::: hero
When a Medicare beneficiary at Grady Memorial Hospital in Atlanta is admitted for chest pain, the cardiologist consulted three hours later does not flip through a paper chart. The cardiologist opens the Epic electronic health record (EHR), sees the emergency department triage notes, reviews the EKG attached as a digital image, sees the labs already drawn and resulted, and orders additional tests from the inpatient unit without ever picking up a paper form. When that same beneficiary is discharged the next day, the discharge summary is electronically transmitted to the primary care physician's office. The beneficiary herself can log into the MyChart patient portal that night from home, see her hospital records, view the discharge instructions, and message her doctor with questions. That entire workflow exists because of Section 1886(n) of the Social Security Act and the Medicare Hospital Promoting Interoperability (PI) program.
The Promoting Interoperability program (formerly Meaningful Use) is the federal quality program that transformed Medicare-participating hospitals from paper-based documentation to certified electronic health record systems. Authorized at Section 1886(n) of the Social Security Act and originally established by Section 4101 of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 (Public Law 111-5), the program created both incentive payments to encourage EHR adoption and payment penalties for hospitals failing to adopt and meaningfully use certified EHR technology. Section 1886(b)(3)(B)(ix) of the SSA established the payment penalty (originally up to 75 percent of the hospital market basket update for non-compliant hospitals over multiple years). The combination of incentives and penalties drove EHR adoption from less than 10 percent of US hospitals in 2008 to over 95 percent by the late 2010s.
The program has evolved through multiple stages. Stage 1 Meaningful Use (2011-2013) established basic EHR functionality and reporting requirements. Stage 2 Meaningful Use (2014-2016) increased requirements and introduced health information exchange. Stage 3 Meaningful Use (2017-2018) added complexity and higher thresholds. In 2018, CMS rebranded Meaningful Use as Promoting Interoperability and reformed the scoring approach, replacing the all-or-nothing pass/fail structure with a points-based performance scoring system. The 2019 final rule introduced the modern PI framework, with hospitals scoring on four performance objectives (electronic prescribing, health information exchange, provider to patient exchange, public health and clinical data exchange) totaling up to 100 points. For FY 2026 (October 1, 2025 to September 30, 2026), hospitals must achieve a minimum 75-point score to avoid the Section 1886(b)(3)(B)(ix) payment reduction.
Beyond Medicare payment, the Section 4003 of the 21st Century Cures Act of 2016 (Public Law 114-255) added information blocking provisions. The Cures Act prohibits practices that interfere with access, exchange, or use of electronic health information. The Office of the National Coordinator for Health Information Technology (ONC) issued final rules implementing the Cures Act, including the 2020 ONC Cures Act Final Rule and subsequent rulemaking. Information blocking provisions are codified at 45 CFR 171. The HHS Office of Inspector General has enforcement authority for health IT developers, networks, and exchanges. Healthcare providers face HHS-imposed "disincentives" for information blocking, with hospitals facing reductions in their PI scoring. The Cures Act fundamentally changed information sharing expectations, requiring providers to share electronic health information with patients, other providers, and qualified entities unless specific exceptions apply.
Major Georgia hospitals navigate the PI program as a core operational responsibility. Grady Memorial Hospital, Emory University Hospital, Emory University Hospital Midtown, Memorial Health Savannah, AU Medical Center, Phoebe Putney Memorial Hospital, Atrium Health Floyd, Northeast Georgia Medical Center, Wellstar, Piedmont, Northside, and Children's Healthcare of Atlanta all participate in PI and achieve the required scoring threshold each year. Most Georgia hospitals use Epic Systems for their EHR; some use Cerner (now Oracle Health), MEDITECH, or other vendors. The Georgia Department of Public Health receives electronic case reports, syndromic surveillance data, and immunization registry data from Georgia hospitals through the public health and clinical data exchange performance objective. Georgia Immunization Registry (GRITS) is the state immunization registry receiving registry submissions.
