In a landmark move, federal agencies recently finalized first-time transparency requirements for artificial intelligence (AI) used in health care in a new rule that also includes updates to certification requirements, information blocking, and electronic health information exchange.
The Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) final rule posted to the Federal Register Jan. 9 requires developers of certified health information technology (IT) to conduct risk management for all AI algorithms in their health IT modules.
Starting Jan. 1, developers also must submit to the Department of Health and Human Services’ (HHS’) Office of the National Coordinator for Health Information Technology (ONC) how their data is acquired, managed, and used, as well as what tasks they undertake to alleviate risk, to meet initial and ongoing certification requirements.
As part of these requirements, developers must disclose whether their modules have undergone external testing, including third-party audits. ONC says this is to help physicians determine if an AI system is fair, appropriate, valid, effective, and safe – or FAVES.
Texas Medical Association staff are still combing through the final rule and comparing it with comments TMA submitted to ONC on Jun. 20, 2023.
The AI portion of the rule seems to align with TMA’s artificial and augmented intelligence policy adopted in 2022, says Shannon Vogel, associate vice president of health information technology. TMA policy supports the use of AI when “used appropriately to support physician decision-making, enhance patient care, and improve public health.”
TMA expects more AI regulations following a November 2023 executive order by President Joe Biden that asked HHS to develop a regulatory action plan for AI technology used in health care settings.
The final rule also revised certain information-blocking definitions to clarify that physicians who self-develop health IT will not be considered a “developer” if they do not offer the IT to others. These changes were made to encourage a “secure, efficient, standards-based exchange of electronic health information,” per ONC.
The HTI-1 final rule also established a new exception for physicians who fulfill a request for electronic health information (EHI) through the Trusted Exchange Framework and Common Agreement (TEFCA). When both a clinician and requestor are connected through TEFCA, limiting information exchange will not be considered information blocking when:
- Access, exchange, or use of the requested EHI can be supported via TEFCA for both the clinician and requestor;
- The request for access, exchange, or use is not via the application programming interface standards adopted under the ONC Health IT Certification Program; and
- Any fees charged and any licensing of interoperability elements by the clinician in relation to fulfilling the request via TEFCA satisfy ONC’s fees and licensing exceptions.
Additionally, the HTI-1 rule also establishes new interoperability reporting metrics for health IT, including implementation of a 21st Century Cures Act requirement for developers to report certain metrics as part of their participation in the ONC certification program.
These metrics will “give more insight into how certified health IT is used in support of care delivery,” ONC says.
“This rule creates more transparency on what vendors are doing,” Ms. Vogel said. “Hopefully physicians start to notice favorable, incremental changes in the EHRs (electronic health records) they use.”
TMA CME is here to help physicians understand how AI is being integrated into health care. For more information about office technologies, visit TMA’s Health Information Technology webpage.
Alisa Pierce
Reporter, Division of Communications and Marketing
(512) 370-1469