Patients to have More Control of Their Health Data Through the Use of Technology

By The Intersect Group

Amidst the coronavirus outbreak, the Department of Health and Human Services (HHS) has published “two transformative rules” that will have huge implications – not only for all Americans but specifically for the healthcare and technology industries.

The two rules, which are designed to ensure and protect patient access to healthcare data, also address the secure transfer of that data and information, including security measures, infrastructure and APIs (application programming interfaces). The rules are architected around the principle idea of putting patients first and giving them on-demand access to their health information in a consumable, easy to find and easy to understand way.

The lack of data information sharing in healthcare is notably behind, and it is detracting from patient care, potentially leading to poor health outcomes and higher healthcare costs for Americans. By granting patients better access to their own healthcare information, the rules enable patients to make more informed decisions, both in the way they manage their care and in the way they budget for it.This monumental shift and exchange of healthcare information will drive subsequent demand in IT in the months to come, including security, network and development needs.


What You Need to Know

The HHS Office of the National Coordinator for Health Information Technology (ONC) and Centers for Medicare & Medicaid Services (CMS) are behind the two new rules, detailed below.

Both rules signify the most significant healthcare information sharing policies the government has ever passed, requiring both governmental and private entities to share health information between patients and other parties, while keeping that information secure and private.

Here are the details:

  • The 21st Century Cures Act (Cures Act), also being referred to as the ONC rule (, is designed to prohibit “information blocking.” Per the ONC: “The rule is designed to give patients and their healthcare providers secure access to health information. It also aims to increase innovation and competition by fostering an ecosystem of new applications to provide patients with more choices in their healthcare. It calls on the healthcare industry to adopt standardized application
    programming interfaces (APIs), which will help allow individuals to securely and easily access structured electronic health information using smartphone applications.”The ONC rule requires that all patients have access their electronic health information (EHI), structured and/or unstructured, at no cost. To further support the access and exchange of this information, the rule outlines eight exceptions to the definition of information blocking.


  • The Interoperability and Patient Access rule (CMS-9115-F), also being referred to in shorthand as the CMS rule (, requires health plans in Medicare Advantage and other federal programs to share claims data electronically with patients. All Medicare and Medicaid participating hospitals are to “send electronic notifications to healthcare facilities, community providers or practitioners when a patient is admitted, discharged or transferred (known as ADTs). These ADT notifications lead to better care coordination and improve patient outcomes by allowing a provider, facility or practitioner to contact the patient and deliver appropriate follow-up care in a timely manner.”


The goal of both of these rules is simple: To enhance the delivery of healthcare in a way that is affordable, personalized and puts patients in control.

Why It Matters

In general, healthcare is behind when it comes to personal access to healthcare information and data. Specifically, the industry is behind when you consider the tools and technologies in which to access and share that information, including mobile apps, APIs and the like.

Much in the same way that you can manage your personal finances or itineraries for travel online, for example, these new rules put patients back in the driver’s seat of their healthcare information. For humorous context, the best example of how our current healthcare system works can be seen in this 2010 YouTube video, If Air Travel Worked Like Health Care. It is a painfully accurate parody of the frustrations felt by millions of Americans about their limited access to healthcare information today.

Historically, patient information has been stored and maintained by health IT organizations in silos – and they charge for access to it. Not only is this limiting to a person’s right to their own healthcare information, but it also fragments care, drives up costs and contributes to information blocking, as detailed by the ONC.

Under the provisions of these new rules, patients will be able to shop for, compare and coordinate healthcare on their own terms and through the use of technology, enabling price and product transparency. Additionally, by making health information more accessible, including claims, patients can move more easily from plans and providers, as they wish.

Key Dates

  • Effective January 1, 2021, plans in the federal programs will be required to “share claims and other health information with patients in a confidential, secure, understandable, user-friendly electronic format through standard patient access APIs.”
  • Beginning April 1, 2022, the CMS is requiring that states send enrollee data daily for beneficiaries enrolled in both Medicare and Medicaid.

New Healthcare Rules, New IT Needs

As a result of the two new rules, critical IT professionals will be needed in order to fulfill the stipulations being set forth by the Department of Health and Human Services.

In support of the ONC and CMS rules, we anticipate demand for::

  • Database Developers, including SQL and/or Oracle,
  • A range of ETL Developers,
  • Data Analysts,
  • Business Intelligence (BI) Analysts,
  • And the like.


The rules, which intend to establish secure, standards-based application programming interfaces (APIs), will require patient access support and a close monitoring of electronic health information. Desktop support, call centers, data security analysts and other services will also likely be needed as a result of the new rules.

As more people access their electronic health records (EHR) through mobile devices like their smartphones and tablets, there will be a new demand for health IT usability. These demands will include user experience, interoperability and security, all designed to help improve the exchange of electronic health information for individuals.

If you are looking for an IT partner to navigate the ONC and CMS rules, please reach out to us. For more information on our specialization in IT staffing, please go to:

Download the full whitepaper >>