[USC02] 42 USC CHAPTER 6A, SUBCHAPTER XXVIII, Part A: Promotion of Health Information Technology
Result 1 of 1
   
 
42 USC CHAPTER 6A, SUBCHAPTER XXVIII, Part A: Promotion of Health Information Technology
From Title 42—THE PUBLIC HEALTH AND WELFARECHAPTER 6A—PUBLIC HEALTH SERVICESUBCHAPTER XXVIII—HEALTH INFORMATION TECHNOLOGY AND QUALITY

Part A—Promotion of Health Information Technology

§300jj–11. Office of the National Coordinator for Health Information Technology

(a) Establishment

There is established within the Department of Health and Human Services an Office of the National Coordinator for Health Information Technology (referred to in this section as the "Office"). The Office shall be headed by a National Coordinator who shall be appointed by the Secretary and shall report directly to the Secretary.

(b) Purpose

The National Coordinator shall perform the duties under subsection (c) in a manner consistent with the development of a nationwide health information technology infrastructure that allows for the electronic use and exchange of information and that—

(1) ensures that each patient's health information is secure and protected, in accordance with applicable law;

(2) improves health care quality, reduces medical errors, reduces health disparities, and advances the delivery of patient-centered medical care;

(3) reduces health care costs resulting from inefficiency, medical errors, inappropriate care, duplicative care, and incomplete information;

(4) provides appropriate information to help guide medical decisions at the time and place of care;

(5) ensures the inclusion of meaningful public input in such development of such infrastructure;

(6) improves the coordination of care and information among hospitals, laboratories, physician offices, and other entities through an effective infrastructure for the secure and authorized exchange of health care information;

(7) improves public health activities and facilitates the early identification and rapid response to public health threats and emergencies, including bioterror events and infectious disease outbreaks;

(8) facilitates health and clinical research and health care quality;

(9) promotes early detection, prevention, and management of chronic diseases;

(10) promotes a more effective marketplace, greater competition, greater systems analysis, increased consumer choice, and improved outcomes in health care services; and

(11) improves efforts to reduce health disparities.

(c) Duties of the National Coordinator

(1) Standards

The National Coordinator shall—

(A) review and determine whether to endorse each standard, implementation specification, and certification criterion for the electronic exchange and use of health information that is recommended by the HIT Advisory Committee under section 300jj–12 of this title for purposes of adoption under section 300jj–14 of this title;

(B) make such determinations under subparagraph (A), and report to the Secretary such determinations, not later than 45 days after the date the recommendation is received by the Coordinator; and

(C) review Federal health information technology investments to ensure that Federal health information technology programs are meeting the objectives of the strategic plan published under paragraph (3).

(2) HIT policy coordination

(A) In general

The National Coordinator shall coordinate health information technology policy and programs of the Department with those of other relevant executive branch agencies with a goal of avoiding duplication of efforts and of helping to ensure that each agency undertakes health information technology activities primarily within the areas of its greatest expertise and technical capability and in a manner towards a coordinated national goal.

(B) HIT Advisory Committee

The National Coordinator shall be a leading member in the establishment and operations of the HIT Advisory Committee and shall serve as a liaison between that Committee and the Federal Government.

(3) Strategic plan

(A) In general

The National Coordinator shall, in consultation with other appropriate Federal agencies (including the National Institute of Standards and Technology), update the Federal Health IT Strategic Plan (developed as of June 3, 2008) to include specific objectives, milestones, and metrics with respect to the following:

(i) The electronic exchange and use of health information and the enterprise integration of such information.

(ii) The utilization of an electronic health record for each person in the United States by 2014.

(iii) The incorporation of privacy and security protections for the electronic exchange of an individual's individually identifiable health information.

(iv) Ensuring security methods to ensure appropriate authorization and electronic authentication of health information and specifying technologies or methodologies for rendering health information unusable, unreadable, or indecipherable.

(v) Specifying a framework for coordination and flow of recommendations and policies under this part among the Secretary, the National Coordinator, the HIT Advisory Committee, and other health information exchanges and other relevant entities.

(vi) Methods to foster the public understanding of health information technology.

(vii) Strategies to enhance the use of health information technology in improving the quality of health care, reducing medical errors, reducing health disparities, improving public health, increasing prevention and coordination with community resources, and improving the continuity of care among health care settings.

(viii) Specific plans for ensuring that populations with unique needs, such as children, are appropriately addressed in the technology design, as appropriate, which may include technology that automates enrollment and retention for eligible individuals.

(B) Collaboration

The strategic plan shall be updated through collaboration of public and private entities.

(C) Measurable outcome goals

The strategic plan update shall include measurable outcome goals.

(D) Publication

The National Coordinator shall republish the strategic plan, including all updates.

(4) Website

The National Coordinator shall maintain and frequently update an Internet website on which there is posted information on the work, schedules, reports, recommendations, and other information to ensure transparency in promotion of a nationwide health information technology infrastructure.

(5) Certification

(A) In general

The National Coordinator, in consultation with the Director of the National Institute of Standards and Technology, shall keep or recognize a program or programs for the voluntary certification of health information technology as being in compliance with applicable certification criteria adopted under this part. Such program shall include, as appropriate, testing of the technology in accordance with section 17911(b) of this title.

(B) Certification criteria described

In this subchapter, the term "certification criteria" means, with respect to standards and implementation specifications for health information technology, criteria to establish that the technology meets such standards and implementation specifications.

(C) Health information technology for medical specialties and sites of service

(i) In general

The National Coordinator shall encourage, keep, or recognize, through existing authorities, the voluntary certification of health information technology under the program developed under subparagraph (A) for use in medical specialties and sites of service for which no such technology is available or where more technological advancement or integration is needed.

(ii) Specific medical specialties

The Secretary shall accept public comment on specific medical specialties and sites of service, in addition to those described in clause (i), for the purpose of selecting additional specialties and sites of service as necessary.

(iii) Health information technology for pediatrics

Not later than 18 months after December 13, 2016, the Secretary, in consultation with relevant stakeholders, shall make recommendations for the voluntary certification of health information technology for use by pediatric health providers to support the health care of children. Not later than 2 years after December 13, 2016, the Secretary shall adopt certification criteria under section 300jj–14 of this title to support the voluntary certification of health information technology for use by pediatric health providers to support the health care of children.

(D) Conditions of certification

Not later than 1 year after December 13, 2016, the Secretary, through notice and comment rulemaking, shall require, as a condition of certification and maintenance of certification for programs maintained or recognized under this paragraph, consistent with other conditions and requirements under this subchapter, that the health information technology developer or entity—

(i) does not take any action that constitutes information blocking as defined in section 300jj–52(a) of this title;

(ii) provides assurances satisfactory to the Secretary that such developer or entity, unless for legitimate purposes specified by the Secretary, will not take any action described in clause (i) or any other action that may inhibit the appropriate exchange, access, and use of electronic health information;

(iii) does not prohibit or restrict communication regarding—

(I) the usability of the health information technology;

(II) the interoperability of the health information technology;

(III) the security of the health information technology;

(IV) relevant information regarding users' experiences when using the health information technology;

(V) the business practices of developers of health information technology related to exchanging electronic health information; and

(VI) the manner in which a user of the health information technology has used such technology;


(iv) has published application programming interfaces and allows health information from such technology to be accessed, exchanged, and used without special effort through the use of application programming interfaces or successor technology or standards, as provided for under applicable law, including providing access to all data elements of a patient's electronic health record to the extent permissible under applicable privacy laws;

(v) has successfully tested the real world use of the technology for interoperability (as defined in section 300jj of this title) in the type of setting in which such technology would be marketed;

(vi) provides to the Secretary an attestation that the developer or entity—

(I) has not engaged in any of the conduct described in clause (i);

(II) has provided assurances satisfactory to the Secretary in accordance with clause (ii);

(III) does not prohibit or restrict communication as described in clause (iii);

(IV) has published information in accordance with clause (iv);

(V) ensures that its technology allows for health information to be exchanged, accessed, and used, in the manner described in clause (iv); and

(VI) has undertaken real world testing as described in clause (v); and


(vii) submits reporting criteria in accordance with section 300jj–19a(b) of this title.

