Skip to content

Discerning Data

  • About Us
  • Additional Resources
  • Contact Us

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

  • Privacy
  • Cybersecurity
  • Data Strategy
  • Disruptionware

What Is the Information Blocking Rule? – Faegre Drinker on Law and Technology Podcast

Share

Want to better understand what the Office of the National Coordinator for Health IT’s (ONC) Information Blocking Rule (IBR) is, how it works and why we need it? In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Faegre Drinker partners Jeff Ganiban and Doriann Cain, and associate Alex Eschenroeder to discuss all things IBR.

Expected in September 2022, the final draft of the HHS Office of Inspector General’s (OIG) first IBR enforcement rule is aimed at two of the three actor types defined in the IBR: Health IT Developers of Certified Health IT and Health Information Networks / Health Information Exchanges. Under the Cures Act, each IBR violation by a Health IT Developer of Certified Health IT or Health Information Network / Health Information Exchange would be subject to penalties of up to $1 million. The expected rule will establish how the OIG intends to assess and enforce these penalties. (Unfortunately, there is still no guidance on when we can expect a rule regarding the penalties that will apply to IBR violations by Health Care Providers.)

The conversation tackles a number of questions, including:

  • Starting at the beginning, what is the point of the Information Blocking Rule?
  • What actually constitutes “Electronic Health Information” and how does it apply to the IBR?
  • What constitutes a technical “violation” of the IBR and how will people in the health care field know if they are inadvertently violating the IBR?
  • What are some of the legal exceptions to the implementation of the IBR, and why were these exceptions carved out?
  • How does the IBR intersect and work with the HIPAA rules?
  • As the IBR deals with Electronic Health Information, what happens and how does the IBR come into play if a patient wants their entire medical record?

The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

About the Author: Jason G. Weiss

Jason G. Weiss leverages a past career as a cybersecurity and computer forensics Supervisory Special Agent with more than 22 years of decorated service at the FBI to guide clients through the complex and high-stakes issues associated with cybersecurity incident preparedness and response and compliance. View Jason's full bio on the Faegre Drinker website.

About the Author: Jeffrey T. Ganiban

Jeffrey Ganiban is a leading health care attorney and skilled negotiator who helps large hospital and health care systems extract maximum value and generate improved financial performance from technology acquisitions and agreements. Over the past 30 years, Jeff has more than 100 health industry clients across the country and abroad on acquiring technology, negotiating strategic relationships with technology vendors, and leveraging technology to generate revenue and further growth, integration and alignment initiatives.

About the Author: Doriann H. Cain

Doriann Cain works with clients to enhance their privacy and cybersecurity practices from compliance to incident response. Doriann’s experience includes advising clients on a variety of privacy and security laws, including the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and state breach notification statutes.

About the Author: Alex Eschenroeder

Alex Eschenroeder partners with health care stakeholders to manage the legal, regulatory and policy issues that impact their respective organizations. A research consultant for federal clients at a health care consulting firm based in the Washington, D.C., area before entering law school, Alex brings a strong understanding of the health care regulatory and policy landscape to every client engagement.

Receive Email Alerts to New Articles

SUBSCRIBE

August 25, 2022
Written by: Jason G. Weiss, Jeffrey T. Ganiban, Doriann H. Cain and Alex Eschenroeder
Category: Cybersecurity, Disruptionware, Health Care, Podcast

Post navigation

Previous Previous post: FTC Signals Intention to Move Forward to Adopt New Privacy Rules in the Absence of Federal Legislation
Next Next post: AI Regulation in the U.K. — New Government Approach

Search the Blog

Sign Up for Email Alerts

PODCASTS

Faegre Drinker on Law and Technology

©2023 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

  • About Us
  • Additional Resources
  • Contact Us
We use cookies to improve your experience with our website. By browsing our site, you are agreeing to the use of cookies. For more information about how we use cookies, please review our privacy policy and cookie policy. OK
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT