21st Century Cures Act and Information Governance

Keep up with the latest on information governance as this key strategy emerges for addressing a myriad of information management challenges in healthcare. This blog will highlight the trends and opportunities IG presents for ensuring information is treated as an organizational asset.

By Betty Rockendorf, MS, RHIA, CHPS, CHTS-IM


Regarded as a landmark bill, the 21st Century Cures Act was passed into law in December of 2016. It’s aims are lofty and it covers a lot of ground, including transparency, breaking down silos in healthcare, interoperability, and an electronic health record (EHR) reporting program, as well as issues related to medical research and approval process for new drugs and medical devices.

Healthcare facilities and HIM professionals should be very interested in the provisions that impact healthcare technology and how that relates to information governance. One section focuses on interoperability of EHRs and patient access to health data. There are a few things to watch for.

The law has “teeth” to penalize vendors who participate in information blocking—“that which interferes with, prevents, or materially discourages access, exchange, or use of electronic health information.” Vendors can be fined up to $1 million per violation and would potentially lose their EHR certification if they are not seen as interoperable. Vendors will need to be sure to listen and act accordingly because they have many clients who are relying on them and their technology. Healthcare facilities have to work with their vendors and be able to trust in them. It is difficult to switch vendors due to the cost, time involved, and the challenge of converting to a new platform so a collaborative relationship is necessary.

The Cures Act calls for a national Application Programming Interface (API) standard to cover authentication, security, auditability, and deeper data interoperability, to be completed by stakeholders and published within one year. Some vendors and directors of product management have pointed out that the deadlines imposed by the law are very aggressive and are not realistic. Considerable time and effort will be required and it is unlikely to be accomplished in one short year. It will be up to the Secretary of Health and Human Services to interpret and comply with the requirements.

The reporting requirements called for in the Cures Act require that EHRs include criteria on product security, user-centered design, interoperability, and certification that the EHR conforms to testing. As pointed out by Dr. John Halamka, CIO of Beth Israel Deaconess Medical Center, “. . . interoperability really means getting the information necessary for coordination of care to those who need it without too much difficulty. You could read the Cures language as making available every data element for every purpose to every stakeholder with no effort. That is just not realistic.”

As we get beyond all the talk of interoperability and into the action phase, organizations will want to communicate with vendors and be alert to the reporting that is required. This has been a long time coming and should lead to safer electronic health records. The healthcare industry should be seen as a community working together, sharing the challenges and how to fix the electronic records and data exchange.

You must ensure high quality, accurate data is entered into your local EHR and conduct an information asset inventory so that you know key information about the data, such as location and data owners, in order for your IG team to make informed decisions. Educate your staff on patient identifiers and ensure they have the right patient at the right time with the right information, as well as put the tools in place that help them with efficiency and accuracy in their electronic documentation. This will aid with interoperability initiatives.

Stay informed about the Cures Act by reading articles and sharing your learning with your IG team. Here are links to a few articles to get started:


Betty Rockendorf (rockendo@uwp.edu) is program director for the University of Wisconsin-Parkside Health Information Management and Technology program.

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This

Share This

Share this post with your friends!