(E) Compliance with conditions of certification

The Secretary may encourage compliance with the conditions of certification described in subparagraph (D) and take action to discourage noncompliance, as appropriate.

(6) Reports and publications

(A) Report on additional funding or authority needed

Not later than 12 months after February 17, 2009, the National Coordinator shall submit to the appropriate committees of jurisdiction of the House of Representatives and the Senate a report on any additional funding or authority the Coordinator or the HIT Policy Committee or HIT Standards Committee requires to evaluate and develop standards, implementation specifications, and certification criteria, or to achieve full participation of stakeholders in the adoption of a nationwide health information technology infrastructure that allows for the electronic use and exchange of health information.

(B) Implementation report

The National Coordinator shall prepare a report that identifies lessons learned from major public and private health care systems in their implementation of health information technology, including information on whether the technologies and practices developed by such systems may be applicable to and usable in whole or in part by other health care providers.

(C) Assessment of impact of HIT on communities with health disparities and uninsured, underinsured, and medically underserved areas

The National Coordinator shall assess and publish the impact of health information technology in communities with health disparities and in areas with a high proportion of individuals who are uninsured, underinsured, and medically underserved individuals (including urban and rural areas) and identify practices to increase the adoption of such technology by health care providers in such communities, and the use of health information technology to reduce and better manage chronic diseases.

(D) Evaluation of benefits and costs of the electronic use and exchange of health information

The National Coordinator shall evaluate and publish evidence on the benefits and costs of the electronic use and exchange of health information and assess to whom these benefits and costs accrue.

(E) Resource requirements

The National Coordinator shall estimate and publish resources required annually to reach the goal of utilization of an electronic health record for each person in the United States by 2014, including—

(i) the required level of Federal funding;

(ii) expectations for regional, State, and private investment;

(iii) the expected contributions by volunteers to activities for the utilization of such records; and

(iv) the resources needed to establish a health information technology workforce sufficient to support this effort (including education programs in medical informatics and health information management).

(7) Assistance

The National Coordinator may provide financial assistance to consumer advocacy groups and not-for-profit entities that work in the public interest for purposes of defraying the cost to such groups and entities to participate under, whether in whole or in part, the National Technology Transfer Act of 1995 (15 U.S.C. 272 note).1

(8) Governance for nationwide health information network

The National Coordinator shall establish a governance mechanism for the nationwide health information network.

(9) Support for interoperable networks exchange

(A) In general

The National Coordinator shall, in collaboration with the National Institute of Standards and Technology and other relevant agencies within the Department of Health and Human Services, for the purpose of ensuring full network-to-network exchange of health information, convene public-private and public-public partnerships to build consensus and develop or support a trusted exchange framework, including a common agreement among health information networks nationally. Such convention may occur at a frequency determined appropriate by the Secretary.

(B) Establishing a trusted exchange framework

(i) In general

Not later than 6 months after December 13, 2016, the National Coordinator shall convene appropriate public and private stakeholders to develop or support a trusted exchange framework for trust policies and practices and for a common agreement for exchange between health information networks. The common agreement may include—

(I) a common method for authenticating trusted health information network participants;

(II) a common set of rules for trusted exchange;

(III) organizational and operational policies to enable the exchange of health information among networks, including minimum conditions for such exchange to occur; and

(IV) a process for filing and adjudicating noncompliance with the terms of the common agreement.

(ii) Technical assistance

The National Coordinator, in collaboration with the National Institute of Standards and Technology, shall provide technical assistance on how to implement the trusted exchange framework and common agreement under this paragraph.

(iii) Pilot testing

The National Coordinator, in consultation with the National Institute of Standards and Technology, shall provide for the pilot testing of the trusted exchange framework and common agreement established or supported under this subsection (as authorized under section 17911 of this title). The National Coordinator, in consultation with the National Institute of Standards and Technology, may delegate pilot testing activities under this clause to independent entities with appropriate expertise.

(C) Publication of a trusted exchange framework and common agreement

Not later than 1 year after convening stakeholders under subparagraph (A), the National Coordinator shall publish on its public Internet website, and in the Federal register,2 the trusted exchange framework and common agreement developed or supported under subparagraph (B). Such trusted exchange framework and common agreement shall be published in a manner that protects proprietary and security information, including trade secrets and any other protected intellectual property.

(D) Directory of participating health information networks

(i) In general

Not later than 2 years after convening stakeholders under subparagraph (A), and annually thereafter, the National Coordinator shall publish on its public Internet website a list of the health information networks that have adopted the common agreement and are capable of trusted exchange pursuant to the common agreement developed or supported under paragraph 3 (B).

(ii) Process

The Secretary shall, through notice and comment rulemaking, establish a process for health information networks that voluntarily elect to adopt the trusted exchange framework and common agreement to attest to such adoption of the framework and agreement.

(E) Application of the trusted exchange framework and common agreement

As appropriate, Federal agencies contracting or entering into agreements with health information exchange networks may require that as each such network upgrades health information technology or trust and operational practices, such network may adopt, where available, the trusted exchange framework and common agreement published under subparagraph (C).

(F) Rule of construction

(i) General adoption

Nothing in this paragraph shall be construed to require a health information network to adopt the trusted exchange framework or common agreement.

(ii) Adoption when exchange of information is within network

Nothing in this paragraph shall be construed to require a health information network to adopt the trusted exchange framework or common agreement for the exchange of electronic health information between participants of the same network.

(iii) Existing frameworks and agreements

The trusted exchange framework and common agreement published under subparagraph (C) shall take into account existing trusted exchange frameworks and agreements used by health information networks to avoid the disruption of existing exchanges between participants of health information networks.

(iv) Application by Federal agencies

Notwithstanding clauses (i), (ii), and (iii), Federal agencies may require the adoption of the trusted exchange framework and common agreement published under subparagraph (C) for health information exchanges contracting with or entering into agreements pursuant to subparagraph (E).

(v) Consideration of ongoing work

In carrying out this paragraph, the Secretary shall ensure the consideration of activities carried out by public and private organizations related to exchange between health information exchanges to avoid duplication of efforts.

(d) Detail of Federal employees

(1) In general

Upon the request of the National Coordinator, the head of any Federal agency is authorized to detail, with or without reimbursement from the Office, any of the personnel of such agency to the Office to assist it in carrying out its duties under this section.

(2) Effect of detail

Any detail of personnel under paragraph (1) shall—

(A) not interrupt or otherwise affect the civil service status or privileges of the Federal employee; and

(B) be in addition to any other staff of the Department employed by the National Coordinator.

(3) Acceptance of detailees

Notwithstanding any other provision of law, the Office may accept detailed personnel from other Federal agencies without regard to whether the agency described under paragraph (1) is reimbursed.

