Looking Back, Looking Forward
December 14, 2022 •Janice Karin
2022 has been an interesting year in health IT. Major regulations went into effect while others were delayed and still others have been sitting in a pending state waiting for their final approval before release. It was a year of RFIs and information gathering and a year to prepare for upcoming requirements. It was a year of price transparency discussions and data surveillance overreach and examination of how AI should be used and policed. By the end of 2022 providers should be supporting FHIR and all electronic health information - not just USCDI v1 - is now privy to information blocking rules and must be shared with both individuals and organizations on request unless one of the eight exceptions applies.
At the time of this writing a new iteration of the long awaited prior authorization rule is still pending, likely imminent (perhaps even released by the time you read this). We don't know exactly what it will say or whether it's going to be as wide ranging as the long frozen rule from late 2020 and early 2021. Payer => Payer data exchange is still delayed, as is implementation of Advanced Explanation of Benefits (AEOBs) notices for those with health insurance. Consolidation of quality measures and the move to digital measures are still mostly pending and still often discussed. CMS is still focusing a lot of attention on Provider Directories but without much concrete change.
In many ways, the regulatory landscape isn't much different than it was at this time last year - certainly there was little in the way of new requirements that we didn't already know about in the last 12 months. Hopefully we'll have many of these answers when we sit down to write next year's version of this article. For now, most of our predictions for 2022 are still valid predictions for 2023. Last year we predicted that No Surprises implementations and enforcements would be haphazard at best and that has proven to be true. Unfortunately, we don't see that changing any time soon. We also predicted that more provider directory regulations were coming. There has been much discussion, an RFI from CMS, and some changes around the edges but no major new regulations - yet. We'll see what happens once CMS has a chance to absorb the RFI responses.
We also talked about ICD-11 being on the horizon and that's still true, with just a few small noises being made about possible future adoption and what that would look like at this point. We also predicted that new regulations around AI were coming and we still think this is true moving forward, with agencies such as ONC, the FTC, HHS, and more asking for public feedback on how they might regulate AI and making comments about the importance of mitigating bias in AI.
Other things we anticipate in 2023 include more health IT certification requirements for technology used primarily by payers; in particular we see this likely to happen around areas related to AI and to prior authorization based on comments and actions by folks at ONC. ONC has very clearly been discussing this, asking folks about it in RFIs and public events, and even stating that it's likely within the two contexts above at times. People tend to think of ONC and its role in certifying health technology as primarily provider facing, but that's likely to change moving forward.
There will also likely be new public health reporting requirements, particularly around equity and SDOH. FHIR write operations are coming too, particularly in the area of patient correction of records, but they may be a bit further in the future (yes, we predicted the last two items last year too - as noted above, nearly all of our predictions from last year still hold true for 2023).
Perhaps regulations will be updated to start requiring USCDI v2 data exchange rather than USCDI v1. USCDI v4 will be drafted, reviewed, and finalized in 2023 so current regulations will be three versions behind by the end of the year. USCDI v2 incorporates more demographic and SDOH data than v1, both important for current industry priorities, so its use would make more robust equity and SDOH programs easier to support (among other things).
The biggest question in our mind is whether the Provider Access APIs requiring Payer=>Provider data exchange, the requirement to use FHIR for Payer=>Payer exchange, and the option to support Payer=>Payer exchange requests in bulk at enrollment times rather than via individual request as well as some of the other changes and additions that were not directly related to prior authorization will still be in the upcoming prior authorization rule. Hopefully we'll all find out soon.
What do you see in store for 2023? Write us at firstname.lastname@example.org and let us know your predictions for the year ahead.