Your Guide to the New Info Blocking Rules


What is information blocking?

Information blocking is any practice that makes it harder to get access to, exchange, or use EHI. Information can be blocked in a variety of ways, some overt and some more subtle, including the use of proprietary software and message standards, siloed databases, onerous procedures, and costs for fulfilling data requests. It is a regrettably common practice.

The rule does allow for eight situations where requests for access, exchange, or use of EHI can be denied or limited without violating the information blocking provisions. Every provider has to pay close attention to the limits of these exceptions.

The exceptions help make clear what information blocking is and what isn’t, providing the confidence necessary to invest in freeing all healthcare data that does not fall under one of the exceptions. Read more about the 8 exceptions.


Why is the ONC accelerating interoperability, APIs and patient control of data?

While nationwide healthcare data interoperability is recognized to be of immense benefit to the entire healthcare system, and actually required by HIPAA, movement toward it has been slowed by poor incentives and enforcement, the absence of real market drivers, and the resistance of incumbents who have a business interest in the status quo. The ONC rule is intended to drive behavior change by providers and technology companies to ensure that EHI can routinely be exchanged and used without special efforts and that patients can get their own EHI in a form they can understand and use.

So, while the rule really sets only a minimal standard, everyone in the healthcare system needs to be aware that this is only the first step in a long-term interoperability effort and they should find suitable partners and develop an interoperability road map. Meeting only the currently required data standard will inevitably result in significantly more work in the future, as these requirements evolve.

Read more about data management and accessibility in our blog post: Time’s Up: Interoperability and Patient Data Access Requirements are Here

Download the Whitepaper

Download the whitepaper for a primer on what the rules mean and how you can use technology solutions to comply. Are You Ready? Things You Need to Know About the New Federal Rules to Prevent Data Blocking and Improve Interoperability

Things you need to know about the new federal rules to prevent data blocking and improve interoperability

Change Is Necessary, Interoperability is Long Overdue

There are several reasons why diagnostic images have not become part of the patient record demanded by previous federal rules. Some of the most prevalent include reluctance of large market incumbents to change their ways of doing business to allow for greater flexibility in data access; resistance by the industry to make investments in standards-based technology to facilitate interoperability; and perceived technical challenges in managing unstructured data. Vendors want to defend their market shares, hospital systems want to minimize referral leakage, and few parties want to invest in interoperability unless it is directly tied to revenue. The incentives in place in today’s healthcare system encourage vendors and providers to retain data and maintain barriers to interoperability.

Forces from outside of this walled healthcare garden, however, are quickly making this system of siloed data untenable, including ambitious tech giants with powerful data platforms, patients advocating more vocally, and the federal government demanding changes.

The industry must prepare for this increasing demand for a truly interoperable and interconnected system. In order to achieve a workable system for storing, managing and distributing diagnostic images (one of the most essential parts of healthcare data), the following things must change.

Read more about these changes in our blog post: Ensuring Portability and Patient Ownership of Health Data: The Great Potential of ONC’s Proposed Interoperability Rules

What does an interoperable healthcare system in action look like?

The interoperability and data sharing provisions of the 21st Century Cures Act will create an interoperable healthcare system and democratize data via vendor-agnostic tools for unimpeded flow of clinical data.

Hear more about the benefits of an interoperable healthcare system in the podcast below.

podcast on interoperability in healthcare

Interoperability is Essential

Watch this video featuring Life Image CEO, Matthew Michela, highlighting the importance of access to imaging data in interoperability.

Originally published on Healthcare IT News.

Shifting Healthcare to a Consumer Centric Model

The coronavirus was a demonstration of why the rules were needed long ago. Under the Cures Act Final Rule, giving patients control of their medical data through smartphone apps and modern software isrequired. The rule supports a patient’s right to securely access and control their electronic medical records and requires healthcare and health IT to advance APIs and technology to make that happen.

While the HIPAA Right of Access Initiative already allows a patient to access their records in the form or format of their choice (e.g. via an online app), additional federal laws will strengthen this ability even further with big penalties for those who engage in information blocking. The rules break down barriers that lie within institutional practices and refusal to change approaches at a practice level that inhibit the inclusion of unstructured data elements, such as diagnostic imaging or pathology reports, with the rest of the patient history.

You will have to let patients control and own their own data. You will need the tools to be compliant. Providers need to act with urgency to implement interoperable technology. Things change very slowly in healthcare so this industry has to adjust a different pace or risk being obliterated in the market by new competitors from Silicon Valley that have already been solving more mature data problems.