(e) Chief Privacy Officer of the Office of the National Coordinator

Not later than 12 months after February 17, 2009, the Secretary shall appoint a Chief Privacy Officer of the Office of the National Coordinator, whose duty it shall be to advise the National Coordinator on privacy, security, and data stewardship of electronic health information and to coordinate with other Federal agencies (and similar privacy officers in such agencies), with State and regional efforts, and with foreign countries with regard to the privacy, security, and data stewardship of electronic individually identifiable health information.

(July 1, 1944, ch. 373, title XXX, §3001, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 230; amended Pub. L. 114–255, div. A, title IV, §§4001(b), 4002(a), 4003(b), (e)(2)(A)(i), (ii), (C), Dec. 13, 2016, 130 Stat. 1158, 1159, 1165, 1174.)

References in Text

The National Technology Transfer Act of 1995 (15 U.S.C. 272 note), referred to in subsec. (c)(7), probably means section 12(d) of Pub. L. 104–113, known as the National Technology Transfer and Advancement Act of 1995, which is set out as a note under section 272 of Title 15, Commerce and Trade.

Amendments

2016—Subsec. (c)(1)(A). Pub. L. 114–255, §4003(e)(2)(C)(i), substituted "under section 300jj–12 of this title" for "under section 300jj–13 of this title".

Pub. L. 114–255, §4003(e)(2)(A)(i), substituted "HIT Advisory Committee" for "HIT Standards Committee".

Subsec. (c)(2)(B). Pub. L. 114–255, §4003(e)(2)(C)(ii), added subpar. (B) and struck out former subpar. (B). Prior to amendment, text read as follows: "The National Coordinator shall be a leading member in the establishment and operations of the HIT Policy Committee and the HIT Standards Committee and shall serve as a liaison among those two Committees and the Federal Government."

Subsec. (c)(3)(A)(v). Pub. L. 114–255, §4003(e)(2)(A)(ii), which directed amendment of this section by substituting "HIT Advisory Committee" for "HIT Policy Committee and the HIT Standards Committee" wherever appearing, was executed to cl. (v) by making the substitution for "HIT Policy Committee, the HIT Standards Committee", to reflect the probable intent of Congress.

Subsec. (c)(5)(C). Pub. L. 114–255, §4001(b), added subpar. (C).

Subsec. (c)(5)(D), (E). Pub. L. 114–255, §4002(a), added subpars. (D) and (E).

Subsec. (c)(6)(A). Pub. L. 114–255, §4003(e)(2)(A)(i), which directed amendment of this section by substituting "HIT Advisory Committee" for both "HIT Policy Committee" and "HIT Standards Committee" wherever appearing, but not within the term "HIT Policy Committee or the HIT Standards Committee", was not executed to subpar. (A) as provided in the exception, notwithstanding text that reads "HIT Policy Committee or HIT Standards Committee", to reflect the probable intent of Congress.

Subsec. (c)(9). Pub. L. 114–255, §4003(b), added par. (9).

Provider Digital Contact Information Index

Pub. L. 114–255, div. A, title IV, §4003(c), Dec. 13, 2016, 130 Stat. 1167, provided that:

"(1) In general.—Not later than 3 years after the date of enactment of this Act [Dec. 13, 2016], the Secretary of Health and Human Services (referred to in this subsection as the 'Secretary') shall, directly or through a partnership with a private entity, establish a provider digital contact information index to provide digital contact information for health professionals and health facilities.

"(2) Use of existing index.—In establishing the initial index under paragraph (1), the Secretary may utilize an existing provider directory to make such digital contact information available.

"(3) Contact information.—An index established under this subsection shall ensure that contact information is available at the individual health care provider level and at the health facility or practice level.

"(4) Rule of construction.—

"(A) In general.—The purpose of this subsection is to encourage the exchange of electronic health information by providing the most useful, reliable, and comprehensive index of providers possible. In furthering such purpose, the Secretary shall include all health professionals and health facilities applicable to provide a useful, reliable, and comprehensive index for use in the exchange of health information.

"(B) Limitation.—In no case shall exclusion from the index of providers be used as a measure to achieve objectives other [than] the objectives described in subparagraph (A)."

1 See References in Text note below.

2 So in original. Probably should be "Register,".

3 So in original. Probably should be "subparagraph".

§300jj–12. Health Information Technology Advisory Committee

(a) Establishment

There is established a Health Information Technology Advisory Committee (referred to in this section as the "HIT Advisory Committee") to recommend to the National Coordinator, consistent with the implementation of the strategic plan described in section 300jj–11(c)(3) of this title, policies, and, for purposes of adoption under section 300jj–14 of this title, standards, implementation specifications, and certification criteria, relating to the implementation of a health information technology infrastructure, nationally and locally, that advances the electronic access, exchange, and use of health information. Such Committee shall serve to unify the roles of, and replace, the HIT Policy Committee and the HIT Standards Committee, as in existence before December 13, 2016.

(b) Duties

(1) Recommendations on policy framework to advance an interoperable health information technology infrastructure

(A) In general

The HIT Advisory Committee shall recommend to the National Coordinator a policy framework for adoption by the Secretary consistent with the strategic plan under section 300jj–11(c)(3) of this title for advancing the target areas described in this subsection. Such policy framework shall seek to prioritize achieving advancements in the target areas specified in subparagraph (B) of paragraph (2) and may, to the extent consistent with this section, incorporate policy recommendations made by the HIT Policy Committee, as in existence before December 13, 2016.

(B) Updates

The HIT Advisory Committee shall propose updates to such recommendations to the policy framework and make new recommendations, as appropriate.

(2) General duties and target areas

(A) In general

The HIT Advisory Committee shall recommend to the National Coordinator for purposes of adoption under section 300jj–14 of this title, standards, implementation specifications, and certification criteria and an order of priority for the development, harmonization, and recognition of such standards, specifications, and certification criteria. Such recommendations shall include recommended standards, architectures, and software schemes for access to electronic individually identifiable health information across disparate systems including user vetting, authentication, privilege management, and access control.

(B) Priority target areas

For purposes of this section, the HIT Advisory Committee shall make recommendations under subparagraph (A) with respect to at least each of the following target areas:

(i) Achieving a health information technology infrastructure, nationally and locally, that allows for the electronic access, exchange, and use of health information, including through technology that provides accurate patient information for the correct patient, including exchanging such information, and avoids the duplication of patient records.

(ii) The promotion and protection of privacy and security of health information in health information technology, including technologies that allow for an accounting of disclosures and protections against disclosures of individually identifiable health information made by a covered entity for purposes of treatment, payment, and health care operations (as such terms are defined for purposes of the regulation promulgated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996), including for the segmentation and protection from disclosure of specific and sensitive individually identifiable health information with the goal of minimizing the reluctance of patients to seek care.

(iii) The facilitation of secure access by an individual to such individual's protected health information and access to such information by a family member, caregiver, or guardian acting on behalf of a patient, including due to age-related and other disability, cognitive impairment, or dementia.

(iv) Subject to subparagraph (D), any other target area that the HIT Advisory Committee identifies as an appropriate target area to be considered under this subparagraph.

(C) Additional target areas

For purposes of this section, the HIT Advisory Committee may make recommendations under subparagraph (A), in addition to areas described in subparagraph (B), with respect to any of the following areas:

(i) The use of health information technology to improve the quality of health care, such as by promoting the coordination of health care and improving continuity of health care among health care providers, reducing medical errors, improving population health, reducing chronic disease, and advancing research and education.

(ii) The use of technologies that address the needs of children and other vulnerable populations.

(iii) The use of electronic systems to ensure the comprehensive collection of patient demographic data, including at a minimum, race, ethnicity, primary language, and gender information.