This Brevy guide walks through the entire Medicare Hospital Promoting Interoperability framework. We cover Section 1886(n) of the SSA, Section 4101 of the HITECH Act of 2009, Section 1886(b)(3)(B)(ix) penalty, 42 CFR 495 implementing regulations, 45 CFR 170 ONC Health IT Certification Program, the Certified Electronic Health Record Technology (CEHRT) requirement, the Stage 1, Stage 2, Stage 3 Meaningful Use history, the 2018 rebranding to Promoting Interoperability, the 2019 performance-based scoring system, the four current performance objectives (electronic prescribing, health information exchange, provider to patient exchange, public health and clinical data exchange), the FY 2026 75-point minimum threshold, the 90-day and full-year reporting period options, the QualityNet self-attestation, the Section 4003 of the 21st Century Cures Act of 2016, the 45 CFR 171 information blocking regulations, the USCDI standards, HL7 FHIR, TEFCA, the eCR/syndromic surveillance/immunization registry public health reporting, six worked examples through major Georgia hospitals, 14 compliance and operational errors, a 25-question accordion FAQ, beneficiary-facing implications including patient portal access and information sharing rights under the Cures Act, and a CTA with 16 contact resources for Georgia beneficiaries navigating electronic health information access. :::
::: callout
Key Takeaways for Georgia Medicare Promoting Interoperability
Section 1886(n) of the Social Security Act authorizes the Hospital EHR Incentive Program now known as Promoting Interoperability (PI). The program was originally established by Section 4101 of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 (Public Law 111-5) as part of the American Recovery and Reinvestment Act.
Section 1886(b)(3)(B)(ix) of the SSA imposes a payment reduction on hospitals failing to demonstrate meaningful EHR user status. The reduction was originally up to 75 percent of the market basket update over multiple years; current provisions vary based on program design changes implemented through CMS rulemaking.
42 CFR 495 is the implementing regulation for the EHR Incentive Programs and Promoting Interoperability. 45 CFR 170 establishes the ONC Health IT Certification Program standards for Certified Electronic Health Record Technology (CEHRT). The 2015 Edition CEHRT and subsequent editions specify functionality, data standards, and interoperability requirements.
The current PI framework, established by the 2018 rebranding and 2019 performance-based scoring rules, evaluates hospitals across four performance objectives: electronic prescribing, health information exchange, provider to patient exchange, and public health and clinical data exchange. Hospitals receive up to 100 points based on performance on specific measures.
The FY 2026 minimum threshold is 75 points. Hospitals scoring below 75 points face the Section 1886(b)(3)(B)(ix) payment reduction. The threshold has increased over time from 50 points in early years to 75 points currently, reflecting the maturation of EHR adoption and the expectation of higher performance.
Hospital reporting occurs through QualityNet self-attestation. Hospitals can elect a 90-day reporting period or a full-year reporting period. The attestation includes scores on each measure, demonstrating meaningful EHR use.
The Section 4003 of the 21st Century Cures Act of 2016 (Public Law 114-255) added information blocking provisions. The Cures Act prohibits practices that interfere with access, exchange, or use of electronic health information. 45 CFR 171 implements the information blocking provisions through eight exceptions and enforcement mechanisms.
Public health reporting is a major PI component. The public health and clinical data exchange performance objective requires hospitals to report electronic case reports (eCR), syndromic surveillance data, immunization registry data, and other public health information. The Georgia Department of Public Health receives this data from Georgia hospitals.
Major Georgia hospitals, including Grady, Emory, Memorial Savannah, AU Medical Center, Phoebe Putney, Atrium Floyd, Northeast Georgia Medical Center, Wellstar, Piedmont, Northside, and Children's Healthcare of Atlanta, all participate in PI and achieve the required scoring threshold. Epic is the dominant EHR vendor in Georgia, with Cerner/Oracle Health, MEDITECH, and other vendors also present.
Beneficiary implications include patient portal access (View, Download, Transmit measures), secure messaging with providers, electronic case reporting supporting public health, and Cures Act information blocking protections ensuring patients can access their electronic health information. Brevy at brevy.com helps Georgia families understand their electronic health information rights, patient portal access, and care coordination supported by EHR adoption. :::
The Statutory Foundation: Section 1886(n) of the Social Security Act
Section 1886(n) of the Social Security Act authorizes the Medicare Hospital EHR Incentive Program (now Promoting Interoperability). The provision was added by Section 4101 of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 as part of the American Recovery and Reinvestment Act.
Section 1886(n) establishes the framework for both EHR incentive payments (the original program design provided substantial financial incentives to encourage EHR adoption) and the penalty framework for hospitals failing to demonstrate meaningful EHR user status. The incentive payment phase has ended; current operation focuses on the penalty framework codified at Section 1886(b)(3)(B)(ix).
