HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

ONC Extends Deadline for Compliance with its Information Blocking and Interoperability Rule

The deadline for compliance with the information blocking and health IT certification requirements of the 21st Century Cures Act have been extended due to the ongoing COVID-19 pandemic.

On October 29, 2020, the US Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health IT (ONC) announced the release of an interim final rule with comment period that extended the compliance dates and timeframes for meeting certain information blocking and Conditions and Maintenance of Certification (CoC/MoC) requirements.

The ONC’s Cures Act Final Rule, released on March 9, 2020, defined exceptions to the information blocking provision of the 21st Century Cures Act and adopted new Health IT certification requirements which, through the use of application programming interfaces (APIs), would enhance patients’ access to their own health data through their smartphones at no cost.

Compliance deadlines were set for 2020, but health IT stakeholders expressed concern about meeting the deadlines due to the COVID-19 pandemic. On April 21, 2020, ONC announced that it would be exercising enforcement discretion with respect to the compliance deadlines and provided a further three months after the initial compliance dates for meeting all of the new requirements under the ONC Health IT Certification Program.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Due to the ongoing COVID-19 pandemic, ONC has now provided the healthcare ecosystem with further flexibility and time to respond to the COVID-19 public health emergency and has further extended to the compliance deadlines outlined in its April 2020 enforcement discretion announcement.

“We are hearing that while there is strong support for advancing patient access and clinician coordination through the provisions in the final rule, stakeholders also must manage the needs being experienced during the current pandemic,” said Don Rucker, MD, national coordinator for health IT. “To be clear, ONC is not removing the requirements advancing patient access to their health information that are outlined in the Cures Act Final Rule. Rather, we are providing additional time to allow everyone in the health care ecosystem to focus on COVID-19 response”.

The new compliance deadlines are now as follows:

April 5, 2021

  • Information blocking provisions (45 CFR Part 171)
  • Information Blocking CoC/MoC requirements (§ 170.401)
  • Assurances CoC/MoC requirements (§ 170.402, except for § 170.402(b)(2) as it relates to § 170.315(b)(10))
  • API CoC/MoC requirement (§ 170.404(b)(4)) – compliance for current API criteria
  • Communications CoC/MoC requirements (§ 170.403) (except for § 170.403(b)(1) – where we removed the notice requirement for 2020)

December 31, 2022

  • 2015 Edition health IT certification criteria updates (except for § 170.315(b)(10) – EHI export, which is extended until December 31, 2023)
  • New standardized API functionality (§ 170.315(g)(10))

The deadline for submission of initial attestations (§ 170.406) and submission of initial plans and results of real world testing (§ 170.405(b)(1) and (2)) has been extended by one calendar year.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.