(iv) The use of self-service, telemedicine, home health care, and remote monitoring technologies.

(v) The use of technologies that meet the needs of diverse populations.

(vi) The use of technologies that support—

(I) data for use in quality and public reporting programs;

(II) public health; or

(III) drug safety.


(vii) The use of technologies that allow individually identifiable health information to be rendered unusable, unreadable, or indecipherable to unauthorized individuals when such information is transmitted in a health information network or transported outside of the secure facilities or systems where the disclosing covered entity is responsible for security conditions.

(viii) The use of a certified health information technology for each individual in the United States.

(D) Authority for temporary additional priority target areas

For purposes of subparagraph (B)(iv), the HIT Advisory Committee may identify an area to be considered for purposes of recommendations under this subsection as a target area described in subparagraph (B) if—

(i) the area is so identified for purposes of responding to new circumstances that have arisen in the health information technology community that affect the interoperability, privacy, or security of health information, or affect patient safety; and

(ii) at least 30 days prior to treating such area as if it were a target area described in subparagraph (B), the National Coordinator provides adequate notice to Congress of the intent to treat such area as so described.

(E) Focus of committee work

It is the sense of Congress that the HIT Advisory Committee shall focus its work on the priority areas described in subparagraph (B) before proceeding to other work under subparagraph (C).

(3) Rules relating to recommendations for standards, implementation specifications, and certification criteria

(A) In general

The HIT Advisory Committee shall recommend to the National Coordinator standards, implementation specifications, and certification criteria described in subsection (a), which may include standards, implementation specifications, and certification criteria that have been developed, harmonized, or recognized by the HIT Advisory Committee or predecessor committee. The HIT Advisory Committee shall update such recommendations and make new recommendations as appropriate, including in response to a notification sent under section 300jj–14(a)(2)(B) of this title. Such recommendations shall be consistent with the latest recommendations made by the Committee.

(B) Harmonization

The HIT Advisory Committee may recognize harmonized or updated standards from an entity or entities for the purpose of harmonizing or updating standards and implementation specifications in order to achieve uniform and consistent implementation of the standards and implementation specification.

(C) Pilot testing of standards and implementation specifications

In the development, harmonization, or recognition of standards and implementation specifications, the HIT Advisory Committee for purposes of recommendations under paragraph (2)(B), shall, as appropriate, provide for the testing of such standards and specifications by the National Institute for Standards and Technology under section 17911(a) of this title.

(D) Consistency

The standards, implementation specifications, and certification criteria recommended under paragraph (2)(B) shall be consistent with the standards for information transactions and data elements adopted pursuant to section 1320d–2 of this title.

(E) Special rule related to interoperability

Any recommendation made by the HIT Advisory Committee after December 13, 2016, with respect to interoperability of health information technology shall be consistent with interoperability as described in section 300jj of this title.

(4) Forum

The HIT Advisory Committee shall serve as a forum for the participation of a broad range of stakeholders with specific expertise in policies, including technical expertise, relating to the matters described in paragraphs (1), (2), and (3) to provide input on the development, harmonization, and recognition of standards, implementation specifications, and certification criteria necessary for the development and adoption of health information technology infrastructure nationally and locally that allows for the electronic access, exchange, and use of health information.

(5) Schedule

Not later than 30 days after the date on which the HIT Advisory Committee first meets, such HIT Advisory Committee shall develop a schedule for the assessment of policy recommendations developed under paragraph (1). The HIT Advisory Committee shall update such schedule annually. The Secretary shall publish such schedule in the Federal Register.

(6) Public input

The HIT Advisory Committee shall conduct open public meetings and develop a process to allow for public comment on the schedule described in paragraph (5) and recommendations described in this subsection. Under such process comments shall be submitted in a timely manner after the date of publication of a recommendation under this subsection.

(c) Measured progress in advancing priority areas

(1) In general

For purposes of this section, the National Coordinator, in collaboration with the Secretary, shall establish, and update as appropriate, objectives and benchmarks for advancing and measuring the advancement of the priority target areas described in subsection (b)(2)(B).

(2) Annual progress reports on advancing interoperability

(A) In general

The HIT Advisory Committee, in consultation with the National Coordinator, shall annually submit to the Secretary and Congress a report on the progress made during the preceding fiscal year in—

(i) achieving a health information technology infrastructure, nationally and locally, that allows for the electronic access, exchange, and use of health information; and

(ii) meeting the objectives and benchmarks described in paragraph (1).

(B) Content

Each such report shall include, for a fiscal year—

(i) a description of the work conducted by the HIT Advisory Committee during the preceding fiscal year with respect to the areas described in subsection (b)(2)(B);

(ii) an assessment of the status of the infrastructure described in subparagraph (A), including the extent to which electronic health information is appropriately and readily available to enhance the access, exchange, and the use of electronic health information between users and across technology offered by different developers;

(iii) the extent to which advancements have been achieved with respect to areas described in subsection (b)(2)(B);

(iv) an analysis identifying existing gaps in policies and resources for—

(I) achieving the objectives and benchmarks established under paragraph (1); and

(II) furthering interoperability throughout the health information technology infrastructure;


(v) recommendations for addressing the gaps identified in clause (iii); and

(vi) a description of additional initiatives as the HIT Advisory Committee and National Coordinator determine appropriate.

(3) Significant advancement determination

The Secretary shall periodically, based on the reports submitted under this subsection, review the target areas described in subsection (b)(2)(B), and, based on the objectives and benchmarks established under paragraph (1), the Secretary shall determine if significant advancement has been achieved with respect to such an area. Such determination shall be taken into consideration by the HIT Advisory Committee when determining to what extent the Committee makes recommendations for an area other than an area described in subsection (b)(2)(B).

(d) Membership and operations

(1) In general

The National Coordinator shall take a leading position in the establishment and operations of the HIT Advisory Committee.

(2) Membership

The membership of the HIT Advisory Committee shall—

(A) include at least 25 members, of which—

(i) no fewer than 2 members are advocates for patients or consumers of health information technology;

(ii) 3 members are appointed by the Secretary, 1 of whom shall be appointed to represent the Department of Health and Human Services and 1 of whom shall be a public health official;

(iii) 2 members are appointed by the majority leader of the Senate;

(iv) 2 members are appointed by the minority leader of the Senate;

(v) 2 members are appointed by the Speaker of the House of Representatives;

(vi) 2 members are appointed by the minority leader of the House of Representatives; and

(vii) such other members are appointed by the Comptroller General of the United States; and


(B) at least reflect providers, ancillary health care workers, consumers, purchasers, health plans, health information technology developers, researchers, patients, relevant Federal agencies, and individuals with technical expertise on health care quality, system functions, privacy, security, and on the electronic exchange and use of health information, including the use standards for such activity.

(3) Participation

The members of the HIT Advisory Committee shall represent a balance among various sectors of the health care system so that no single sector unduly influences the recommendations of the Committee.

(4) Terms

(A) In general

The terms of the members of the HIT Advisory Committee shall be for 3 years, except that the Secretary shall designate staggered terms of the members first appointed.

(B) Vacancies

Any member appointed to fill a vacancy in the membership of the HIT Advisory Committee that occurs prior to the expiration of the term for which the member's predecessor was appointed shall be appointed only for the remainder of that term. A member may serve after the expiration of that member's term until a successor has been appointed. A vacancy in the HIT Advisory Committee shall be filled in the manner in which the original appointment was made.

(C) Limits

Members of the HIT Advisory Committee shall be limited to two 3-year terms, for a total of not to exceed 6 years of service on the Committee.

