The 21st Century Cures Act (Cures Act) was signed into law on December 13, 2016, following a multi-year, bipartisan, and bicameral legislative effort to accelerate the pace of the discovery, development, and delivery of new treatments and cures. The Cures Act packages a wide range of medical innovation measures − including increased research and Food and Drug Administration (FDA) funding and provisions aimed at accelerating FDA’s processes for reviewing and approving new drugs, biologics, and medical devices − with funding for the opioid abuse crisis, mental health reforms, and modifications to various Medicare payment policies.

The Cures Act also incorporates significant health IT policies, which generally aim to streamline and promote the use of interoperable electronic health records (EHRs) and support coverage of telehealth services. In addition to addressing FDA regulation of software, the law includes provisions to: reduce regulatory and administrative documentation requirements in the use of EHRs; promote the facilitation of secure, interoperable exchange of electronic health record data while protecting patient privacy; and require the Department of Health and Human Services (HHS) and MedPAC to submit reports to Congress on expanding Medicare coverage of telehealth services. Of note, an earlier version of the Cures Act would have gone a step further by expanding telehealth coverage.

One of the most significant health IT-related provisions included in the Cures Act would enforce the prohibition of information blocking on behalf of health IT developers and exchange networks. Health IT developers will be banned from interfering or preventing the access, exchange, or use of electronic health information to allow for greater data interoperability. In addition, the HHS Office of the Inspector General will be permitted to investigate complaints against the practice of data blocking and subsequently enforce monetary penalties.