers almost all healthcare stakeholders aside from state entities and payers), health information networks or exchanges (like MiHIN), and developers of certified technology as defined under the ONC Health IT Certification Program.
Enforcement parameters were released this year and noted that actors could be subject to up to $1,000,000 in fines if they are found liable for information blocking. The Office of the Inspector General, the entity in charge of enforcement, will be the final determiner of whether claims are brought against an actor or not.
MiHIN supports our stakeholders staying compliant with this rule. Participation in the MiHIN network alone shows good faith in exchange with a variety of participants. MiHIN can also assist with internal flows or documentation surrounding how participation in our network can help our participants remain compliant when in receipt of a request to share information. Documentation that displays uniformity in how we’re responding to a request has been key to this initiative.
Behavioral Health Information Exchange
42 CFR Part 2 is a federal regulation that preceded HIPAA and protects the confidentiality of substance use disorder records that come from defined Part 2 facilities. This regulation is in place to prevent the stigmatization and discrimination that can come from other entities or individuals finding out that someone receives treatment at a Part 2 facility.
MiHIN’s Chief Policy and Privacy Officer often receives questions regarding differences between behavioral health information (more generally) and Part 2 information. The way she describes it is that behavioral health is the large, overarching umbrella that covers many types of information, including mental health information, substance use disorder information, information coming out of general medical facilities, as well as information coming from defined substance use disorder facilities. Those defined substance use disorder facilities would impart Part 2 information and are just one part of the giant behavioral health bucket.
According to guidance provided by The Substance Abuse and Mental Health Services Administration (SAMSA), if behavioral health information is shared from a more general medical facility, that information is not considered to be Part 2 information and can be shared in the same way that other information is shared under HIPAA. It is only when information flows from those defined Part 2 facilities must we ensure that consent is in place by the individual. The newly proposed rule for Part 2 did not take away any of the requirements that consent is needed prior to sharing Part 2 information, but it did clarify that one single consent can be ongoing.
MiHIN’s Electronic Consent Management Service use case was created to capture consent at the Part 2 facility, which is still a requirement that must be in place. We encourage all stakeholders to participate in our collaborative forums regarding our e-consent efforts to delve into how our solutions adapt with changes in the regulation, including but not limited to offering privacy tagging or segmentation solutions.
Cross-sector data sharing
Cross-sector data sharing is a key emerging federal priority. Cross sector data sharing is the sharing of healthcare information in a bi-directional manner with community organizations or actors who are not typically classified in the health care space, but ones that still do perform important services for preventative purposes or need important healthcare information.
The hospital Inpatient Prospective Payment System rule, or IPS, and the Long Term Care Hospital and Prospective Payment System rule or LTCHPPS are published by CMS and set base payment rates for certain services or certain items. Typically, these prospective payment system rules propose changes to hospital reporting requirements, and those dictate how entities will receive Medicare funding for that year in subsequent years, depending how readily and well they meet certain metrics.
The 2023 rules emphasized health, equity, social determinants of health and health related social needs, pushing for hospital commitment to help equity measures and encouraging improved data, collection, data, analysis, quality, improvement, and leadership engagement from hospitals as well.
These rules wanted to examine how social determinants of health could be attributed to clinical and non-clinical factors, which supports similar regulatory efforts to bring SDOH information into the HIPAA realm, so that it can be shared more readily. HHS, too, has a proposed rule out on changes to the HIPAA privacy rule which would clarify if and how to share information with CBOs.
Through our cross-sector data exchange program, MiHIN has been proactive and collaborating in multiple forms to answer the question of how best to share this information across our network, so that hospitals are able to meet this measure more easily, and other health care stakeholders are also able to exchange this information.
These conversations have been challenging, requiring legal interpretation by many organizations who differ in their interpretation of the language and the guidance that HHS has put out thus far. MiHIN, through our pilot work and our vendor community of practice, is trying to reach a shared understanding that is functional for information exchange, so that sharing may occur sooner rather than later, allowing our stakeholders to move forward with these initiatives without being so dependent on the release of final rules.
For additional information on these and other policies, please visit www. https://mihin.org/the-download or contact us directly at help@mihin.org.
Michigan Multipayer Initiatives 