Why Healthcare Executives Should Take a Strategic Approach
to Compliance with the New Interoperability Rules

3 September 2020
By Claudia Miller, Chelsea Wyatt, Robert Schwartz, MD and Tonya Edwards, MD

Know where your organization stands:

Complete our eight-question readiness assessment and see your score.

Learn more

Rules from the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS) that became effective June 30, 2020, operationalize the 21st Century Cures Act, which enables patients to have greater access to their digital information. With the November 2 deadline for these rules looming, health systems are recognizing they need to take significant workflow and operational actions to comply. Above and beyond complying with the rules, providers can also leverage the work they are already doing to achieve broader IT and organizational strategic goals.

In this second article in a series aimed at helping health systems achieve compliance with the rules and interoperability, we explore the strategic implications and benefits of thinking beyond compliance. The first article in this series explains the interoperability rules and deadlines as well as the associated provider efforts that are required.

"Consumers are clamoring for their data and greater access, and demand for records during the pandemic has only grown, showing the immediate need for interoperability."

Interoperability Impacts Decisions Health Systems Are Already Making

Health system executives must approach interoperability not simply to comply with the rules but as a strategic advantage. This means taking immediate action to build a holistic interoperability roadmap. Why? The interoperability rules impact strategic decisions health systems are making today, such as those noted below.

Digital strategy should incorporate interoperability and patient data management strategies, including patient access to records through personal health records (PHR) and a digital front door. In fact, the digital front door will be hampered without strategic interoperability. Patient and consumer engagement are increasingly mediated via digital tools and platforms, which are in turn dependent upon the accuracy and quality of data and effective mechanisms for data exchange. As such, a health system’s interoperability plan must consider how requests for data received via digital platforms will be managed from a data-flow perspective.

Consumer Demand and Competitive Advantage
Consumers are clamoring for their data and greater access, and demand for records during the pandemic has only grown, showing the immediate need for interoperability. The following findings from a July Black Book Report[1] showed changing consumer perceptions of interoperability and the impact on the providers to whom they turn for their care. As patients expect and increasingly ask providers to share data, they will be dissatisfied when organizations are not ready. Ultimately, patients may redirect their care to organizations that promote interoperability and data access.

Consumer Demand for Interoperability

Source: Black Book Market Research Interoperability Survey 2020. http://www.digitaljournal.com/pr/4761739

Operational Changes

Health systems have already been altering workflows to address the dual system of care required for COVID-19 and non-COVID-19 patients, and the interoperability rules have wide-sweeping operational implications, requiring an enterprise effort. Two examples show the impact:

  • Clinical notes sharing: Patients or providers can request clinical notes, including progress notes, history of present illness, procedure notes, and even lab and imaging narratives. The health system is required to provide those notes or cite one of the eight blocking exceptions.

    To comply with this request, many operational areas need to work together. For instance, legal will need to work on the Health Insurance Portability and Accountability Act (HIPAA) and Release of Information form updates. Physician and clinical leadership will need to train clinicians on appropriate note content. Compliance will need to ensure staff are aware that they must share these notes to avoid public reporting. Digital and electronic health record (EHR) teams will need to provide the data. Health information management (HIM), the owners of Release of Information, now will need to include these notes in request responses. And the EHR, informatics and physician advisory councils will need to make updates to notes and ensure physicians clean up the problem list and understand implications of the new workflow.

    Significant change leadership is required to drive changes across all these areas to ensure not only compliance with interoperability but also a satisfying patient experience and understanding of the new note content.

  • National Plan and Provider Enumeration System (NPPES) updates: For minimum compliance with the rules, providers must update their contact information in NPPES. They can either do this directly, or a provider organization can aggregate updates through a delegate, such as the medical staff office.

    Leading health systems are taking advantage of the update requirements and strategically using the NPPES as a source-of-truth provider directory or enterprise provider master index to ensure all health system directories are in sync. They understand they can then use their provider index to enhance provider relationship management.

Regardless of the minimal compliance path or strategic path to interoperability, operational and workflow changes are both required.

EHR technology and interoperability strategy may play a factor in evaluating potential partnerships or ensuring existing partnerships are fruitful. In a Center for Connected Medicine survey from August 2019, 57 percent of health systems felt they were successful sharing data with patients, but less felt successful sharing data with other health systems (37 percent) and other partners (35 percent).[2] Holistically caring for the patient requires seamless interoperability between care partners. Partners who have the same approach to interoperability, and even the same systems, may be a best fit for growth strategies.

