Native Apps for US Healthcare
Status of current regulatory information on the approval of Native Apps for US Healthcare.
There are three sources of requirements for Native Apps for US Healthcare:
- US Cures Act Final Rule of 2020-05-01 - the regulations
- Medicare rules for reimbursement File:CMS-200814.pdf - the hammer behind adoption of the regulations.
- Trusted Exchange Framework and Common Agreement (TEFCA)
- FDA Medical device regulations
When the API will be required
On page 1 quote
Implement and maintain a standards-based Patient Access API: The CMS Interoperability and Patient Access final rule requires state Medicaid agencies, Medicaid managed care plans, CHIP agencies, and CHIP managed care entities to make certain health information about Medicaid and CHIP beneficiaries accessible through a Patient Access application program interface (API) by 2021-01-01. This policy enables beneficiaries to have access to their health data on their internet-enabled devices (such as smartphones). Due to the COVID-19 public health emergency (PHE), CMS is exercising enforcement discretion, however, and does not expect to enforce this requirement prior to 2021-07-01.
What is required of a Native App
On page 3 quote
These managed care regulations require the plans and entities to comply with the same standards that apply to the fee for service programs. The CMS Interoperability and Patient Access final rule requires compliance with the API technical standards adopted by HHS at 45 CFR 170.215 including the Health Level 7 (HL7®) Fast Healthcare Interoperability Resources (FHIR®) standard and relevant technical standards.
What Data is Covered
On page 6 quote
The CMS Interoperability and Patient Access final rule requires Medicaid managed care plans and CHIP managed care entities to develop the ability to share the United States Core Data for Interoperability (USCDI) as specified in 45 CFR 170.213 with the approval and at the direction of a current or former enrollee or the enrollee’s personal representative under the Payer-to-Payer Data Exchange policy. An assessment of the ability to create that data set and the completeness of that data set for all parties and the ability to send and receive such data by all parties would be appropriate as a first step in preparation for implementation.