A “gentle reminder” from the OIG on EHR Safe Harbor Protection and “Information Blocking”


Do not say you have not been warned.

Friendly “donor institution” provides new software and IT to an existing referral source. Assuming the arrangement is done correctly, the electronic record safe harbor protects the arrangement from the OIG’s anti-kickback statute’s scrutiny because the donation of IT has been undertaken ( to quote the regulations directly) “to protect beneficial arrangements that would eliminate perceived barriers to the adoption of EHR without undue risk that the arrangements might be used to induce or reward the generation of federal health program business.” 71 FR 45111 (Aug. 8, 2006).

So, everything and everyone is safe . . . until someone in the donee’s IT department realizes that there appears to be restricted (or at least limited) interoperability with other EHR systems that the donee employs.  The donee’s IT staff does a little investigating and discovers that the donated software has restricted interoperability with other systems “due to action taken by the donor or on the donor’s behalf.”

As a result, no safe harbor protection exists, and the donee and the donor are now outside of any safe harbor protection.

The OIG has gently provided some examples:

First, “arrangements in which a donor takes an action to limit the use, communication, or interoperability of donated items or services by entering into an agreement with a recipient to preclude or inhibit any competitor from interfacing with the donated system would not satisfy the requirement of 42 CFR § 1001.953(y)(3).” Id.

Second, arrangements in which “[EHR] technology vendors agree with donors to charge high interface fees to non-recipient providers or suppliers or to competitors may also fail to satisfy the conditions of 42 CFR § 1001.952(y)(3).”

The practical problem, of course, is that complete and unfettered “interoperability” may be on the horizon, but at this point for many providers it is a mirage, a distinct one, but a mirage nonetheless.  If the deal is too good to be true, one should insure that the IT is, indeed, interoperable.