Under the 21st Century Cures Act final rule published in June, certified health IT developers and entities and health information exchanges and networks can be penalized up to $1 million for interfering with the access, exchange and use of electronic health information.
“The rule includes a provision requiring that patients can electronically access all of their electronic health information (EHI), structured and/or unstructured, at no cost,” ONC said.
HHS’ Office of the Inspector General said it will prioritize serious cases, such as those that cause patient harm, significantly affect a provider’s ability to deliver care, and cause losses to federal healthcare programs.
There are eight exceptions to information sharing, including privacy, security and preventing harm.
HHS is developing a separate rule for healthcare providers.