The statutory provision directs the Secretary of Health and Human Services to determine appropriate criteria for hospital meaningful EHR user status. The Secretary has delegated detailed regulation and rulemaking to CMS, which implements the program through 42 CFR 495 and the annual IPPS final rule. The ONC, separately, manages the Health IT certification framework at 45 CFR 170.
The program has evolved substantially since 2009. The initial structure was an incentive payment program with all-or-nothing pass/fail scoring on a fixed set of objectives. Over time, the program added complexity, raised thresholds, transitioned to a points-based scoring system, and integrated with broader health IT policy including the Cures Act information blocking provisions.
Section 1886(n) covers hospitals subject to IPPS payment. Critical Access Hospitals participate under a different (but related) framework that affects their cost-based reimbursement.
Section 4101 of the HITECH Act of 2009: Establishing the Framework
Section 4101 of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 (Public Law 111-5) established the Medicare and Medicaid EHR Incentive Programs. The HITECH Act was Title XIII of the American Recovery and Reinvestment Act of 2009, the broad stimulus legislation enacted in response to the 2008 financial crisis.
Statutory Structure
Section 4101 created several key components:
- Medicare EHR Incentive Program: Payments to eligible professionals and hospitals demonstrating meaningful EHR use, starting in 2011
- Medicaid EHR Incentive Program: Parallel program for Medicaid eligible professionals and hospitals
- Penalty framework: Reductions in Medicare payment for non-compliant hospitals starting in 2015
- ONC framework: Authorization for the Office of the National Coordinator for Health Information Technology
The combination of incentives and penalties was a deliberate policy choice. Initial incentives encouraged voluntary adoption; subsequent penalties created mandatory compliance pressure.
Incentive Payment Magnitude
The original incentive payments were substantial. Hospitals could receive multiple millions of dollars in EHR incentive payments over the program years. The aggregate national EHR incentive payment exceeded $30 billion across Medicare and Medicaid programs, making it one of the largest federal investments in health information technology.
Adoption Impact
The HITECH Act dramatically accelerated EHR adoption. Before 2009, hospital EHR adoption was below 10 percent. By 2015, basic EHR adoption exceeded 80 percent; by 2020, comprehensive EHR adoption exceeded 95 percent. The HITECH Act is widely credited as the most successful federal health IT initiative in history.
Critiques
The HITECH Act has also faced critiques. Concerns include EHR usability issues, clinician burden, EHR-related medical errors, inadequate interoperability between systems, and high implementation costs. The 21st Century Cures Act of 2016 (Section 4003 information blocking provisions in particular) responded in part to interoperability failures and information sharing inadequacies under the original HITECH framework.
Section 1886(b)(3)(B)(ix): The Meaningful EHR User Payment Reduction
Section 1886(b)(3)(B)(ix) of the SSA reduces the IPPS market basket update for hospitals failing to demonstrate meaningful EHR user status. The reduction was the principal compliance enforcement mechanism after the incentive payment phase ended.
Reduction Magnitude
The reduction was originally structured as up to 75 percent of the market basket update over multiple years, increasing in magnitude as the program matured. The specific reduction has varied based on CMS rulemaking and program design changes.
For example, if the market basket update is 3.0 percent and the reduction is 75 percent of market basket, a non-compliant hospital faces:
- Market basket update: 3.0 percent
- PI penalty: 75 percent × 3.0 percent = 2.25 percentage points reduction
- Adjusted market basket update: 3.0 - 2.25 = 0.75 percent
After the MFP adjustment, the net update for a non-compliant hospital could be near zero or negative. The penalty is financially substantial and compounds annually if non-compliance continues.
Compliance Determination
Compliance is determined based on the hospital's self-attestation and reporting through QualityNet. Hospitals achieving the minimum threshold (currently 75 points for FY 2026) avoid the penalty. Hospitals failing the threshold incur the penalty.
Application Year
The penalty for a given fiscal year is based on the hospital's performance in an earlier reporting period. For FY 2026, hospitals report on 2024 performance, with the penalty (or no penalty) applied in the FY 2026 payment year. This reporting/payment year lag is a regular feature of Medicare quality program structure.
