CMS Guidance Offers Clarity on MACRA Data Blocking Component | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

CMS Guidance Offers Clarity on MACRA Data Blocking Component

October 30, 2017
by Rajiv Leventhal
| Reprints

The Centers for Medicare & Medicaid Services (CMS) has released new guidance on the information blocking portion of MIPS (the Merit-based Incentive Payment System).

In its release of the MACRA (Medicare Access and CHIP Reauthorization Act of 2015) final rule last year, CMS reiterated its position on information blocking, saying participating providers and hospitals are required to demonstrate cooperation with provisions concerning blocking the sharing of information and separately, to demonstrate engagement with activities that support providers with the performance of their certified EHR (electronic health record) technology such as cooperation with ONC (the Office of the National Coordinator for Health IT) direct review of certified health information technologies.

As outlined by CMS in new guidance released this month, “MIPS-eligible clinicians show that they are meeting this [information blocking] requirement by attesting to three statements about how they implement and use certified EHR technology (CEHRT). Together, these three statements are referred to as the ‘Prevention of Information Blocking Attestation.’” The three statements to which providers are attesting to are:

  • A MIPS-eligible clinician must attest that they did not knowingly and willfully take action (such as to disable functionality) to limit or restrict the compatibility or interoperability of CEHRT.
  • A MIPS-eligible clinician must attest that they implemented technologies, standards, policies, practices, and agreements reasonably calculated to ensure, to the greatest extent practicable and permitted by law, that the CEHRT was, at all relevant times.

              ---Regarding this statement, the guidance clarified that providers are not expected to have technical skills, but rather they should inform health IT developers, implementers, and others who are responsible for implementing and configuring your CEHRT of the requirements.

  • A MIPS-eligible clinician must attest that they responded in good faith and in a timely manner to requests to retrieve or exchange electronic health information, including from patients, healthcare providers, and other persons, regardless of the requestor’s affiliation or technology vendor. 

              ---Notably, the guidance stated here, “You can still attest to statement 3 if, in good faith, you restricted access to information for reasonable purposes, like to make security upgrades or keep patients safe. You also will not be responsible for restricting exchange or interoperability that you could not have reasonably controlled.”

Interestingly the guidance said that providers do not need to show CMS documentation to prove they have acted in good faith to use their CEHRT to support the appropriate exchange of electronic health information, or not block information.

The guidance further said that all MIPS-eligible clinicians who report on the advancing care information performance category (the new meaningful use under MACRA) must attest to the prevention of information blocking attestation. If reporting in a group, if one clinician in the group fails to meet the requirements of the “Prevention of Information Blocking Attestation,” then the whole group would fail to meet the requirement.

The guidance continued, for providers to earn a score for the ACI performance category, they “have to act in good faith when they implement and use their CEHRT to exchange electronic health information. This includes working with technology developers and others who build CEHRT to make sure the technology is used correctly and is connected (and enabled) to meet applicable standards and laws.”

Eligible providers must also ensure that their organizational policies and workflows are enabled and do not restrict the CEHRT’s functionality in any way. For example, if the provider’s CEHRT gives patients access to their electronic health information or exchanges information with other MIPS eligible clinicians, they practice must use these capabilities. 

A key point that stakeholders have brought up is that information blocking can be outside of providers’ control since some of the onus falls on their vendors. But as the guidance stated, “We recognize that circumstances beyond a MIPS eligible clinician’s control may limit the exchange or use of electronic health information. This is why the “Prevention of Information Blocking Attestation” focuses on whether you act in good faith to exchange electronic health information and your particular situation.” This focus takes into account a MIPS-eligible clinician’s individual circumstances, such as: practice or organization size; how much technology it has; and what its CEHRT can do.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



NIH Releases First Dataset from Adolescent Brain Development Study

The National Institutes of Health (NIH) announced the release of the first dataset from the Adolescent Brain Cognitive Development (ABCD) study, which will enable scientists to conduct research on the many factors that influence brain, cognitive, social, and emotional development.

Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.

Report: Healthcare Accounted for 45% of All Ransomware Attacks in 2017

Healthcare fell victim to more ransomware attacks than any other industry in 2017, according to a new report from global cybersecurity insurance company Beazley.

Study: Use of EHRs Does Not Reduce Administrative Costs

A recent study by Duke University and Harvard Business School researchers found that costs for processing a single bill ranged from $20 for a primary care visit to $215 for an inpatient surgical procedure, or up to 25 percent of revenue.