Sample Information Blocking policies, procedures, and templates
Year Developed: 2022
Resource Type: Other.Primary Audience: Administrative Staff
Clinicians
PCAs
Secondary Audience: Board of Directors
C-Suite (CEOs, CFOs, CIO, COOs, CMOs, etc.)
Enabling Staff
Outreach Staff
Language(s): English
Developed by: HITEQ (See other resources developed by this organization).
Resource Summary: Tools for Health Centers to Comply with Rules Prohibiting Information Blocking
Resource Details: Steps in using sample information blocking policies, procedures, and templates from HITEQ: Conduct Initial Information Blocking Risk Assessment (Appendix A) as part of the organizational record, and update annually thereafter. For any organizational practices that appear on the list of suspected practices for Information Blocking (Appendix A, Section VI) Record the exact practice and current workflow, and assess whether any of the 21st Century Cures Act ONC exceptions apply using Appendix D: Information Blocking Exceptions and other references. For any practices that are reviewed where no exceptions apply, cannot be modified, and is/are necessary, document that the organization does not intend for the practice to result in information blocking. Develop/review policy/ procedure for reviewing/fulfilling requests for information. Ensure that process is non-discriminatory and expedient. Ensure that electronic and physical information requests are consistent in terms of consent, privacy, and legal requirements. Develop a process for documenting exceptions to requests Ensure that process aligns with the eight possible exceptions, noting that five allow for not fulfilling the request while the other three refer to procedures for fulfilling requests. Use other HITEQ information blocking process resources, including Appendix D: information blocking exceptions Implement documentation for exceptions on a case-by-case basis Develop a process for responding to requests, either where information will be shared and access maintained or where the request will not be fulfilled, and the reason needs to be communicated. Review and adopt information blocking complaint procedures (Appendix E) Use Appendix G as a template for investigation workflow. Use Appendix H to document the investigation. Document complaints, incidents, and related responses and/ or actions Use Appendix F - Incidence Response Log to document this.
Resource Topic: Health Information Technology (HIT)/Data
Resource Subtopic: , Privacy and Security, Operational Feasibility, Research and Data.
Keywords: Content Management System (CMS), Data Collection, Management, and Analytics, Health Care Facilities, Health Information Exchange (HIE), Privacy/Protected Health Information (e.g., Health Insurance Portability and Accountability Act (HIPAA)).This project is supported by the Health Resources and Services Administration (HRSA) of the U.S. Department of Health and Human Services (HHS) as part of an award totaling $6,625,000 with 0 percentage financed with non-governmental sources. The contents are those of the author(s) and do not necessarily represent the official views of, nor an endorsement, by HRSA, HHS, or the U.S. Government. For more information, please visit HRSA.gov.