Read more about consumerism and patient access to data in this article: Electronic Health Reporter: Consumerism, Telehealth and Patient Access To Health Data

What do the ONC Rules mean for providers?

There is also a tolerance among the industry for non-interoperability. CD-ROMs for imaging are a classic example of non-interoperability. Fax machines, still commonplace, is another example. Not only are there significant delays in acquiring records this way and inconveniences to patients who are running around or are mailing them around (which is not as secure as it needs to be), approximately 12% of all medical imaging on CD can’t be read. The technology to eliminate CDs and fax machines and digitize medical data and image exchange securely has existed for almost a decade-and-a-half, but there is an inherent delay in adoption of new technology by the healthcare delivery system.

Additionally, there are so many data standards in healthcare that it has become a problem. Every manufacturer, every software company creates their own mechanism of understanding, storing and sharing data and if it doesn’t match up with what another vendor has used than it’s not interoperable and you can’t access it. This can be compared to decades ago when, if you used a Mac and you couldn’t share your spreadsheets with somebody that used an IBM machine as an example. Then they became more interoperable. Healthcare is evolving into that space.

Ultimately, providers have to be able to expose data, right, using a category of a standard, right, in creating APIs or standard ways of understanding data and being able to access it.

Watch this short episode explaining how the rules put everyone in healthcare in the interoperability business on HIMSS TV.

The Hospital Finance Podcast: Complying with ONC Info-Blocking Rules

In this podcast Matt Michela, President and CEO of Life Image, discusses the ONC’s new info-blocking rules and what they mean for providers.

podcast on what the onc rules mean for providers

Health Data Sharing or Consequences

Consequences for failing to comply with the requirements for data sharing will be hefty. Electronic medical record (EMR) providers, HIEs and HINs are the entities subject to civil and monetary penalties of up to $1 million “per event” enforced by the Office of the Inspector General.

Perverse incentives, status quo bias and entrenched competitiveness have all contributed to a suboptimal system, where information is too often inaccessible. The problems are both technical and procedural. The change will be difficult and expensive, and no market participant will change unless there are clear positive and negative incentives, and coordination so that everyone moves forward together.

With these incentives in place and a clear path forward, eager healthcare innovators will gain access to the data needed to create the next generation of healthcare technology.

Read more in our blog post: ONC Takes Aim at Data Sharing and Interoperability

Interoperability and Health IT under the Biden Administration

President Biden’s selections for the Department of Health and Human Services (HHS) are known to be strong advocates for interoperability, including Dr. Rachel Levine as HHS Assistant Secretary and Micky Tripathi appointed as the National Coordinator for Health IT.

Dr. Levine is a strong proponent of interoperability with a keen understanding of the value it offers in supporting public health initiatives. During her tenure as Pennsylvania Health Secretary, and prior to that as the state’s physicians general, she was instrumental in leading interoperability of health systems in the state to be an example to the rest of the country.

ONC, a department under HHS, has not paused interoperability efforts. Tripathi has self-proclaimed as “bullish” on driving interoperability and advancing the national health information technology framework, and his demonstrated background in health IT and participation in interoperability advocacy groups, such as The Sequoia Project, bode well for continued progress.

Read more in the article Diagnostic Imaging News: Biden’s Era of Interoperability

Increasing Healthcare Interoperability Means Tackling Corporate Responsibility and Transparency

Key leaders in the healthcare industry, including HIT vendors, providers, patients, new tech entrants and regulators, must take a comprehensive approach in tackling the intertwined issues of corporate responsibility and transparency to manage the ever-growing volume of healthcare patient data.

The guiding principle should continue to focus on the patient rather than the large incumbents attempting to control the dialogue. Similar to the public health effort to reduce disparities such as social determinants of health, this will have to be a comprehensive effort sustained over time that takes special care to support and protect the most vulnerable among us.

We are at an inflection point. The pandemic has proven the dangers that can arise with the lack of data and knowledge sharing. Given this opportunity, let’s not make the terrible mistake of pushing the perception of change only to wish we’d seized the moment.

Read more on the importance of considering patient data privacy in this Forbes article: Increasing Healthcare Interoperability Means Tackling Corporate Responsibility And Transparency


Are you ready?
Things You Need to Know About the New Federal Rules to Prevent Data Blocking and Improve Interoperability


In March 2020, Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) released final rules on data interoperability, which are grounded in the 21st Century Cures Act, to drive the electronic access, exchange, and use of health information. ONC is responsible for implementing the interoperability provisions of the Cures Act to promote patient control over their own health information.

patient access to medical records and images


If you are found to have committed information blocking, HIT developers, HIEs and HINs face Civil Monetary Penalties (CMPs) of up to $1 million per violation. The penalties for providers are not certain at this time and subject to future rulemaking.