(5) Outside involvement

The HIT Advisory Committee shall ensure an opportunity for the participation in activities of the Committee of outside advisors, including individuals with expertise in the development of policies and standards for the electronic exchange and use of health information, including in the areas of health information privacy and security.

(6) Quorum

A majority of the members of the HIT Advisory Committee shall constitute a quorum for purposes of voting, but a lesser number of members may meet and hold hearings.

(7) Consideration

The National Coordinator shall ensure that the relevant and available recommendations and comments from the National Committee on Vital and Health Statistics are considered in the development of policies.

(8) Assistance

For the purposes of carrying out this section, the Secretary may provide or ensure that financial assistance is provided by the HIT Advisory Committee to defray in whole or in part any membership fees or dues charged by such Committee to those consumer advocacy groups and not-for-profit entities that work in the public interest as a party of their mission.

(e) Application of FACA

The Federal Advisory Committee Act (5 U.S.C. App.), other than section 14 of such Act, shall apply to the HIT Advisory Committee.

(f) Publication

The Secretary shall provide for publication in the Federal Register and the posting on the Internet website of the Office of the National Coordinator for Health Information Technology of all policy recommendations made by the HIT Advisory Committee under this section.

(July 1, 1944, ch. 373, title XXX, §3002, as added Pub. L. 114–255, div. A, title IV, §4003(e)(1), Dec. 13, 2016, 130 Stat. 1168.)

References in Text

Section 264(c) of the Health Insurance Portability and Accountability Act of 1996, referred to in subsec. (b)(2)(B)(ii), is section 264(c) of Pub. L. 104–191, which is set out as a note under section 1320d–2 of this title.

The Federal Advisory Committee Act, referred to in subsec. (e), is Pub. L. 92–463, Oct. 6, 1972, 86 Stat. 770, which is set out in the Appendix to Title 5, Government Organization and Employees.

Prior Provisions

A prior section 300jj–12, act July 1, 1944, ch. 373, title XXX, §3002, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 234, related to the establishment, duties, and membership of the HIT Policy Committee, prior to repeal by Pub. L. 114–255, div. A, title IV, §4003(e)(1), Dec. 13, 2016, 130 Stat. 1168.

Transition to the HIT Advisory Committee

Pub. L. 114–255, div. A, title IV, §4003(e)(3), Dec. 13, 2016, 130 Stat. 1175, provided that: "The Secretary of Health and Human Services shall provide for an orderly and timely transition to the HIT Advisory Committee established under amendments made by this section [enacting this section and section 300jj–13 of this title, amending sections 300jj, 300jj–11, 300jj–14, 300jj–17, 300jj–18, and 300jj–51 of this title, and repealing former sections 300jj–12 and 300jj–13 of this title]."

§300jj–13. Setting priorities for standards adoption

(a) Identifying priorities

(1) In general

Not later than 6 months after the date on which the HIT Advisory Committee first meets, the National Coordinator shall periodically convene the HIT Advisory Committee to—

(A) identify priority uses of health information technology, focusing on priorities—

(i) arising from the implementation of the incentive programs for the meaningful use of certified EHR technology, the Merit-based Incentive Payment System, Alternative Payment Models, the Hospital Value-Based Purchasing Program, and any other value-based payment program determined appropriate by the Secretary;

(ii) related to the quality of patient care;

(iii) related to public health;

(iv) related to clinical research;

(v) related to the privacy and security of electronic health information;

(vi) related to innovation in the field of health information technology;

(vii) related to patient safety;

(viii) related to the usability of health information technology;

(ix) related to individuals' access to electronic health information; and

(x) other priorities determined appropriate by the Secretary;


(B) identify existing standards and implementation specifications that support the use and exchange of electronic health information needed to meet the priorities identified in subparagraph (A); and

(C) publish a report summarizing the findings of the analysis conducted under subparagraphs (A) and (B) and make appropriate recommendations.

(2) Prioritization

In identifying such standards and implementation specifications under paragraph (1)(B), the HIT Advisory Committee shall prioritize standards and implementation specifications developed by consensus-based standards development organizations.

(3) Guidelines for review of existing standards and specifications

In consultation with the consensus-based entity described in section 1395aaa of this title and other appropriate Federal agencies, the analysis of existing standards under paragraph (1)(B) shall include an evaluation of the need for a core set of common data elements and associated value sets to enhance the ability of certified health information technology to capture, use, and exchange structured electronic health information.

(b) Review of adopted standards

(1) In general

Beginning 5 years after December 13, 2016, and every 3 years thereafter, the National Coordinator shall convene stakeholders to review the existing set of adopted standards and implementation specifications and make recommendations with respect to whether to—

(A) maintain the use of such standards and implementation specifications; or

(B) phase out such standards and implementation specifications.

(2) Priorities

The HIT Advisory Committee, in collaboration with the National Institute for Standards and Technology, shall annually and through the use of public input, review and publish priorities for the use of health information technology, standards, and implementation specifications to support those priorities.

(c) Rule of construction

Nothing in this section shall be construed to prevent the use or adoption of novel standards that improve upon the existing health information technology infrastructure and facilitate the secure exchange of health information.

(July 1, 1944, ch. 373, title XXX, §3003, as added Pub. L. 114–255, div. A, title IV, §4003(f), Dec. 13, 2016, 130 Stat. 1175.)

Prior Provisions

A prior section 300jj–13, act July 1, 1944, ch. 373, title XXX, §3003, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 238, related to the establishment, duties, and membership of the HIT Standards Committee, prior to repeal by Pub. L. 114–255, div. A, title IV, §4003(e)(1), Dec. 13, 2016, 130 Stat. 1168.

§300jj–14. Process for adoption of endorsed recommendations; adoption of initial set of standards, implementation specifications, and certification criteria

(a) Process for adoption of endorsed recommendations

(1) Review of endorsed standards, implementation specifications, and certification criteria

Not later than 90 days after the date of receipt of standards, implementation specifications, or certification criteria endorsed under section 300jj–11(c) of this title, the Secretary, in consultation with representatives of other relevant Federal agencies, shall jointly review such standards, implementation specifications, or certification criteria and shall determine whether or not to propose adoption of such standards, implementation specifications, or certification criteria.

(2) Determination to adopt standards, implementation specifications, and certification criteria

If the Secretary determines—

(A) to propose adoption of any grouping of such standards, implementation specifications, or certification criteria, the Secretary shall, by regulation under section 553 of title 5, determine whether or not to adopt such grouping of standards, implementation specifications, or certification criteria; or

(B) not to propose adoption of any grouping of standards, implementation specifications, or certification criteria, the Secretary shall notify the National Coordinator and the HIT Advisory Committee in writing of such determination and the reasons for not proposing the adoption of such recommendation.

(3) Publication

The Secretary shall provide for publication in the Federal Register of all determinations made by the Secretary under paragraph (1).

(b) Adoption of standards, implementation specifications, and certification criteria

(1) In general

Not later than December 31, 2009, the Secretary shall, through the rulemaking process consistent with subsection (a)(2)(A), adopt an initial set of standards, implementation specifications, and certification criteria for the areas required for consideration under section 300jj–12(b)(2)(B) 1 of this title. The rulemaking for the initial set of standards, implementation specifications, and certification criteria may be issued on an interim, final basis.

(2) Application of current standards, implementation specifications, and certification criteria

The standards, implementation specifications, and certification criteria adopted before February 17, 2009, through the process existing through the Office of the National Coordinator for Health Information Technology may be applied towards meeting the requirement of paragraph (1).