42 CFR 495 EHR Implementing Regulations
42 CFR 495 is the comprehensive implementing regulation for the EHR Incentive Programs and Promoting Interoperability. The regulation covers all aspects of the program structure, including:
- Eligibility (which providers and hospitals participate)
- Meaningful EHR user definition
- Stages and reporting periods
- Performance measures
- Scoring methodology
- Attestation and reporting
- Auditing and validation
- Appeals
Multiple Subparts
42 CFR 495 has multiple subparts addressing different aspects:
- Subpart A: General
- Subpart B: Medicare Incentive Payments
- Subpart C: Medicaid Incentive Payments (historical)
- Subpart D: Requirements specific to Meaningful EHR Users
- Subpart E: Provisions specific to hospitals
Annual Updates
42 CFR 495 is amended periodically as the program evolves. The annual IPPS final rule typically includes updates to PI requirements.
45 CFR 170 ONC Health IT Certification Program
45 CFR 170 establishes the ONC Health IT Certification Program. The program certifies that electronic health record products meet specified standards for functionality, security, and interoperability.
CEHRT Definition
Certified Electronic Health Record Technology (CEHRT) is EHR technology certified by an ONC-Authorized Certification Body (ONC-ACB) to meet the certification criteria. Hospitals must use CEHRT to participate in PI.
2015 Edition CEHRT
The 2015 Edition CEHRT was the foundation for current PI participation. The 2015 Edition specified functionality including:
- Common Clinical Data Set (CCDS)
- Application programming interface (API) capabilities
- Care plan exchange
- Health information exchange capabilities
- Public health reporting
- Patient access
Subsequent Editions
Subsequent certification editions have updated and expanded the requirements:
- ONC Cures Act Final Rule (2020) added Cures Act-related certification
- USCDI v1 (2020) replaced the Common Clinical Data Set
- USCDI v2, v3, v4 updated the data classes
- Cures Act API and FHIR R4 requirements
ONC-ACBs
ONC-Authorized Certification Bodies test EHR products against certification criteria and issue certifications. The Certified Health IT Product List (CHPL) is the public registry of certified products.
Certification Maintenance
Certifications must be maintained as standards evolve. EHR vendors update their products to meet new certification editions; hospitals must use currently certified versions.
The Four Performance Objectives
The current PI framework, established by the 2018 rebranding and 2019 performance-based scoring rules, evaluates hospitals across four performance objectives:
1. Electronic Prescribing
Electronic prescribing involves transmission of prescriptions electronically rather than by paper or telephone. The objective measures include:
- e-Prescribing measure: percentage of hospital permissible prescriptions queried for a drug formulary and transmitted electronically using CEHRT
- Bonus measures: query of PDMP, prescription drug monitoring program
Electronic prescribing improves prescription safety, reduces medication errors, and supports drug-drug interaction checking through clinical decision support.
2. Health Information Exchange
Health information exchange involves sharing electronic health information with other providers and exchange networks. Measures include:
- Support electronic referral loops by sending health information
- Support electronic referral loops by receiving and reconciling health information
- Verify HIE clinical use cases
Health information exchange supports care coordination across providers and settings, reducing duplication and improving care continuity.
3. Provider to Patient Exchange
Provider to patient exchange involves providing patients with access to their electronic health information. Measures include:
- Provide patients access to their health information
- View, Download, Transmit (VDT)
- Patient API access (Cures Act)
- Secure messaging
- Patient education resources
The objective directly serves patient empowerment and information access goals, including Cures Act requirements.
4. Public Health and Clinical Data Exchange
Public health and clinical data exchange involves sharing electronic health information with public health agencies and clinical data registries. Required measures include:
- Syndromic surveillance reporting
- Immunization registry reporting
- Electronic Case Reporting (eCR)
- Reportable lab result reporting (Public Health Lab Result Reporting)
- Public health registry reporting (cancer registry, specialized registry)
The objective supports public health surveillance, outbreak detection, and population health management.
Scoring System Details
The PI scoring system allocates points across the four performance objectives and bonus opportunities. The total possible score is 100 points (with bonus opportunities sometimes exceeding 100).
Points Allocation
Specific points allocations have varied across program years. Typical allocations distribute points across:
- Electronic prescribing: typically 10-20 points
- Health information exchange: typically 20-40 points
- Provider to patient exchange: typically 20-40 points
- Public health and clinical data exchange: typically 25 points
- Bonus measures: variable
The annual IPPS final rule sets the specific allocations for each performance year.