Penalties have been set for developers at up to $1 million per violation for information blocking. These penalties could be just as high for provider organizations once they are set. Providers that promote apps or an extension of their EHRs may be considered a developer, and providers with a health plan also must address the payor components. Moreover, delays in enforcement are short. Preliminary compliance dates begin November 2, and delays already announced for admission, discharge and transfer (ADT) notifications and Certified EHR Technology (CEHRT) pushed out compliance only three to six months. The deadlines may not be extended again. Likewise, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) is slated to drive enforcement and publish its rules for enforcement of information blocking in October, with no plans to delay.

Industry Developments
The ban on federal funding for a nationwide patient identifier was repealed August 4, allowing for a national identifier to facilitate patient data exchange. More than 99 percent of providers have adopted EHRs, paving the way for electronic data exchange.[3] HHS and ONC are providing monetary boosts to health information exchanges (HIE) for improved structure and innovation. ONC is discussing setting up a Trusted Exchange Framework (TEFCA), which will provide a network for national exchange of data. All these factors will drive continued growth of interoperable exchange.

The key is in aligning this effort with health systems’ current strategic agendas.

The Next Steps Matter

The key is in not adding one more thing to health system executives’ already-full plates; it is in aligning this effort with health systems’ current strategic agendas. We recommend taking immediate actions to prepare for compliance with the rules — aligning interoperability efforts with the current strategic agenda.

Start now by building an interoperability plan that will accelerate the health system’s strategic agenda, while meeting fall compliance deadlines.

Align with operational changes. In tandem with legal and operations, assess current policy, data flow, and interoperability and processes, identifying gaps. Focus on high-impact use cases — like clinical notes sharing — for data requests, and create an interoperability plan for all five provider requirements.

Sync with digital and patient engagement strategies. Determine how to facilitate sharing and patient points of contact with other digital and consumer engagement efforts like the digital front door.

Build data management into the strategy. A strong data management strategy is key to everything; this data now will be shared with patients, other providers and third parties to make holistic care decisions. Streamlining the numerous provider directories into a single source of truth with strong data governance and data management practices will ensure the data requirements are met for information blocking, NPPES and ADT, and evolve your strategic provider engagement efforts.

Initiate provider outreach. Individual providers will have to make the NPPES database updates themselves, and their notes now will be shared with patients. Begin education and evaluate bulk options, obtaining DirectTrust address early on to streamline the process and considering the role of an enterprise master provider database with up-to-date information.

Build a plan for patient and vendor outreach. Communication plans should be developed to ensure vendors are ready and patients understand how third parties may use their data.

Assess Readiness and Build a Roadmap

Pausing to assess the health system’s readiness for interoperability compliance can be a helpful step at this stage. Health system executives need to know where they stand in relation to the rapidly approaching November 2 compliance deadline to understand where it is most important to focus attention. We’ve prepared a simple assessment to help executives gauge their level of preparation. Complete this assessment to see how you score for readiness.

Take Survey Now

Our third article in this series discusses our steps health systems need to address for interoperability compliance and beyond.

Contact us
for a review of the rules and implications for your organization.


  1. Black Book Market Research Interoperability Survey 2020. http://www.digitaljournal.com/pr/4761739
  2. Center for Connected Medicine August 2019 Survey https://connectedmed.com/resources/improving-health-care-interoperability-are-we-making-progress/
  3. Pederson, Craig A. “ASHP national survey of pharmacy practice in hospital settings: Prescribing and transcribing—2016.” American Journal of Health System-Pharmacy, Volume 74, Issue

Learn More from the Authors

Claudia Miller
Associate Principal
[email protected]

Chelsea Wyatt
[email protected]

Robert Schwartz, MD
[email protected]

Tonya Edwards, MD
[email protected]

Related Content

Interoperability Deadlines Are Coming:
Are You Prepared?

Since the onset of the pandemic, CIOs have been leading through the crisis to deliver more, faster — with fewer operating, capital and human resources. With an already-full agenda, CIOs are now faced with looming interoperability compliance deadlines, effective November 2.

Read More >

Technology’s Role in Achieving Health System Imperatives in the Age of

For weeks, CIOs and their teams have supported their health systems in preparing for and combating the COVID-19 pandemic. As many look beyond the initial surge, CIOs face a new stage of challenges as they consider how to best leverage technology to help their organizations survive and ultimately thrive in the “new normal."

Read More >

Under Attack: Five Practical Steps to Thwart Increased Cyber Threats

While health systems have focused on the immediate health needs caused by COVID-19, cyberattacks have increased as hackers have exploited the outbreak's disruption. Learn five immediate key areas for health system focus that can have a positive impact on security and business continuity without incremental cost.

Read More >

Why Healthcare Executives Should Take a Strategic… - The Chartis Group