top of page

Information -

Blocking Rule

Today, the HHS Office of National Coordinator and Office of Inspector General released their long-awaited rule on information-blocking. As part of the 21st Century Cures Act passed in December 2016, HHS is required to issue regulations to: 


  1. Define information blocking and identify reasonable and necessary activities that do NOT constitute information blocking;

  2. Implement a public reporting process so people can complain about organizations that do not have interoperable systems or otherwise engage in information-blocking activities; 

  3. Create an enforcement mechanism so the OIG may investigate and penalize organizations that engage in information blocking.


Why Does This Matter?

Information blocking prevents providers from having access to the most current, accurate, or complete information on their patients.


The rule is also important because health care entities and their vendors are trying to comply with new Medicare payment rules that encourage the use of open APIs and interoperable systems, but do not know exactly which behaviors constitute “information-blocking.”

What is information blocking?

It is commonly defined as a healthcare provider or vendor creating a barrier to inhibit the exchange of health information.

The ONC already provided a definition of information blocking in a 2015 report to Congress. 

“Information blocking occurs when a person or entity – typically a health care provider, IT developer, or EHR vendor – knowingly and unreasonably interferes with the exchange and use of electronic health information, which is a right protected by the Health Insurance Portability and Accountability Act (HIPAA) of 1996.”

In that report from three years ago, ONC gave the following examples of information blocking, but acknowledged that patient safety or privacy may prevent disclosure:

  • Fees that make data exchange cost prohibitive.

  • Organizational policies or contract terms that prevent sharing information with patients or health care providers.

  • Technology designed or implemented in non-standard ways that inhibit the exchange of information.

  • Patients or health care providers become “locked in” to a specific technology or health care network because data is not portable.

Some actions that impede the exchange of electronic health information do not constitute information blocking. For example, when an act or course of action is necessary to protect patient safety, privacy, or other compelling interests.


Three Things To Know

  1. The rule defines information blocking as

  2. The rule develops protocols and standards to improve interoperability between providers for large amounts of healthcare data. It does not focus on individual patient records. For example,

  3. The penalty for engaging in information blocking is $1 million per event.

Who does it apply to?
Examples of information blocking:
Deadline for Comment
What Does It Mean for Plans, Hospitals, Start-ups, information technology platforms like Amazon?
Want to know more?​
bottom of page