New Fact Sheet Highlights ASTP’s Concerns About Certified API Practices

On October 29, 2024, the US Department of Health and Human Services (HHS) Assistant Secretary for Technology Policy (ASTP) released a fact sheet titled “Information Blocking Reminders Related to API Technology.” The fact sheet reminds developers of application programming interfaces (APIs) certified under the ASTP’s Health Information Technology (IT) Certification Program and their health care provider customers of practices that constitute information blocking under ASTP’s information blocking regulations and information blocking condition of certification applicable to certified health IT developers.

In Depth

The fact sheet is noteworthy because it follows ASTP’s recent blog post expressing concern about reports that certified API developers are potentially violating Certification Program requirements and engaging in information blocking. ASTP also recently strengthened its feedback channels by adding a section specifically for API-linked complaints and inquiries to the Health IT Feedback and Inquiry Portal. It appears increasingly likely that initial investigations and enforcement of the information blocking prohibition by the HHS Office of Inspector General will focus on practices that may interfere with access, exchange, or use of electronic health information (EHI) through certified API technology.

The fact sheet focuses on three categories of API-related practices that could be information blocking under ASTP’s information blocking regulations and Certification Program condition of certification:

  • ASTP cautions against practices that limit or restrict the interoperability of health IT. For example, the fact sheet states that health care providers who locally manage their fast healthcare interoperability resources (FHIR) servers without certified API developer assistance may engage in information blocking when they refuse to provide to certified API developers the FHIR service base URL necessary for patients to access their EHI.
  • ASTP states that impeding innovations and advancements in access, exchange, or use of EHI or health-IT-enabled care delivery may be information blocking. For example, the fact sheet indicates that a certified API developer may engage in information blocking by refusing to register and enable an application for production use within five business days of completing its verification of an API user’s authenticity as required by ASTP’s API maintenance of certification requirements.
  • ASTP states that burdensome or discouraging terms, delays, or influence over customers and users may be information blocking. For example, ASTP states that a certified electronic health record (EHR) developer may engage in information blocking by conditioning the disclosure of interoperability elements to third-party developers on the third-party developer entering into business associate agreements with all of the EHR developer’s covered entity customers, even if the work being done is not for the benefit of the customers and HIPAA does not require the business associate agreements.

The fact sheet does not address circumstances under which any of the above practices of certified API developers may meet an information blocking exception (established for reasonable practices that interfere with access, exchange, or use of EHI). Regulated actors should consider whether exceptions apply to individual circumstances.

© 2024 McDermott Will & Emery by: Daniel F. Gottlieb, Kristen O’Brien, James A. Cannatti III of McDermott Will & Emery For more on API Practices, visit the NLR Health Law Managed Care section

  • Related Posts

    Tax and Disclosure Considerations Related to Executive Security Benefits

    Key Takeaways Executives and companies may deduct the cost of security benefits that meet certain requirements under the Treasury Regulations Public companies are generally required to disclose the cost of…

    Congress Passes Defense Bill with AI Provisions — AI: The Washington Report

    On December 18, Congress passed the FY 2025 National Defense Authorization Act (NDAA), which includes a number of AI provisions. The NDAA is expected to be signed into law by…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Dow Jones Today: Stocks Inch Higher To Start Holiday-Shortened Session

    • By admin
    • December 24, 2024
    • 12 views
    Dow Jones Today: Stocks Inch Higher To Start Holiday-Shortened Session

    Tax and Disclosure Considerations Related to Executive Security Benefits

    • By admin
    • December 24, 2024
    • 8 views

    Dow Jones Today: Stocks Slip To Start Holiday-Shortened Week; Honda Soars on Merger Plans

    • By admin
    • December 23, 2024
    • 12 views
    Dow Jones Today: Stocks Slip To Start Holiday-Shortened Week; Honda Soars on Merger Plans

    Congress Passes Defense Bill with AI Provisions — AI: The Washington Report

    • By admin
    • December 22, 2024
    • 17 views

    Why People on TikTok Are Slathering Their Face with Beef Tallow

    • By admin
    • December 21, 2024
    • 15 views
    Why People on TikTok Are Slathering Their Face with Beef Tallow

    Texas Attorney General Launches Investigation into 15 Tech Companies

    • By admin
    • December 21, 2024
    • 18 views
    Texas Attorney General Launches Investigation into 15 Tech Companies