Performance Scoring
For each measure, hospitals receive points based on performance percentages. Higher performance receives more points; lower performance receives fewer or zero points. Some measures are pass/fail; others use sliding scales.
Minimum Threshold
The minimum threshold to avoid the Section 1886(b)(3)(B)(ix) penalty has increased over time:
- FY 2019 (first year of performance-based scoring): 50 points
- Subsequent years: 60 points
- FY 2024: 60 points
- FY 2025 and FY 2026: 75 points
The increasing threshold reflects the program's maturation and the expectation of higher performance as EHR adoption matures.
Hardship Exceptions
Hospitals may apply for hardship exceptions in specific circumstances:
- Significant hardship (e.g., infrastructure issues)
- New EHR implementation
- Other extraordinary circumstances
Approved hardship exceptions exempt the hospital from the penalty for that year.
Reporting Period and Attestation
90-Day Reporting Period
Hospitals can elect a 90-day reporting period within the calendar year. The 90-day option provides flexibility, allowing hospitals to choose their best 90-day stretch. Most hospitals select the 90-day option.
Full-Year Reporting Period
Alternatively, hospitals can report a full-year reporting period. The full-year option requires consistent performance throughout the year but is sometimes appropriate for hospitals demonstrating strong year-round performance.
QualityNet Self-Attestation
Hospitals submit their PI performance through QualityNet, the CMS quality reporting platform. The self-attestation includes scores on each measure, supporting documentation references, and certifications.
Audit Review
CMS conducts audit reviews of hospital attestations. Auditors review documentation supporting reported performance. Inaccurate attestations may result in penalty assessment, refund demands, and in extreme cases False Claims Act exposure.
Section 4003 of the 21st Century Cures Act of 2016: Information Blocking
Section 4003 of the 21st Century Cures Act of 2016 (Public Law 114-255) added information blocking provisions to the framework. The Cures Act addressed perceived failures of the original HITECH Act framework, including inadequate interoperability and provider/vendor practices that limited information sharing.
Information Blocking Definition
Information blocking is defined as a practice by a health care provider, health IT developer, health information exchange, or health information network that is likely to interfere with access, exchange, or use of electronic health information. The definition is broad and intended to capture practices that limit information sharing.
Exceptions
The Cures Act and implementing regulations specify eight exceptions to information blocking:
- Preventing harm: practices to prevent harm to patients or others
- Privacy: practices required to comply with privacy laws
- Security: practices required to maintain security
- Infeasibility: practices when fulfilling a request is infeasible
- Health IT performance: practices for system maintenance and performance
- Licensing: practices related to licensing requirements
- Fees: practices that recover reasonable costs
- Manner: practices related to the manner of fulfilling requests
Exceptions are narrowly defined; the burden is on the actor to demonstrate the exception applies.
Enforcement Framework
The HHS Office of Inspector General has enforcement authority for health IT developers, health information exchanges, and health information networks. Civil monetary penalties up to $1 million per violation can apply.
For healthcare providers, HHS imposed "disincentives" rather than civil monetary penalties. The disincentive framework for hospitals includes reduction in PI scoring for information blocking practices.
45 CFR 171 Information Blocking Regulations
45 CFR 171 implements the Section 4003 information blocking provisions. The regulation establishes:
- Information blocking definition (45 CFR 171.103)
- Exceptions (45 CFR 171.200 et seq.)
- Provisions on enforcement and disincentives
ONC Implementation
The Office of the National Coordinator for Health Information Technology (ONC) issued the ONC Cures Act Final Rule in May 2020, including the information blocking implementing regulations. Subsequent rules have refined the framework.
HHS Disincentive Final Rule
HHS issued a final rule establishing disincentives for healthcare provider information blocking. For hospitals, the disincentive is reduction in the PI scoring, affecting Medicare payment.
ONC Standards and Frameworks
USCDI (United States Core Data for Interoperability)
USCDI is the standardized data set required for electronic health information exchange. USCDI versions have evolved:
- USCDI v1 (2020): initial standardized data classes
- USCDI v2 (2022): expanded data classes
- USCDI v3, v4: further expansions
CEHRT must support USCDI for certification.
HL7 FHIR
Fast Healthcare Interoperability Resources (FHIR) is the modern API-based health data exchange standard. FHIR R4 is the foundation for Cures Act patient access APIs and other modern interoperability use cases.
