Sample Information Blocking policies, procedures, and templates
Resource Topic: Health Information Technology (HIT)/Data
Resource Subtopic: Research and Data, Privacy and Security.
Keywords: Content Management System (CMS), Data Collection, Management, and Analytics, Health Care Facilities, Health Information Exchange (HIE), Privacy/Protected Health Information (e.g., Health Insurance Portability and Accountability Act (HIPAA)).
Year Developed: 2022
Resource Type: Other
Primary Audience: Administrative Staff
Secondary Audience: Board of Directors
C-Suite (CEOs, CFOs, CIO, COOs, CMOs, etc.)
(See other resources developed by this organization).
Resource Summary: Tools for Health Centers to Comply with Rules Prohibiting Information Blocking
Resource Details: Steps in using sample information blocking policies, procedures, and templates from HITEQ:
Conduct Initial Information Blocking Risk Assessment (Appendix A) as part of the organizational record, and update annually thereafter.
For any organizational practices that appear on the list of suspected practices for Information Blocking (Appendix A, Section VI)
Record the exact practice and current workflow, and assess whether any of the 21st Century Cures Act ONC exceptions apply using Appendix D: Information Blocking Exceptions and other references.
For any practices that are reviewed where no exceptions apply, cannot be modified, and is/are necessary, document that the organization does not intend for the practice to result in information blocking.
Develop/review policy/ procedure for reviewing/fulfilling requests for information.
Ensure that process is non-discriminatory and expedient.
Ensure that electronic and physical information requests are consistent in terms of consent, privacy, and legal requirements.
Develop a process for documenting exceptions to requests
Ensure that process aligns with the eight possible exceptions, noting that five allow for not fulfilling the request while the other three refer to procedures for fulfilling requests.
Use other HITEQ information blocking process resources, including Appendix D: information blocking exceptions
Implement documentation for exceptions on a case-by-case basis
Develop a process for responding to requests, either where information will be shared and access maintained or where the request will not be fulfilled, and the reason needs to be communicated.
Review and adopt information blocking complaint procedures (Appendix E)
Use Appendix G as a template for investigation workflow.
Use Appendix H to document the investigation.
Document complaints, incidents, and related responses and/ or actions
Use Appendix F - Incidence Response Log to document this.