Patient’s Right to Access

Since 1996, the federal government has long recognized the rights of patients to access their health data under HIPAA, 45 CFR § 164.524. With limited exceptions, the HIPAA Privacy Rule (the Privacy Rule) provides individuals with a legal, enforceable right to see and receive copies upon request of the information in their medical and other health records in the form and format of their choosing.


What’s Different vs. HIPAA?

While the federal government has previously acknowledged a right to access, policy makers believe that industry “actors” have used and distorted HIPAA to prevent access for financial and business reasons (for example, to prevent leakage and customer defection to a competitor).

The belief is that information blocking behaviors have prevented the innovation, consumer convenience and transparency that have transformed all other sectors such as finance, travel, and retail. The Cures Act tasked ONC to define the rules and standards for health IT vendors and providers and CMS to define the regulations for Medicare and Medicaid insurers.

The final ONC rules are nearly 1000 pages. Three of the major policy provisions cover these topical areas:

  • Grant patient ownership of their data “without special effort” and at no additional cost
  • Penalize information blocking behaviors and define exceptions
  • Define the technology standards for application programming interfaces (APIs) for developers to gain access to data for innovation (population health, transparency in pricing, tools to help consumers make choices). The focus is on common industry standards such as HL7, FHIR, DICOM (for imaging), and others in order to move the sector from expensive proprietary programming that traps users (a.k.a. vendor lock-in).


U.S. Core Data for Interoperability (USCDI)

ONC expanded the data elements that constitute electronic health information (EHI) that are materially and clinically significant for patient care. The USCDI, a set of data classes and elements for interoperable health exchange, is now required to be used instead of the Common Clinical Data Set in multiple certification criteria, including “transmission to public health agencies – electronic case reporting”; “view, download, and transmit to 3rd party”; and “transitions of care.” Its use is also required as part of the new API certification.

For the first time, EHI also includes advanced data such as imaging reports that would include links, the image if it is stored within the electronic health record (EHR) and other access details (links) to retrieve the actual image if necessary.

US core data for interoperability


There are certain exceptions (click here for details) that allow an actor to not fulfill the request. However, these are specific exceptions for specific circumstances.

Eight exceptions are divided into two categories:

  • Exceptions that involve not fulfilling requests to access, exchange, or use EHI; and
  • Exceptions that involve procedures for fulfilling requests to access, exchange, or use EHI.

Preventing Harm Exception: It will not be information blocking for practices that are reasonable and necessary to prevent harm to a patient or another person.

Privacy Exception: It will not be information blocking if an actor does not fulfill a request to access, exchange, or use EHI in order to protect an individual’s privacy and in a way that is prohibited by state or federal privacy laws.

Security Exception: It will not be information blocking for an actor to interfere with the access, exchange, or use of EHI in order to protect the security of EHI.

Infeasibility Exception: It will not be information blocking if an actor does not fulfill a request to access, exchange, or use EHI due to the infeasibility of the request. For example, a lack of technological capabilities.

Health IT Performance Exception: It will not be information blocking for an actor to take reasonable and necessary measures to make health IT temporarily unavailable or to degrade the health IT’s performance for the benefit of the overall performance of the health IT. For example, health IT needs to be taken offline temporarily for upgrades or maintenance.

Content and Manner Exception: This exception supports innovation and competition by allowing actors to first attempt to reach and maintain market negotiated terms for the access, exchange, and use of EHI. For instance, if a request cannot be fulfilled in the manner requested, the request may be fulfilled in an alternative manner (content and manner). If that is not possible, it might be infeasible to fulfill the request (infeasibility).

Fees Exception: It will not be information blocking for an actor to charge fees, including fees that result in a reasonable profit margin, for accessing, exchanging, or using EHI. While actors can charge fees to develop or provision technology/services that enhance interoperability, the actor can not charge opportunistic fees or engage in fee practices that block access.

Licensing Exception: It will not be information blocking for an actor to license interoperability elements for EHI to be accessed, exchanged, or used. This exception seeks to protect the value of innovation and allows the charging of reasonable royalties and return on investment to develop those innovations.


Intended Policy Goal

The policy intent for the new ONC rules is to put patients at the center not only with groundbreaking advancements but improvements to a care delivery experience that is often frustrating and confusing into a more convenient and satisfying one.