TEFCA
The Trusted Exchange Framework and Common Agreement (TEFCA) establishes a national network of networks for health information exchange. Qualified Health Information Networks (QHINs) implement TEFCA, providing interconnection across the country.
Public Health Reporting
The public health and clinical data exchange performance objective requires hospitals to report multiple types of public health data.
Electronic Case Reporting (eCR)
eCR is automated reporting of notifiable diseases from hospital EHRs to public health agencies. eCR replaces manual case reporting with automated EHR-based reporting. The Georgia Department of Public Health receives eCR data from Georgia hospitals for notifiable diseases.
Syndromic Surveillance
Syndromic surveillance involves real-time monitoring of emergency department visit patterns for early warning of disease outbreaks. Hospitals submit ED visit data to public health agencies; the data supports early outbreak detection.
Immunization Registry
Immunization registries track immunizations administered. Hospitals report immunizations to state immunization registries. The Georgia Immunization Registry (GRITS) is Georgia's state immunization registry.
Reportable Lab Result Reporting
Hospitals submit reportable laboratory results (for notifiable conditions) to public health agencies. The reports support disease surveillance.
Public Health Emergency Reporting
During public health emergencies (such as COVID-19), additional public health reporting may be required. The pandemic experience expanded public health reporting capabilities and integration.
Patient Engagement Through PI
The provider to patient exchange performance objective drives substantial patient engagement infrastructure.
Patient Portal
Hospital patient portals (such as MyChart for Epic-based hospitals) provide patient electronic access to their health information. Through the portal, patients can:
- View their medical records
- Download their records
- Transmit records to other providers
- Message their providers securely
- Schedule appointments
- Review test results
- Access educational resources
Cures Act Patient Access API
The Cures Act patient access API requires CEHRT to provide patients with electronic access to their designated record set through FHIR-based APIs. The API enables third-party applications (with patient consent) to access patient data.
Secure Messaging
Secure messaging enables patients to communicate with their providers through encrypted messaging. The functionality supports care coordination, question answering, and continuity of care.
OpenNotes
OpenNotes (sharing clinical notes with patients) has become standard practice driven by Cures Act information sharing requirements. Patients can read the same notes their providers see, increasing transparency and engagement.
Major Georgia Hospital PI Compliance
Grady Memorial Hospital
Grady Memorial Hospital uses the Epic EHR system. The hospital participates in PI, achieves the required scoring threshold annually, and reports to the Georgia Department of Public Health for eCR, syndromic surveillance, and immunization registry. Grady's safety-net patient population benefits from patient portal access and electronic health information sharing.
Emory Healthcare
Emory Healthcare (including Emory University Hospital, Emory University Hospital Midtown, Emory Saint Joseph's, Emory Johns Creek, and other Emory hospitals) uses Epic. The system achieves consistent PI compliance across all hospitals.
Memorial Health Savannah
Memorial Health (part of HCA Healthcare) uses HCA's EHR systems. The hospital participates in PI.
AU Medical Center
AU Medical Center uses Cerner (now Oracle Health) EHR. The academic medical center participates in PI.
Phoebe Putney Memorial Hospital
Phoebe Putney uses Epic EHR. The rural Georgia hospital participates in PI.
Wellstar Health System
Wellstar uses Epic EHR across its hospitals. System-wide PI compliance.
Piedmont Healthcare
Piedmont uses Epic EHR. System-wide PI compliance.
Northside Hospital
Northside uses Epic EHR. PI compliance across its campuses.
Children's Healthcare of Atlanta
CHOA uses Epic EHR with pediatric specialization. CHOA participates in PI with adaptations appropriate for pediatric care.
Atrium Health Floyd
Atrium Health Floyd uses Cerner/Oracle Health EHR (system-wide for Atrium). PI compliance.
Northeast Georgia Medical Center
NGMC uses Epic EHR. PI compliance.
Rural Georgia hospitals
Smaller rural Georgia hospitals use a mix of EHR vendors. Most have achieved PI compliance, though some have faced implementation challenges. Brevy at brevy.com tracks rural hospital health IT adoption as part of broader rural eldercare access monitoring.
EHR Vendor Landscape
Epic Systems
Epic is the dominant hospital EHR vendor in Georgia and nationally. Major Georgia hospital systems including Emory, Wellstar, Piedmont, Northside, Phoebe Putney, NGMC, Grady, and CHOA use Epic. Epic's scale enables consistent functionality across major hospitals.
