Q2 2021 Newsletter - PMRG

What is “Information Blocking”?

The 21^st Century Cures Act defines information blocking as “the practice by a health IT developer of certified health IT, health information network, health information exchange, or health care provider that, except as required by law or specified by the Secretary of Health and Human Services (HHS) as a reasonable and necessary activity, is likely to interfere with access, exchange, or use of electronic health information (EHI)”.

The Office of the National Coordinator for Health Information Technology (ONC)has stated that an action would satisfy the information blocking provision’s “likelihood” requirement if there is a reasonably foreseeable risk that the action will interfere with access, exchange, or use of EHI.

What does Information Blocking mean for my practice?

In the final rule, ONC explained that a policy or action that limits timely access to information in an appropriate electronic format by limiting, disabling, or restricting the use or access to the EHI can be considered information blocking.

A practice might unknowingly block information from a patient.For example, a medical group that has the capability to provide a patient same-day access to their exam or office visit note but takes several days to provide it to the patient could be considered information blockers.Another example might be a medical group that has a policy that restricts access to patient lab results for a certain amount of time to permit review of the lab results by the provider.

Are there any Information Blocking Exceptions?

Yes.The following are exceptions to the Information Blocking provision of the 21^st Century Cures Act:

Exceptions that involve not fulfilling requests to access, exchange, or use EHI:

Preventing Harm – protecting patients and other persons against unreasonable risks of harm can justify actions that are likely to interfere with access, exchange, or use of EHI.
Privacy Exception – a medical group should not be required to use or disclose EHI in a way that is prohibited under state or federal privacy laws.
Security Exception – safeguarding the confidentiality, integrity, and availability of EHI.
Infeasibility Exception – legitimate practical challenges may limit a medical group’s ability to comply with requests for access, exchange, or use of EHI.
Health IT Performance Exception – for health IT to perform properly and efficiently, it must be maintained, and in some instances improved, which may require that health IT be taken offline temporarily making EHI temporarily unavailable.

Exceptions that involve procedures for fulfilling requests to access, exchange or use EHI:

Content and Manner Exception – provides clarity and flexibility to medical groups concerning the required contentof a response to a request to access, exchange, or use EHI and the manner in which the medical group may fulfill the request.
Fees Exception – allows medical groups to charge fees related to the development of technologies and provision of services that enhance interoperability.
Licensing Exception – allows medical groups to protect the value of their innovations and charge reasonable royalties to earn returns on the investments they have made to develop, maintain, and update those innovations.

What is the penalty for violation of this Act?

Section 4004 of the Cures Act outlines that violation by healthcare providers will be referred to CMS if they have made a fraudulent attestation under the MIPS Promoting Interoperability Program or to the Office for Civil Rights if there is a potential HIPAA violation. The OIG will outline additional penalties for providers violating the information blocking rules.

What action steps can my practice take?

Designate an individual within the organization to be the point person for both information blocking policy development and for any issues that arise from patient requests for EHI.
Review existing policies and procedures with regards to receiving, processing, and responding to requests to access, exchange, or use EHI and revise the policies as necessary.This process could also include creating standardized forms for receiving, processing, and responding to such requests and procedures specifying how access to EHI may be provided.
Contact EHR and online web portal vendors to ensure compliance with information blocking requirements regarding patient access to EHI.
Review your fee schedule for records requests.Provider offices should avoid charging patients—or their designated representatives—who request electronic access to their EHI through internet-based methods.
Evaluate and review agreements the practice has with IT vendors, hospitals, or other entities to ensure they comply with the information blocking requirements.
Establish a process to apply exceptions.
Document any new policy developed to comply with the information blocking provision of the act.Retain this document for six years from the date of its creation or the date when it was last in effect, whichever is later.
Train physicians, administrative and clinical staff on the importance of adhering to the practice’s information blocking policies.

Stay informed.The federal government is expected to announce additional information blocking policies in 2021.

Additional Resources:

https://ecfr.federalregister.gov/current/title-45/subtitle-A/subchapter-D/part-171

https://www.healthit.gov/topic/information-blocking

https://www.healthit.gov/curesrule/

Comprehensive Billing Report 202103

What is a CBR?

Comparative Billing Reports (CBRs) summarize Medicare claims data and distribute it to providers to provide insight into billing trends. Each CBR is unique to a single provider and is only available to that individual provider. CBRs are not punitive and will not be publicly available.

What is the purpose of a CBR?

These reports can help providers proactively assess any areas of increased risk and/or vulnerability and support efforts to ensure compliance with Medicare payment policy and/or accurate coding. Their purpose is to educate providers about vulnerable areas in the Medicare program and are meant to be a tool to encourage coding and billing guidance, education, and improvement activities.

What can your practice do if you received a CBR?

Ophthalmology Exam codes are vulnerable to improper payments typically because of insufficient documentation to support the eye exam code chosen. It is important to review the documentation in the note and choose the code carefully. A website has been established to assist providers who have received a CBR with information and resources to understand the report.

https://cbr.cbrpepper.org/About-CBR/CBR-202103

Recommended steps if you have received a CBR:

Conduct an Internal or External audit of comprehensive eye codes to ensure you are not over-utilizing the code(s) and that the documentation in the chart supports the selected eye exam code.
Address the CBR in your practice’s next scheduled compliance meeting. The minutes of the meeting should include the following information:
1. Acknowledge receipt of CBR
2. Recommend Internal or External Audit
3. Conduct Audit
4. Include audit results
5. Outline plan to address audit findings (i.e. employee/physician education on comprehensive eye code coding criteria, next scheduled audit, more frequent audits for a period of time to ensure proper coding, etc.)

To learn more about how PMRG can help with conducting audits and offering feedback and education for physicians and staff in your practice, contact us using the information below.