The 21st Century Cures Act Final Rule & What it Means for Developers

Updated: Apr 23, 2020


Last week, the ONC published two final rules. Here we focus on the 21st Century Cures Act Final Rule and its implications for EHR vendors. The big headline for this Final Rule should be “ONC Embraces the FHIR Standard”. 2015 Edition CEHRT and the whole certification process will undergo substantial changes. This blog will focus on the certification requirements and timeline. We’ll address some other aspects: The “information blocking” provisions, the voluntary pediatric certification, and the payer API provisions in future blogs.

Some highlights:

  • US Code Data for Interoperability (USCDI) Version 1 replaces the “Common Clinical Data Set”

  • Fast Health Interoperability Resources (FHIR) 4.01 now required for API, so 170.315(g)(8) will be replaced by 170.315(g)(10).

  • “Electronic Health Information (EHI) export” in 170.315(b)(10) replaces 170.315(b)(6).

  • Multi-factor authentication is now required (with some exceptions).

There’s actually some good news for EHR