Cerner (Oracle Health)
Cerner, acquired by Oracle in 2022 and renamed Oracle Health, is the second-largest hospital EHR vendor. Georgia hospitals using Cerner/Oracle Health include AU Medical Center and Atrium Health system hospitals.
MEDITECH
MEDITECH is a major vendor in the community hospital and rural hospital market. Various Georgia community hospitals use MEDITECH.
Other Vendors
Other EHR vendors with smaller Georgia market share include Allscripts (now Veradigm), CPSI (rural hospital focus), and various specialty EHR systems for specific service lines.
Worked Example 1: Grady PI Compliance
Consider a hypothetical PI compliance scenario for Grady Memorial Hospital. Grady uses Epic EHR and selects a 90-day reporting period for the FY 2026 payment year (reporting on calendar year 2024 performance).
Sample scores across the four performance objectives:
- Electronic Prescribing: 15 points out of 15 (full electronic prescribing through Epic's prescription module)
- Health Information Exchange: 30 points out of 40 (sending and receiving referral information)
- Provider to Patient Exchange: 35 points out of 40 (high patient portal usage, secure messaging)
- Public Health and Clinical Data Exchange: 20 points out of 25 (eCR, syndromic surveillance, immunization registry compliant; reportable lab result reporting nearly complete)
- Bonus: 5 points
Total: 105 points (exceeds 75-point threshold)
Grady avoids the Section 1886(b)(3)(B)(ix) penalty. Hospital receives the full IPPS update factor for FY 2026.
Worked Example 2: Emory University Hospital PI Scoring
Consider Emory University Hospital. Epic EHR, 90-day reporting period, calendar year 2024 performance for FY 2026 payment year:
- Electronic Prescribing: 14 of 15 points
- Health Information Exchange: 35 of 40 points (Emory's extensive referral network drives strong scores)
- Provider to Patient Exchange: 38 of 40 points
- Public Health and Clinical Data Exchange: 24 of 25 points
- Bonus: 7 points
Total: 118 points
Emory exceeds the 75-point threshold substantially. Full IPPS update factor received.
Worked Example 3: Rural Georgia Hospital PI
Consider a small rural Georgia hospital using MEDITECH EHR. The hospital faces capacity constraints affecting PI performance:
- Electronic Prescribing: 12 of 15 points
- Health Information Exchange: 18 of 40 points (limited HIE participation)
- Provider to Patient Exchange: 22 of 40 points (lower patient portal adoption)
- Public Health and Clinical Data Exchange: 18 of 25 points
- Bonus: 0 points
Total: 70 points (below 75-point threshold)
The hospital faces the Section 1886(b)(3)(B)(ix) penalty for FY 2026. The penalty reduces the market basket update significantly.
Hardship exception application: the hospital applies for a hardship exception based on rural infrastructure limitations. If approved, the exception exempts the hospital from the penalty.
This worked example illustrates the financial stakes for hospitals that struggle with PI compliance. Rural hospitals with limited IT resources may face challenges achieving the increasing threshold, particularly as the threshold rises to 75 points.
Worked Example 4: PI Penalty Calculation
Consider a hospital scoring below the 75-point threshold. Assume:
- Hospital scores 65 points (below 75-point threshold)
- Market basket update for FY 2026: 3.0 percent
- PI penalty: 75 percent of market basket = 2.25 percentage points reduction
- Adjusted market basket update: 3.0 - 2.25 = 0.75 percent
- MFP adjustment: -0.6 percent
- DCA adjustment: 0 percent
- Net update factor for non-compliant hospital: 0.75 - 0.6 = 0.15 percent
Compare to compliant hospital:
- Net update factor for compliant hospital: 3.0 - 0.6 = 2.4 percent
Difference: 2.25 percentage points lower update for non-compliant hospital.
For a hospital with $30 million in annual Medicare IPPS revenue, the 2.25 percentage point reduction means approximately $675,000 less revenue in year one, compounding annually if non-compliance continues. Over five years of consistent non-compliance, the cumulative revenue loss could exceed $3.5 million.
