The EHR has evolved as the result of various influences across academia, industry, and government. Existing and emerging health IT legislation has driven significant EHR adoption, regulation, and optimization. In this section, we describe the historical progression of legislation and regulations that affect diagnostic documentation, tracing its evolution from early initiatives to contemporary federal regulations.
This review includes:
- The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.15,i
- Section 618 of the Food and Drug Administration Safety and Innovation Act (FDASIA) of 2012.16
- The 21st Century Cures Act of 2016.17
- Regulation CMS-1693-F from the Centers for Medicare & Medicaid Services (CMS) in 2021.18
Collectively, these laws and regulations promote implementation and use of the EHR. They also represent an evolution in understanding the emerging sociotechnical challenges and complexities healthcare organizations face in implementing regulations effectively, facilitating or limiting the potential benefits of health IT. Regulations affect diagnostic documentation by promoting standardization, interoperability, and patient engagement, thereby potentially enhancing diagnostic safety.
The HITECH Act, part of the American Recovery and Reinvestment Act,19 provided incentives to stimulate “meaningful use” of the EHR through adoption by healthcare systems and individual care providers, infrastructure development, and improvements in healthcare delivery.15 As a result of HITECH and associated efforts, health IT has revolutionized how care is delivered, but evidence is mixed on hospital productivity, physician productivity, and quality improvement.20-22
FDASIA expanded the FDA’s authority to protect and advance public health through changes in the drug and device review process, promoting innovation, increasing stakeholder involvement, and enhancing safety.16 Specifically, Section 618 directed multiple federal agencies, including the FDA, Office of the National Coordinator for Health Information Technology (ONC), and the Federal Communications Commission to develop a proposed strategy and recommendations for an appropriate risk-based regulatory framework for health IT.
The regulatory framework proposed through FDASIA was an important first step in identifying the types of risks posed by health IT that impact patient safety. Data capture and EHR documentation were identified as key health management functions and categorized as clinical software.
The 21st Century Cures Act included a number of provisions specific to interoperability, health information exchange, and improvements to the EHR.17 The ONC’s Cures Act Final Rule,23 created based on the 21st Century Cures Act, focused on healthcare systems and clinical practices, healthcare providers, technology developers, and patients.
Compared with previous legislation, the 21st Century Cures Act includes multiple components that directly impact documentation integrity. The rule finalizes modifications to the 2015 health IT certification criteria to advance interoperability, enhance health IT certification, and reduce burden and costs. The final rule also added criteria to make patient’s electronic data more accessible via a third-party app (e.g., Apple Health Kit). Patient access is required to be free of charge and include progress notes prepared by the clinical team. Early research indicates that the OpenNotes initiative, engaging patients through shared clinical notes, increases organizational transparency and patient engagement.24
Lastly, in addition to recommendations on EHR certification and interoperability, the legislation allows physicians to officially delegate EHR documentation to a scribe who is not a physician as long as the physician reviews, verifies, and signs the documentation. The 21st Century Cures Act ultimately prioritizes ease of access to records and the transparency of clinical notes to patients and other care providers.
On January 1, 2021, CMS changed the requirements for outpatient evaluation and management (E/M) coding, including eliminating history and physical examination documentation.18 This rule (CMS-1693-F) introduced significant revisions to the documentation requirements for E/M services, particularly for office/outpatient visits. Instead of relying on comprehensive documentation of history, examination, and medical decision making (the traditional three key components), CMS allowed healthcare providers to choose between two documentation options for E/M office visits.
With the first documentation option, providers could base code selection primarily on the complexity of medical decision making involved in patient care (medical decision making). With the second, providers could choose an E/M code based on total time spent with the patient, including face-to-face and non-face-to-face time on the date of the encounter (time-based documentation). The goal of the rule was to reduce administrative burden, improve flexibility for healthcare providers, and focus more on patient care rather than documentation requirements.
Recent studies have found small reductions in documentation time following these coding requirements but the magnitude of reduction was modest and not clinically meaningful.25,26 Authors of these studies suggest that even if total documentation time is not dramatically reduced, the new requirements could reduce physicians’ cognitive burdenii and improve their work experience.26,27
Multiple federal and state laws and regulations govern nearly every facet of medical records, including content, security, retention, access, and disposal. These include the Health Insurance Portability and Accountability Act,28 Medicare Access and CHIP Reauthorization (MACRA),29 and Merit-Based Incentive Payment System (MIPS).30
To meet MIPS requirements, clinicians often need to ensure that their EHR documentation accurately captures relevant data points for reporting purposes. Compliance may involve implementing structured documentation templates, using CDS tools, and optimizing EHR workflows to facilitate data capture and reporting.
In addition, MACRA’s emphasis on interoperability encourages the exchange of health information between different healthcare providers, necessitating EHR systems to support seamless data sharing and integration. Collectively, the evolution of EHR regulations contributes to diagnostic safety with considerations of privacy, security, interoperability, standardization, quality reporting, performance metrics, billing, coding accuracy, clinical decision making, and care coordination.
i. More information on this legislation is available from the Office of the National Coordinator for Health Information Technology at https://www.healthit.gov/topic/laws-regulation-and-policy/health-it-legislation.
ii. More information on cognitive burden is available in Issue Brief 17: Cognitive Load Theory and Its Impact on Diagnostic Accuracy at https://www.ahrq.gov/diagnostic-safety/resources/issue-briefs/dxsafety-cognitive-load.html.