(3) Subsequent standards activity

The Secretary shall adopt additional standards, implementation specifications, and certification criteria as necessary and consistent with the schedule published under section 300jj–12(b)(4) of this title.

(c) Deference to standards development organizations

In adopting and implementing standards under this section, the Secretary shall give deference to standards published by standards development organizations and voluntary consensus-based standards bodies.

(July 1, 1944, ch. 373, title XXX, §3004, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 240; amended Pub. L. 114–255, div. A, title IV, §4003(d), (e)(2)(A)(i), (D), Dec. 13, 2016, 130 Stat. 1168, 1174, 1175.)

References in Text

Section 300jj–12(b)(2)(B) of this title, referred to in subsec. (b)(1), related to areas of health information technology required to be considered by the HIT Policy Committee and was repealed by Pub. L. 114–255, div. A, title IV, §4003(e)(1), Dec. 13, 2016, 130 Stat. 1168.

Amendments

2016—Subsec. (a)(2)(B). Pub. L. 114–255, §4003(e)(2)(A)(i), substituted "HIT Advisory Committee" for "HIT Standards Committee".

Subsec. (b)(3). Pub. L. 114–255, §4003(e)(2)(D), substituted "300jj–12(b)(4)" for "300jj–13(b)(2)".

Subsec. (c). Pub. L. 114–255, §4003(d), added subsec. (c).

Leveraging Electronic Health Records To Improve Patient Care

Pub. L. 114–255, div. A, title IV, §4005, Dec. 13, 2016, 130 Stat. 1180, provided that:

"(a) Requirement Relating to Registries.—

"(1) In general.—To be certified in accordance with title XXX of the Public Health Service Act (42 U.S.C. 300jj et seq.), electronic health records shall be capable of transmitting to, and where applicable, receiving and accepting data from, registries in accordance with standards recognized by the Office of the National Coordinator for Health Information Technology, including clinician-led clinical data registries, that are also certified to be technically capable of receiving and accepting from, and where applicable, transmitting data to certified electronic health record technology in accordance with such standards.

"(2) Rule of construction.—Nothing in this subsection shall be construed to require the certification of registries beyond the technical capability to exchange data in accordance with applicable recognized standards.

"(b) Definition.—For purposes of this Act [see Tables for classification], the term 'clinician-led clinical data registry' means a clinical data repository—

"(1) that is established and operated by a clinician-led or controlled, tax-exempt (pursuant to section 501(c) of the Internal Revenue Code of 1986 [26 U.S.C. 501(c)]), professional society or other similar clinician-led or -controlled organization, or such organization's controlled affiliate, devoted to the care of a population defined by a particular disease, condition, exposure or therapy;

"(2) that is designed to collect detailed, standardized data on an ongoing basis for medical procedures, services, or therapies for particular diseases, conditions, or exposures;

"(3) that provides feedback to participants who submit reports to the repository;

"(4) that meets standards for data quality including—

"(A) systematically collecting clinical and other health care data, using standardized data elements and having procedures in place to verify the completeness and validity of those data; and

"(B) being subject to regular data checks or audits to verify completeness and validity; and

"(5) that provides ongoing participant training and support.

"(c) Treatment of Health Information Technology Developers With Respect to Patient Safety Organizations.—

"(1) In general.—In applying part C of title IX of the Public Health Service Act (42 U.S.C. 299b–21 et seq.), a health information technology developer shall be treated as a provider (as defined in section 921 of such Act [42 U.S.C. 299b–21]) for purposes of reporting and conducting patient safety activities concerning improving clinical care through the use of health information technology that could result in improved patient safety, health care quality, or health care outcomes.

"(2) Report.—Not later than 4 years after the date of enactment of this Act [Dec. 13, 2016], the Secretary of Health and Human Services shall submit to the Committee on Health, Education, Labor, and Pensions of the Senate and the Committee on Energy and Commerce of the House of Representatives, a report concerning best practices and current trends voluntarily provided, without identifying individual providers or disclosing or using protected health information or individually identifiable information, by patient safety organizations to improve the integration of health information technology into clinical practice."

1 See References in Text note below.

§300jj–15. Application and use of adopted standards and implementation specifications by Federal agencies

For requirements relating to the application and use by Federal agencies of the standards and implementation specifications adopted under section 300jj–14 of this title, see section 17901 of this title.

(July 1, 1944, ch. 373, title XXX, §3005, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 241.)

§300jj–16. Voluntary application and use of adopted standards and implementation specifications by private entities

(a) In general

Except as provided under section 13112 of the HITECH Act [42 U.S.C. 17902], nothing in such Act or in the amendments made by such Act shall be construed—

(1) to require a private entity to adopt or comply with a standard or implementation specification adopted under section 300jj–14 of this title; or

(2) to provide a Federal agency authority, other than the authority such agency may have under other provisions of law, to require a private entity to comply with such a standard or implementation specification.

(b) Rule of construction

Nothing in this part shall be construed to require that a private entity that enters into a contract with the Federal Government apply or use the standards and implementation specifications adopted under section 300jj–14 of this title with respect to activities not related to the contract.

(July 1, 1944, ch. 373, title XXX, §3006, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 241.)

References in Text

The HITECH Act, referred to in subsec. (a), is title XIII of div. A and title IV of div. B of Pub. L. 111–5, Feb. 17, 2009, 123 Stat. 226, 467, also known as the Health Information Technology for Economic and Clinical Health Act. For complete classification of this Act to the Code, see Short Title of 2009 Amendment note set out under section 201 of this title and Tables.

§300jj–17. Federal health information technology

(a) In general

The National Coordinator shall support the development and routine updating of qualified electronic health record technology (as defined in section 300jj of this title) consistent with subsections (b) and (c) and make available such qualified electronic health record technology unless the Secretary determines through an assessment that the needs and demands of providers are being substantially and adequately met through the marketplace.

(b) Certification

In making such electronic health record technology publicly available, the National Coordinator shall ensure that the qualified electronic health record technology described in subsection (a) is certified under the program developed under section 300jj–11(c)(3) of this title to be in compliance with applicable standards adopted under section 300jj–12(a)(2) 1 of this title.

(c) Authorization to charge a nominal fee

The National Coordinator may impose a nominal fee for the adoption by a health care provider of the health information technology system developed or approved under subsection 2 (a) and (b). Such fee shall take into account the financial circumstances of smaller providers, low income providers, and providers located in rural or other medically underserved areas.

(d) Rule of construction

Nothing in this section shall be construed to require that a private or government entity adopt or use the technology provided under this section.

(July 1, 1944, ch. 373, title XXX, §3007, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 241; amended Pub. L. 114–255, div. A, title IV, §4003(e)(2)(E), Dec. 13, 2016, 130 Stat. 1175.)

Amendments

2016—Subsec. (b). Pub. L. 114–255 substituted "300jj–12(a)(2)" for "300jj–13(a)".

1 So in original. No par. (2) of section 300jj–12(a) has been enacted.

2 So in original. Probably should be "subsections".

§300jj–18. Transitions

(a) ONCHIT

To the extent consistent with section 300jj–11 of this title, all functions, personnel, assets, liabilities, and administrative actions applicable to the National Coordinator for Health Information Technology appointed under Executive Order No. 13335 or the Office of such National Coordinator on the date before February 17, 2009, shall be transferred to the National Coordinator appointed under section 300jj–11(a) of this title and the Office of such National Coordinator as of February 17, 2009.

