What Public Health Leaders Need to Know About HTI-2 Proposed Rule

November 04, 2024 | Lillian Colasurdo, Lana McKinney, Alexandra Woodward

On July 10, 2024 HHS’s Assistant Secretary for Technology Policy/Office of the National Coordinator of Health Information Technology (ASTP) published the proposed rule: Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2). This rule, which advances interoperability and supports access, exchange, and use of electronic health information (EHI), represents a significant step towards strengthening public health data infrastructure and promotes interoperability between healthcare and public health entities. It proposes significant changes impacting public health agencies (PHAs) and removing barriers to EHI exchange, while attempting to streamline health IT processes.

Background

Two of the most significant federal laws passed in the past fifteen years for health data exchange are the Health Information Technology for Economic and Clinical Health (HITECH) Act and the 21st Century Cures Act. Together, these laws provided ASTP with authority to set standards for and certify heath information technology. ASTP’s certification program mandates that electronic health records (EHR) comply with the new standards and eligible providers and hospitals must use certified technology to be fully reimbursed by the Centers for Medicare & Medicaid Services. Additionally, these laws grant ASTP rulemaking authority.

Earlier this year, ASTP finalized the HTI-1 rule, taking substantial steps toward improving public health and healthcare data exchange. This rule requires EHR systems to support either HL7 Clinical Document Architecture (CDA) or Fast Healthcare Interoperability Resources (FHIR) standards for electronic case reporting, both of which enhance the data quality and timeliness for public health reporting. HTI-1 also directs EHR developers to track and report on the amount of data electronically submitted to Immunization Information Systems (IISs); that information helps improve vaccine product distribution and availability. While the rule sets the stage for a future transition to a FHIR-based approach for case reporting, there must be an adequate transition period for public health agencies. While HTI-1 took significant steps toward improving the way data is exchanged, primarily in the healthcare setting, the proposed rule HTI-2 aims to expand these standards to further benefit public health.

The HTI-2 expands upon the interoperability standards established in HTI-1 and aims to improve interoperability by revising the ONC Health IT Certification Program. It specifically proposes two new sets of certification criteria for IT developers that will benefit public health entities and payers.

Public health agencies face many barriers to efficiently exchanging data with healthcare providers and other entities including lack of common data standards, inconsistent reporting requirements, limited system interoperability, and inadequate public health data infrastructure. HTI-2 addresses these challenges by establishing certification criteria for public health technologies, creating a common floor to support data exchange. In addition, HTI-2 introduces changes to the Information Blocking Rule and provides transparency to Trusted Exchange Framework and Common Agreement (TEFCA) requirements.

Key HTI-2 Provisions

Certification Criteria, Standardizing Application Programming Interfaces (APIs)

HTI-2 proposes four standards and certification criteria that may impact public health systems. Depending on the criteria, ASTP proposes that many of them be implemented by the beginning of 2027 and 2028.

• Updating naming conventions and standards for existing functional criteria. There are currently nine functional (or “f”) criteria EHRs must meet to exchange data with public health agencies. The updated naming conventions and standards point EHR vendors and public health systems to the latest standards for implementation. Additionally, these updates include two new criteria for birth reporting and bi-directional exchange with a prescription drug monitoring program.
• Establishing new certification “f” criteria for Health IT so Public Health certified systems can receive, validate, parse, and filter standardized data. These functions will apply to immunization, syndromic, laboratory, cancer pathology, case, birth, and prescription drug monitoring program data.
• Adopting the United States Core Data for Interoperability (USCDI) version 4, a standardized set of health data classes and elements for interoperable health information exchange. Version 4 includes several new data elements relevant to public health, such as health status assessments (e.g., alcohol and substance use).
• Standardizing HL7 FHIR-based API for public health data exchange by creating new certification criteria to support ongoing development and transition to FHIR for patient and population-level data exchange. CDC and ASTP have noted potential benefits of increasing public health access to critical data while reducing the reporting burden on both healthcare organizations and developers. HTI-2 proposes similar certification standards and alignment for reporting to payers that comply with existing CMS API requirements.

Information Blocking Updates

The Information Blocking Rule requires that patients have timely access to their own electronic health records and prohibits healthcare providers and networks, HIEs, and developers from interfering with said access. When a public health agency serves as a provider, it is crucial to ensure that patients can access records in compliance with the existing rule. HTI-2 clarifies what constitutes “interfering” with the access and exchange and provides a non-exhaustive list of examples.

HTI-2 also proposes a new exception to information blocking—the Protected Care Access Exception—that would “apply to acts or omissions likely to interfere with access, exchange, or use of particular EHI that an actor believes could create a risk of exposing patients, care providers, and other persons who assist in access or delivery of health care to potential administrative, civil, or criminal investigations or other actions on certain bases.” This exception is particularly relevant for jurisdictions with more restrictive laws for sharing reproductive health data.

TEFCA Governance Rules

As ASTP and its Recognized Coordinating Entity (RCE), the Sequoia Project, seek to establish standards for implementing the Trusted Exchange Framework and Common Agreement (TEFCA), the proposed HTI-2 rule would codify one portion of the framework by establishing the qualifications for Qualified Health Information Networks (QHINs), onboarding and designation processes, the attestation process, termination and appeal rights, and ASTP’s formal authority to delegate responsibility to the RCE.

Conclusion

The HTI-2 proposed rule represents a significant step towards strengthening public health data infrastructure and promotes interoperability between healthcare and public health entities. It is specifically designed to “address gaps in public health data and help the nation become response-ready, promote health equity, and improve health outcomes for all.”

The Joint Public Health Informatics Taskforce (JPHIT), coordinated by ASTHO and consisting of 14 member organizations including public health associations, gathered comments and input from constituent members and submitted consolidated feedback on the proposed rule in October and awaits responses and the final rule from ASTP.