Patient Requests Through a Third-Party App

Denying requests from a third-party app is also not allowed unless the situation meets one of the exceptions. In fact, the policy goal behind the data blocking and improving interoperability rules are to encourage app development and patient-centered tools.

Life Image Solutions to Enable Compliance

Formed in 2008 to solve the image exchange problem, Life Image has a mature technical solution used by 90% of the top hospitals in the United States. We are now the largest global medical evidence network specializing in the sharing of imaging data and related clinical information. Our network represents more than 13,000 facilities with 160,000 providers in the U.S. and 58,000 global clinics that are underpinned by a digital platform that integrates into physician workflow, EHRs and databases including PACS and VNAs. We enable a large global ecosystem of hospitals, physicians, patients, life sciences organizations, medical device companies, AI providers, researchers, telehealth companies, and EHRs.

Life Image began solving this problem nearly 15 years ago and developed a digital platform with applications using common standards so that the exchange of medical images and related data only takes moments.

Provider Exchange

Coordinate care 24/7 with referral sites on an episodic basis or respond at scale to a public health crisis. Reduce cost and infection risk by eliminating physical media.

Life Image Interoperability Suite: Enterprise image exchange

Interoperability Suite

The Life Image Interoperability Suite of enterprise solutions use common standards that do not force you into a proprietary technology stack. Life Image applications facilitate data exchange regardless of equipment or modality manufacturer, and connect to imaging databases across the enterprise of a health system and to a broader global network. Life Image’s Interoperability solutions are deployed in a variety of ways from being securely installed locally behind the hospital’s firewall, to cloud only running on a laptop or tablet.

Life Image Network Connector: Enterprise Image Exchange


The Life Image InterLife Image Network Connector (LINC) is a cost-effective solution to help healthcare entrepreneurs, imaging centers, community hospitals and physician groups improve imaging and clinical data exchange. LINC gives lower volume care providers the ability to digitally share directly with patients, referral sites, and tap into Life Image’s market-leading network of academic medical centers and health systems.

Enterprise image exchange for providers

Patient Connect Portal

Life Image’s Patient Connect Portal is utilized by major healthcare institutions today to enable the ability of patients to securely request, collect, store, and share their radiology images and other data with care teams. This capability meets federal requirements for patient right of access requests and provides longitudinal record collection to manage chronic or complex conditions.

Impact on Innovation

Now more than ever, healthcare needs to be able to digitize, visualize, virtualize, and curate all types of medical data at scale including diagnostic and pathology information without physical exchange. No more CDs, no more faxes, no more film or slides.

By putting the patient at the center through improved data interoperability, the intent is to catalyze innovation.

What can we do better? Everything from the big transformative discoveries to the incremental changes that address daily frustrations. We can enhance telehealth, teleradiology, business intelligence or AI to improve diagnosis and treatment decisions. We can build efficient clinical networks to curate patient data and advance research and therapy development. We can improve digital tools that help patients manage their health and wellness or navigate the system with logistical tools. We can apply AI in a scalable way to improve everything from business intelligence to diagnostics. And patients can finally own their own healthcare data to control who they want to share their information with, participate in clinical trials and contribute data as a citizen scientist.

Things you need to know about the new federal rules to prevent data blocking and improve interoperability

Download the Whitepaper

Interested in learning more about the new federal information blocking rules? Download the whitepaper to learn more: Are You Ready? Things You Need to Know About the New Federal Rules to Prevent Data Blocking and Improve Interoperability


Other Thought Leadership Resources

Forbes: ONC rule and Healthcare Innovatin

Forbes: How Much Impact Can A Small Federal Agency Have On Healthcare Innovation? A Lot, It Seems

Access to information fuels innovation. Many healthcare organizations have yet to think seriously about the importance of interoperability. Read more.

interoperability is not a threat

Electronic Health Reporter: Health Data Interoperability Is No Longer An Existential Threat

Life Image CEO, Matthew A. Michela, shares more about the noble goal to break down data silos. Read more.

Enterprise image exchange - Patient Access to Imaging Data Podcast

Matt Michela on Patient Access to Imaging Data Podcast

Nearly 40% of patients still get their images on CD. The path forward benefits both patients and providers by making all relevant data, including imaging, readily available and easily transportable. Listen to the podcast.

MedCity News- reevaluate views of patient data

MedCity News: It’s Time We Reevaluate Our Views Patient Data

Using patient privacy as a pretext to keep health data locked away is no longer acceptable. Read more.

National Archives and Records Administration

Read the Final Rule

Interested in learning more about the new federal information blocking rules? Read the final rule published by the Federal Register.