(b) National eHealth Collaborative

Nothing in sections 1 300jj–12 of this title or this subsection shall be construed as prohibiting the AHIC Successor, Inc. doing business as the National eHealth Collaborative from modifying its charter, duties, membership, and any other structure or function required to be consistent with section 2 300jj–12 and 300jj–13 3 of this title so as to allow the Secretary to recognize such AHIC Successor, Inc. as the HIT Advisory Committee.

(c) Consistency of recommendations

In carrying out section 300jj–12(b)(2) of this title, until recommendations are made by the HIT Advisory Committee,4 recommendations of the HIT Advisory Committee 4 shall be consistent with the most recent recommendations made by such AHIC Successor, Inc.

(July 1, 1944, ch. 373, title XXX, §3008, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 241; amended Pub. L. 114–255, div. A, title IV, §4003(e)(2)(A)(i), (iii), (F), Dec. 13, 2016, 130 Stat. 1174, 1175.)

References in Text

Executive Order No. 13335, referred to in subsec. (a), is set out as a note under section 300u of this title.

Section 300jj–13 of this title, referred to in subsec. (b), was repealed, and a new section 300jj–13 was enacted by Pub. L. 114–255, div. A, title IV, §4003(e)(1), (f), Dec. 13, 2016, 130 Stat. 1168, 1175.

Amendments

2016—Subsec. (b). Pub. L. 114–255, §4003(e)(2)(F)(i), struck out "or 300jj–13" after "Nothing in sections 300jj–12".

Pub. L. 114–255, §4003(e)(2)(A)(iii), substituted "HIT Advisory Committee" for "HIT Policy Committee or the HIT Standards Committee".

Subsec. (c). Pub. L. 114–255, §4003(e)(2)(F)(ii), substituted "300jj–12(b)(2)" for "300jj–13(b)(1)(A)".

Pub. L. 114–255, §4003(e)(2)(A)(i), substituted "HIT Advisory Committee" for "HIT Policy Committee" after "recommendations are made by the" and "HIT Advisory Committee" for "HIT Standards Committee" after "recommendations of the". See section 300jj–12(a) of this title.

1 So in original. Probably should be "section".

2 So in original. Probably should be "sections".

3 See References in Text note below.

4 So in original. See 2016 Amendment note below.

§300jj–19. Miscellaneous provisions

(a) Relation to HIPAA privacy and security law

(1) In general

With respect to the relation of this subchapter to HIPAA privacy and security law:

(A) This subchapter may not be construed as having any effect on the authorities of the Secretary under HIPAA privacy and security law.

(B) The purposes of this subchapter include ensuring that the health information technology standards and implementation specifications adopted under section 300jj–14 of this title take into account the requirements of HIPAA privacy and security law.

(2) Definition

For purposes of this section, the term "HIPAA privacy and security law" means—

(A) the provisions of part C of title XI of the Social Security Act [42 U.S.C. 1320d et seq.], section 264 of the Health Insurance Portability and Accountability Act of 1996, and subtitle D of title IV 1 of the Health Information Technology for Economic and Clinical Health Act; and

(B) regulations under such provisions.

(b) Flexibility

In administering the provisions of this subchapter, the Secretary shall have flexibility in applying the definition of health care provider under section 300jj(3) of this title, including the authority to omit certain entities listed in such definition when applying such definition under this subchapter, where appropriate.

(c) Promoting patient access to electronic health information through health information exchanges

(1) In general

The Secretary shall use existing authorities to encourage partnerships between health information exchange organizations and networks and health care providers, health plans, and other appropriate entities with the goal of offering patients access to their electronic health information in a single, longitudinal format that is easy to understand, secure, and may be updated automatically.

(2) Education of providers

The Secretary, in coordination with the Office for Civil Rights of the Department of Health and Human Services, shall—

(A) educate health care providers on ways of leveraging the capabilities of health information exchanges (or other relevant platforms) to provide patients with access to their electronic health information;

(B) clarify misunderstandings by health care providers about using health information exchanges (or other relevant platforms) for patient access to electronic health information; and

(C) to the extent practicable, educate providers about health information exchanges (or other relevant platforms) that employ some or all of the capabilities described in paragraph (1).

(3) Requirements

In carrying out paragraph (1), the Secretary, in coordination with the Office for Civil Rights, shall issue guidance to health information exchanges related to best practices to ensure that the electronic health information provided to patients is—

(A) private and secure;

(B) accurate;

(C) verifiable; and

(D) where a patient's authorization to exchange information is required by law, easily exchanged pursuant to such authorization.

(4) Rule of construction

Nothing in this subsection shall be construed to preempt State laws applicable to patient consent for the access of information through a health information exchange (or other relevant platform) that provide protections to patients that are greater than the protections otherwise provided for under applicable Federal law.

(d) Efforts to promote access to health information

The National Coordinator and the Office for Civil Rights of the Department of Health and Human Services shall jointly promote patient access to health information in a manner that would ensure that such information is available in a form convenient for the patient, in a reasonable manner, without burdening the health care provider involved.

(e) Accessibility of patient records

(1) Accessibility and updating of information

(A) In general

The Secretary, in consultation with the National Coordinator, shall promote policies that ensure that a patient's electronic health information is accessible to that patient and the patient's designees, in a manner that facilitates communication with the patient's health care providers and other individuals, including researchers, consistent with such patient's consent.

(B) Updating education on accessing and exchanging personal health information

To promote awareness that an individual has a right of access to inspect, obtain a copy of, and transmit to a third party a copy of such individual's protected health information pursuant to the Health Information Portability and Accountability Act, Privacy Rule (subpart E of part 164 of title 45, Code of Federal Regulations), the Director of the Office for Civil Rights, in consultation with the National Coordinator, shall assist individuals and health care providers in understanding a patient's rights to access and protect personal health information under the Health Insurance Portability and Accountability Act of 1996 (Public Law 104–191), including providing best practices for requesting personal health information in a computable format, including using patient portals or third-party applications and common cases when a provider is permitted to exchange and provide access to health information.".2

(2) Certifying usability for patients

In carrying out certification programs under section 300jj–11(c)(5) of this title, the National Coordinator may require that—

(A) the certification criteria support—

(i) patient access to their electronic health information, including in a single longitudinal format that is easy to understand, secure, and may be updated automatically;

(ii) the patient's ability to electronically communicate patient-reported information (such as family history and medical history); and

(iii) patient access to their personal electronic health information for research at the option of the patient; and


(B) the HIT Advisory Committee develop and prioritize standards, implementation specifications, and certification criteria required to help support patient access to electronic health information, patient usability, and support for technologies that offer patients access to their electronic health information in a single, longitudinal format that is easy to understand, secure, and may be updated automatically.

(July 1, 1944, ch. 373, title XXX, §3009, as added Pub. L. 111–5, div. A, title XIII, §13101, Feb. 17, 2009, 123 Stat. 242; amended Pub. L. 114–255, div. A, title IV, §4006(a), Dec. 13, 2016, 130 Stat. 1181.)

References in Text

The Social Security Act, referred to in subsec. (a)(2)(A), is act Aug. 14, 1935, ch. 531, 49 Stat. 620. Part C of title XI of the Act is classified generally to part C (§1320d et seq.) of subchapter XI of chapter 7 of this title. For complete classification of this Act to the Code, see section 1305 of this title and Tables.

The Health Insurance Portability and Accountability Act of 1996, referred to in subsecs. (a)(2)(A) and (e)(1)(B), is Pub. L. 104–191, Aug. 21, 1996, 110 Stat. 1936. Section 264 of the Act is set out as a note under section 1320d–2 of this title. For complete classification of this Act to the Code, see Short Title of 1996 Amendments note set out under section 201 of this title and Tables.

