CMS 21st Century Cures IPA Rule & its Impact on State Health Agencies

Author: Akash Jha, Sr. Healthcare Consultant, CitiusTech

The 21st Century Cures Act (the Act) is said to be the most important legislation passed since the Affordable Care Act (ACA) and for good reason. While ACA and the HITECH Act saw a tremendous proliferation of EHR technology across the US and significant strides in interoperability, the 21st Century Cures almost perfects the interoperability piece, in that once properly implemented, we could see a seamless patient record irrespective of the clinic, health system, geography or plan.

While the two HHS agencies – ONC and CMS cater to different areas of the market i.e., Health IT vs Payors/Providers, their rulemaking in alignment to 21st Century Cures has broad similarities, in terms of FHIR APIs, USCDI datasets, and information blocking.

The CMS Interoperability & Patient Access rule has broad technological consequences for both payors (CMS-regulated payers, specifically MA organizations, Medicaid Fee-for-Service (FFS) programs, Medicaid managed care plans, CHIP FFS programs, CHIP managed care entities and QHP issuers on the FFEs) and providers, including State agencies administering the Medicaid programs across the US.

Some key technological impact areas for State Medicaid agencies are:

  • Interoperability standard compliance
    • Support the exchange of clinical data at a minimum of as defined by the United States Core Data for Interoperability (USCDI) dataset
    • Patient Access API: Implement and maintain an FHIR R4-based Patient Access API with the ability to share encounter, claims, and clinical (USCDI) with any 3rd party app of the Patient’s choice
    • Provider Directory API: Make standardized information about provider networks available via an FHIR R4-based Provider Directory.
    • Payer-to-Payer Data Exchange: Coordinate care between payers by exchanging USCDI data; and
    • Exchange dual eligible data with CMS daily
  • Data ingestion, mapping, and transformation
  • Identify & Access management
  • eConsent management
  • Single-source-of-truth data warehouse / Data Lakes
  • ePHI security and HIPAA API management
  • compliance
  • Integration with existing Medicaid management information systems

Additionally, Hospitals and other providers (including State-owned) must comply with the exchange of electronic patient event notifications regarding a patient's admission, discharge, and/or transfer (ADT) to another health care facility, update of Provider data on National Plan and Provider Enumeration System (NPPES) and leveraging an ONC 2015 Cures certified EHR in their facilities (ONC’s counterpart rule for Health IT for 21st Century Cures compliance)

As we see, there is a large impact for State health agencies, with strict implementation timelines and a well-defined upgrade path from CMS (updates to USCDI version 2, FHIR standard upgrades, etc.) implying that States should now be looking at a modern, digital, scalable and upgradable solutions, rather than stop-gap measures.

Explore other blogs

Precision Medicine: Way Forward through Real World Data
Precision Medicine: Way Forward through Real World Data
CitiusTech: Driving digital transformation in Healthcare with AWS HealthLake
CitiusTech: Driving digital transformation in Healthcare with AWS HealthLake
Consent Management for Patient Data Sharing
Consent Management for Patient Data Sharing


No items currently match your filtering criteria.