OpenNotes and Public Policy

OpenNotes monitors and occasionally provides comment on emerging policies impacting health care in the U.S. Our policy areas of interest include patient access to the information in their medical records, including data.

Note: The OpenNotes team is composed mainly of clinicians and researchers. We are neither government relations experts, nor lobbyists, nor attorneys. Consult with your organization’s Health Information Management, compliance, legal, finance, and public affairs teams to find out how public polices apply to your organization.

Cures Act Final Rule on Interoperability, Information Blocking, and the ONC Health IT Certification Program (2021)

The program rule on Interoperability, Information Blocking, and ONC Health IT Certification—which implements the 21st Century Cures Act passed by a bipartisan Congress in 2016—requires U.S. patients be provided access to all the health information in their electronic medical records without charge by their healthcare provider.

The Cures Rule went into effect on April 5, 2021, and as a result made the concept of open notes the “law of the land.”

Cures Act: Definition of Electronic Health Information (EHI) expanded to electronic Protected Health Information (ePHI). Starting October 6, 2022, the definition of EHI was expanded to include all information in a Designated Record Set, as defined under HIPAA. This means that EHI is not limited to the specific data classes—it also consists of medical and payment records about a patient and any information of a type that may be used to make decisions about a patient’s care. (Source: Understanding Electronic Health Information, HealthIT.gov)

Learn how the Cures Act Final Rule is applied to open notes, and learn the difference between the Cures Act Final Rule and open notes.

(Source: ONC Cures Act Final Rule)

US policy requires immediate release of records to patients, BMJ (2021)

OpenNotes Celebrates New Federal Rule on Transparency for Patients (2020)

Historical health care policies related to open notes

Are you interested in how public policy plays a major role in U.S. health care? Read up on the following topics.

Health Insurance Portability & Accountability Act (HIPAA), 1996
HIPAA mandates health care organizations must follow best practices to keep patient information secure, private and safe. (Source: U.S. Department of Health and Human Services)
American Recovery and Reinvestment Act (ARRA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, 2009
The HITECH Act included the concept of “electronic health records – meaningful use” aka EHR-MU, an effort led by Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC). The HITECH Act proposed the meaningful use of interoperable electronic health records throughout the United States health care delivery system as a critical national goal. (Source: Centers for Disease Control and Prevention)
21st Century Cures Act (Cures Act), 2016
The Cures Act was designed to help accelerate medical product development and bring new innovations and advances to patients who need them faster and more efficiently. (Source: US Department of Health and Human Services)
- Cures Act Interoperability, Information Blocking, and the ONC Health IT Certification Program (Cures Rule), 2020
  The Cures Rule Final Rule required U.S. patients be provided access to all the health information in their electronic medical records, without charge by their healthcare provider, beginning April 5, 2021. (Source: Office of the National Coordinator for Health IT)