The Health Information Technology for Economic and Clinical Health Act, referred to in subsec. (a)(2)(A), is title XIII of div. A and title IV of div. B of Pub. L. 111–5, Feb. 17, 2009, 123 Stat. 226, 467, also known as the HITECH Act. Subtitle D of title IV of the Act probably means subtitle D of title XIII of div. A of the Act, which is classified generally to subchapter III (§17921 et seq.) of chapter 156 of this title. Title IV of div. B of the Act does not contain a subtitle D. For complete classification of this Act to the Code, see Short Title of 2009 Amendment note set out under section 201 of this title and Tables.

Amendments

2016—Subsecs. (c) to (e). Pub. L. 114–255 added subsecs. (c) to (e).

1 See References in Text note below.

2 So in original.

§300jj–19a. Electronic health record reporting program

(a) Reporting criteria

(1) Convening of stakeholders

Not later than 1 year after December 13, 2016, the Secretary shall convene stakeholders, as described in paragraph (2), for the purpose of developing the reporting criteria in accordance with paragraph (3).

(2) Development of reporting criteria

The reporting criteria under this subsection shall be developed through a public, transparent process that reflects input from relevant stakeholders, including—

(A) health care providers, including primary care and specialty care health care professionals;

(B) hospitals and hospital systems;

(C) health information technology developers;

(D) patients, consumers, and their advocates;

(E) data sharing networks, such as health information exchanges;

(F) authorized certification bodies and testing laboratories;

(G) security experts;

(H) relevant manufacturers of medical devices;

(I) experts in health information technology market economics;

(J) public and private entities engaged in the evaluation of health information technology performance;

(K) quality organizations, including the consensus based entity described in section 1395aaa of this title;

(L) experts in human factors engineering and the measurement of user-centered design; and

(M) other entities or individuals, as the Secretary determines appropriate.

(3) Considerations for reporting criteria

The reporting criteria developed under this subsection—

(A) shall include measures that reflect categories including—

(i) security;

(ii) usability and user-centered design;

(iii) interoperability;

(iv) conformance to certification testing; and

(v) other categories, as appropriate to measure the performance of electronic health record technology;


(B) may include categories such as—

(i) enabling the user to order and view the results of laboratory tests, imaging tests, and other diagnostic tests;

(ii) submitting, editing, and retrieving data from registries such as clinician-led clinical data registries;

(iii) accessing and exchanging information and data from and through health information exchanges;

(iv) accessing and exchanging information and data from medical devices;

(v) accessing and exchanging information and data held by Federal, State, and local agencies and other applicable entities useful to a health care provider or other applicable user in the furtherance of patient care;

(vi) accessing and exchanging information from other health care providers or applicable users;

(vii) accessing and exchanging patient generated information;

(viii) providing the patient or an authorized designee with a complete copy of their health information from an electronic record in a computable format;

(ix) providing accurate patient information for the correct patient, including exchanging such information, and avoiding the duplication of patients records; and

(x) other categories regarding performance, accessibility,1 as the Secretary determines appropriate; and


(C) shall be designed to ensure that small and startup health information technology developers are not unduly disadvantaged by the reporting criteria.

(4) Modifications

After the reporting criteria have been developed under paragraph (3), the Secretary may convene stakeholders and conduct a public comment period for the purpose of modifying the reporting criteria developed under such paragraph.

(b) Participation

As a condition of maintaining certification under section 300jj–11(c)(5)(D) of this title, a developer of certified electronic health records shall submit to an appropriate recipient of a grant, contract, or agreement under subsection (c)(1) responses to the criteria developed under subsection (a), with respect to all certified technology offered by such developer.

(c) Reporting program

(1) In general

Not later than 1 year after December 13, 2016, the Secretary shall award grants, contracts, or agreements to independent entities on a competitive basis to support the convening of stakeholders as described in subsection (a)(2), collect the information required to be reported in accordance with the criteria established as described subsection (a)(3), and develop and implement a process in accordance with paragraph (5) and report such information to the Secretary.

(2) Applications

An independent entity that seeks a grant, contract, or agreement under this subsection shall submit an application to the Secretary at such time, in such manner, and containing such information as the Secretary may reasonably require, including a description of—

(A) the proposed method for reviewing and summarizing information gathered based on reporting criteria established under subsection (a);

(B) if applicable, the intended focus on a specific subset of certified electronic health record technology users, such as health care providers, including primary care, specialty care, and care provided in rural settings; hospitals and hospital systems; and patients, consumers, and patients and consumer advocates;

(C) the plan for widely distributing reports described in paragraph (6);

(D) the period for which the grant, contract, or agreement is requested, which may be up to 2 years; and

(E) the budget for reporting program participation, and whether the eligible independent entity intends to continue participation after the period of the grant, contract, or agreement.

(3) Considerations for independent entities

In awarding grants, contracts, and agreements under paragraph (1), the Secretary shall give priority to independent entities with appropriate expertise in health information technology usability, interoperability, and security (especially entities with such expertise in electronic health records) with respect to—

(A) health care providers, including primary care, specialty care, and care provided in rural settings;

(B) hospitals and hospital systems; and

(C) patients, consumers, and patient and consumer advocates.

(4) Limitations

(A) Assessment and redetermination

Not later than 4 years after December 13, 2016, and every 2 years thereafter, the Secretary, in consultation with stakeholders, shall—

(i) assess performance of the recipients of the grants, contracts, and agreements under paragraph (1) based on quality and usability of reports described in paragraph (6); and

(ii) re-determine grants, contracts, and agreements as necessary.

(B) Prohibitions on participation

The Secretary may not award a grant, contract, or cooperative agreement under paragraph (1) to—

(i) a proprietor of certified health information technology or a business affiliate of such a proprietor;

(ii) a developer of certified health information technology; or

(iii) a State or local government agency.

(5) Feedback

Based on reporting criteria established under subsection (a), the recipients of grants, contracts, and agreements under paragraph (1) shall develop and implement a process to collect and verify confidential feedback on such criteria from—

(A) health care providers, patients, and other users of certified electronic health record technology; and

(B) developers of certified electronic health record technology.

(6) Reports

(A) Development of reports

Each recipient of a grant, contract, or agreement under paragraph (1) shall report on the information reported to such recipient pursuant to subsection (a) and the user feedback collected under paragraph (5) by preparing summary reports and detailed reports of such information.

(B) Distribution of reports

Each recipient of a grant, contract, or agreement under paragraph (1) shall submit the reports prepared under subparagraph (A) to the Secretary for public distribution in accordance with subsection (d).

(d) Publication

The Secretary shall distribute widely, as appropriate, and publish, on the Internet website of the Office of the National Coordinator—

(1) the reporting criteria developed under subsection (a); and

(2) the summary and detailed reports under subsection (c)(6).

(e) Review

Each recipient of a grant, contract, or agreement under paragraph (1) shall develop and implement a process through which participating electronic health record technology developers may review and recommend changes to the reports created under subsection (c)(6) for products developed by such developer prior to the publication of such report under subsection (d).

(f) Additional resources

The Secretary may provide additional resources on the Internet website of the Office of the National Coordinator to better inform consumers of health information technology. Such reports may be carried out through partnerships with private organizations with appropriate expertise.

(July 1, 1944, ch. 373, title XXX, §3009A, as added Pub. L. 114–255, div. A, title IV, §4002(c), Dec. 13, 2016, 130 Stat. 1161.)

1 So in original. Probably should be "performance or accessibility,".