It’s been over a year of anticipation, but the Centers for Medicare and Medicaid’s Interoperability and Patient Access Final Rule is finally coming into effect. The implementation of this long-awaited mandate, which will allow patients to request and have access to their medical data to share with plans, providers, and digital applications, represents a new horizon for health plans, rife with opportunity for innovation. There are also a bevy of implications for plans if they fail to comply with the mandate.

Health plans across the country are already beginning to feel the impact of CMS’ Interoperability and Patient Access Final Rule.  We’ve learned from the price transparency rule that compliance can be tricky, and with the interoperability mandate, there are sure to be even harsher realities coming down the pike — especially if plans run afoul of state laws regarding HIPAA and consent management.

The truth is health plans should be doing more than complying with the interoperability mandate. The mandate itself is a starting point for creating a healthcare system that helps members better manage their health, helps providers deliver higher quality care, and encourages innovations in digital health that will deliver better outcomes and an improved healthcare experience.

Abacus Insights is here to help health plans go beyond compliance and venture into the future of interoperability. Here’s what health plans and their CIOs can do to ensure they’re on the right path forward.

• Seek partners with expertise. Select partners with deep expertise in healthcare and technology in order to avoid privacy and compliance roadblocks down the road and to ensure your system is privy to the complexities of healthcare. Partners should understand the importance of getting the right information to the right people at the right time.

• Build for the future. Your interoperability solution must go beyond installing a FHIR-compliant server. If you’re building a system to comply with the interoperability mandate, you’re creating your own impediments to success. The requirements of the mandate have already changed and are bound to change again. You need a partner that can keep up with the HL7 FHIR implementation guidelines to ensure that data can be shared with third-party applications.

• Deploy a “member first” strategy. At the end of the day, interoperability is about member experience. Your customer service representatives need a complete view of the member journey in order for them to answer any questions your members may have. This means making sure your systems can follow data from any digital health application all the way through to a provider visit.

• Educate your members. The interoperability mandate puts control of data in the hands of members, who will be able to access insightful, actionable information that should help them make better decisions about their care. That doesn’t mean members are guaranteed to make the best decisions about their data; members who decide to use or connect to third-party applications need to understand the privacy and security rules of those applications. Deploy an interoperability education plan to help members make the best decisions about where they distribute their personal health data.

• Factor in consent. Consent for the sharing of health information can be complicated for vendors who operate in multiple states. Consent rules vary from state to state, and at the end of the day, health plans are responsible to ensure health data is protected no matter where care is provided. Health plans must ensure they are meeting these various state requirements while protecting member data from being released to unauthorized entities. This requires implementing appropriate security measures; consider deploying features like multi-factor authentication, endpoint patching, IP whitelisting and credentialing to ensure PHI remains protected.

• Leverage the mandate for innovation. The real opportunity of the interoperability mandate is the transformational impact it can have on the way health plans operate their businesses — if they so choose. Zooming out on the trajectory of interoperability, we are still very much in the early stages of data sharing. Health plans that integrate their systems for analyzing and sharing data can transform their operations and member experience to help improve health outcomes. They will be better prepared for what comes next, from the growth of wearables and connected devices to precision medicine to artificial intelligence and machine learning. With a robust system in place today, health plans will empower themselves with the tools to compete in the healthcare market of tomorrow.

By following these steps, health plans can ensure they are on the right track as the interoperability movement progresses as an industry standard. The Interoperability and Patient Access Final Rule is a much-needed first step toward a data-liberated healthcare system, but the July 1 compliance data is just the first step. As more rules come online beginning in January 2022, health plans must take action today to be in a position to succeed when the next iteration of interoperability regulations come down the pipeline.