The proposed rules, published April 10, 2013, set forth three changes to the current regulations:
- extending the sunset date of the exception and safe harbor (currently December 31, 2013) to at least December 31, 2016;
- removing the current requirement that all donated software include electronic prescribing provisions;
- changing the definition of interoperable currently used by the exception and safe harbor.
In addition to these changes, the proposed rules address and solicit comment on several open-ended proposals contemplating changes to a number of regulations, including who should be permitted to donate EHR technology (protected donors); how to best address problems of data lock-in and exchange; and what clarifications, if any, are needed with regard to the technologies eligible for donation. Each is addressed in turn below.
Many have expected that the EHR donation protections would be extended, despite the fact that their original intent to encourage the adoption of EHR was bolstered in 2009 by the significant direct federal incentives provided for by the Electronic Health Record Incentive Program (the Meaningful Use Program). In proposing the extension of the sunset, CMS and the OIG note that, while EHR adoption has increased significantly, such adoption is not nationwide and remains an important federal policy goal. That said, CMS and the OIG concur that some sunset date is deemed necessary, as the need for the protections is expected to diminish over time. If finalized, the proposed rules would extend the sunset to December 31, 2016 (the last year in which Medicare incentive payments are available for the meaningful use of EHR technology). Both agencies are requesting comments on this proposed date and note that other dates (such as December 31, 2021, the last year for Medicaid incentives) may be equally rational choices.
CMS and the OIG recognize that the current definition of interoperability has become outdated (as it refers to certifying bodies recognized by “the Secretary”) and is overly narrow (as it requires certification within the past 12 months). The proposed rules offer changes to correct these issues. First, noting that EHR certifying bodies are identified through the certification process of the Office of the National Coordinator for Health Information Technology (ONC), the rules propose changing “recognized by the Secretary” in both regulations to refer to bodies “authorized by the [ONC].” Second, the rules both recognize that the ONC issues revised certification criteria and standards every two years, not every year, and that not all changes invalidate prior certifications. Accordingly, the rules propose replacing the requirement for certification within 12 months with a requirement that, at the time it is donated, the EHR technology must conform with any edition of the electronic health record certification criteria identified in the then applicable definition of Certified EHR Technology at 45 C.F.R. part 170. In 2013, for instance, EHR technology can be considered “certified” where it meets either the 2011 or 2014 criteria.
The proposed rules would eliminate the requirement that donated EHR technology contain, or be capable of linking to, an electronic prescribing capability. The reasoning is straightforward. While still an important federal policy, the field has been preempted by the Medicare and Medicaid Electronic Health Record Incentive Programs and the Electronic Prescribing Incentive Program. Neither CMS nor the OIG believe that continued maintenance of the requirement is necessary, given the “great strides” made towards universal adoption of ePrescribing, and other significant policy drivers supporting the adoption of ePrescribing.
Chief among the more open-ended provisions as to which public comment is encouraged are the changes being considered regarding permissible donors of EHR technology. Under the current Stark exception, any DHS entity may donate EHR technology. The current antikickback safe harbor is equally broad. This reflects a deliberate decision in 2006 to expand the protections beyond those entities statutorily mandated, to encourage the widespread adoption of EHR technology. The proposed rules note, however, the OIG has received complaints of misuse of the protections (primarily regarding entities donating technology that “locked in” a stream of referrals) and, as a result, both the OIG and CMS are reconsidering whether protected donors should remain broadly defined. The proposed rules contemplate either limiting the pool of protected donors to a specific list of entities (such as only those entities specifically identified by the original statute: hospitals, group practices, PDP sponsors, and MA plans) or, in the alternative, retaining an all-inclusive list of protected donors, but specifically excluding certain types of providers and suppliers. More specifically, the OIG is concerned that laboratories and other suppliers of ancillary services may be abusing the safe harbor and exception. CMS and the OIG are also concerned that DME suppliers and home health agencies are incentivized by the nature of their business models to offer improper incentives to referring providers. CMS specifically requested comments regarding the best way to address these concerns.
Data Lock-In and Exchange
Many of the complaints received by the OIG, according to the proposed rules, have concerned the donation of EHR technology that met interoperability requirements on its face but, in practice “locked” providers into a referral relationship with the donating entity. Both CMS and the OIG have requested comments regarding changes to the regulations’ current treatment of interoperability that would facilitate the free exchange of data and better ensure that recipients of donated EHR technology remain free to refer patients as they see fit.
Electronic Health Records technology has evolved significantly since the current rules were promulgated in 2006. The proposed rules note that there is continued confusion with regard to what technologies (for instance, services that enable the exchange of data such as health information exchanges (HIE)) may be donated under the protections. While some additional guidance on these questions is provided in the rules’ respective preambles, the proposed rules request comments on ways to better clarify the protections’ coverage in the regulatory language itself.
In issuing the proposed rules, CMS and the OIG continue to promote the widespread adoption of health information technology while also acknowledging and seeking to address the advances made and lessons learned since the issuance of the exception and safe harbor. The extension of these protections should not come as a surprise and are welcomed by most in the industry.
The proposal to narrow the class of protected donors should not come as a complete surprise either. A number of states have established policies that a donation that is protected under the current federal rules will not necessarily be protected under the state’s laws. Considering the scope of protected donors and preventing data lock-in are important considerations for CMS and the OIG.
Given advances in technology, such as the proliferation of HIEs, further guidance and clarification of the permissible scope of donated technology would be helpful to the industry. Parties with interests in this area are strongly encouraged to take advantage of the OIG’s and CMS’s solicitation of comments by the June 10th deadline.
[EDITOR’S NOTE: Cathy Martin, who co-authored this alert, served as Senior Counsel with the Office of Inspector General (OIG) at the US Department of Health & Human Services within the Industry Guidance Branch from 2004 to 2007. During her tenure with OIG, she was involved in drafting the original EHR safe harbor.]
This article was co-authored with Joshua J. Freemire.