In today’s Federal Register, OIG and CMS propose three discrete revisions to existing regulations protecting the donation of electronic health records and solicit comments for potentially more far-reaching changes. The current safe harbor to the federal Anti-Kickback Statute (AKS), 42 C.F.R. § 1001.952(y), and the exception to the Physician Self-Referral Law (Stark), 42 C.F.R. § 411.357(w), protect certain nonmonetary donations of software, information technology and training services necessary and used predominantly to create, maintain, transmit, or receive electronic health records (EHR) if the donation is made prior to December 31, 2013. The proposed changes give additional time to make donations, allow greater flexibility in selecting the items or services to donate, and refine how to assess if a proposed donation satisfies the regulatory functionality requirements. In addition, CMS and OIG solicit comments on other potential revisions, most notably on excluding laboratories, durable medical equipment (DME) suppliers, and other ancillary service providers from the scope of permissible donors.
OIG and CMS are proposing parallel revisions to the AKS safe harbor and Stark exception. First, they propose to extend the sunset provision to December 31, 2016, which corresponds to the last year providers may receive Medicare EHR incentive payments under the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) and the last year in which providers can initiate participation in the Medicaid EHR incentive program under the HITECH Act. In the alternative, OIG and CMS are considering, and solicit comments on, other sunset dates such as December 31, 2021, which corresponds to the end of the Medicaid EHR incentive payments. Second, they propose to remove the requirement that the EHR software contain electronic prescribing capability based on their conclusions that alternate mechanisms, such as the Medicare Improvements for Patients and Providers Act of 2008 (MIPPA) and HITECH Act, are driving the adoption of electronic prescribing capabilities and that removal of this requirement would not increase fraud and abuse risks. Third, they propose to revise the mechanism donors can use to evaluate whether donated EHR meets interoperability standards. Current regulations require donated EHR to be interoperable, meaning “able to communicate and exchange data accurately, effectively, securely, and consistently with different information technology systems, software applications, and networks, in various settings, and exchange data such that the clinical or operational purpose and meaning of the data are preserved and unaltered.” EHR software “is deemed interoperable if a certifying body recognized by the Secretary has certified the software within no more than 12 months prior to the date it is provided to the recipient.” The proposed rules update two aspects of this deeming provision: 1) to be a certified body “recognized by the Secretary” an entity must complete an authorization process established by the Office of the National Coordinator for Health Information Technology (ONC); and 2) the current 12-month timeframe is replaced with a provision consistent with the ONC certification program. Specifically, if software is certified as meeting any edition of the then-current Certified EHR Technology regulation, that certified software would be deemed interoperable.
In addition to the specific changes proposed, OIG and CMS solicit comments on three other areas of potential revision. Most notably, in response to complaints that the current regulations protected abusive donations, OIG and CMS seek comments on proposals to narrow the scope of protected donors and specifically propose to exclude laboratories, DME suppliers, and other providers of ancillary services. The most restrictive option presented would limit the regulatory protections to donations by hospitals, group practices, prescription drug plan sponsors and Medicare Advantage organizations. OIG and CMS explicitly solicit comments on the particular types of providers and suppliers that should or should not be protected donors. Moreover, in response to concerns that currently protected donations are used to lock in referrals, OIG and CMS seek comments on what new or modified conditions can be added to the safe harbor and Stark exception to prevent “data and referral lock-ins” and “encourage the free exchange of data.” They suggest that such new or modified conditions can be an alternative to limiting the scope of permissible donors. Finally, they solicit comment on whether the regulatory provisions should be amended to expressly incorporate text from the preamble to the EHR safe harbor Final Rule which defines the term “software, information technology and training services necessary and used predominantly” for EHR purposes.
Comments to the proposed rules will be accepted until June 10, 2013.