Worked Example 5: AU Medical Center PI
Consider AU Medical Center using Cerner/Oracle Health EHR:
- Electronic Prescribing: 14 of 15 points
- Health Information Exchange: 32 of 40 points
- Provider to Patient Exchange: 33 of 40 points
- Public Health and Clinical Data Exchange: 22 of 25 points
- Bonus: 4 points
Total: 105 points
AU Medical Center exceeds the 75-point threshold. The academic medical center's resources and dedicated health IT staff support strong PI performance.
Worked Example 6: Children's Healthcare of Atlanta PI
Consider Children's Healthcare of Atlanta, using Epic EHR with pediatric specialization:
- Electronic Prescribing: 13 of 15 points (pediatric prescribing complexities)
- Health Information Exchange: 28 of 40 points (pediatric specialty referral patterns)
- Provider to Patient Exchange: 36 of 40 points (parent/guardian portal access)
- Public Health and Clinical Data Exchange: 23 of 25 points (strong immunization registry and eCR)
- Bonus: 5 points
Total: 105 points
CHOA exceeds the 75-point threshold. The pediatric hospital's PI participation supports specialized pediatric care coordination, parent/guardian information access, and pediatric public health reporting.
Information Blocking Considerations
Information blocking enforcement under 45 CFR 171 affects Georgia hospitals. Hospitals must ensure their practices do not interfere with access, exchange, or use of electronic health information.
Practical Compliance
Hospital information blocking compliance involves:
- Reviewing information sharing policies and practices
- Ensuring patient portal access to designated record set
- Supporting third-party app access through Cures Act APIs (with appropriate authentication)
- Sharing electronic health information with other providers without unreasonable barriers
- Implementing OpenNotes for clinical notes sharing
- Documenting exception use when applicable
Common Information Blocking Concerns
Common potential information blocking concerns include:
- Withholding records pending payment
- Excessive fees for record copies
- Delaying patient portal access
- Refusing to share notes
- Restricting third-party app access
- Limiting electronic referrals to certain partners
Hospitals should review practices against the eight exceptions to ensure compliance.
Enforcement
The HHS Office of Inspector General has authority to investigate information blocking complaints from patients, other providers, and entities. Penalties for hospitals operate through the PI scoring disincentive framework.
Public Health Reporting and Georgia
Georgia Department of Public Health receives multiple types of electronic health information from Georgia hospitals.
Georgia DPH eCR
The Georgia Department of Public Health receives electronic case reports for notifiable conditions including:
- COVID-19
- Influenza
- Foodborne illnesses
- Sexually transmitted infections
- Tuberculosis
- Other notifiable conditions
Syndromic Surveillance
Georgia hospitals submit syndromic surveillance data (ED visits) to the Georgia DPH syndromic surveillance system. The data supports early outbreak detection, influenza surveillance, and other public health uses.
Georgia Immunization Registry (GRITS)
The Georgia Registry of Immunization Transactions and Services (GRITS) is Georgia's state immunization registry. Hospitals report childhood and adult immunizations to GRITS. The registry consolidates immunization records across providers, supporting clinical decision support and public health.
Reportable Lab Results
Hospitals submit reportable laboratory results to Georgia DPH for surveillance purposes.
Historical Stages of Meaningful Use
The Meaningful Use program evolved through three formal stages before the 2018 rebranding to Promoting Interoperability. Understanding the historical stages helps explain why current PI requirements are structured as they are.
Stage 1 (2011-2013)
Stage 1 Meaningful Use was the initial implementation. The framework included core and menu objectives, with hospitals required to meet all core objectives and a selection of menu objectives. Stage 1 emphasized basic EHR functionality:
- Computerized provider order entry (CPOE)
- Electronic prescribing
- Drug interaction checks
- Drug allergy checks
- Recording demographics
- Recording vital signs
- Recording smoking status
- Maintaining problem list
- Maintaining medication list
- Maintaining medication allergy list
- Clinical decision support
- Electronic copy of health information
- Discharge instructions
Stage 1 thresholds were relatively low to encourage adoption. The substantial incentive payments (typically several million dollars per hospital over the incentive years) drove rapid EHR implementation.
Stage 2 (2014-2016)
Stage 2 increased complexity and thresholds. Hospitals had to maintain Stage 1 capabilities while adding additional functionality:
- Higher thresholds on existing measures
- Patient electronic access to health information (View, Download, Transmit)
- Secure messaging
- Health information exchange across care transitions
- Public health reporting expansion
- Family health history capture
- Imaging results in EHR
- Medication reconciliation
- Summary of care for transitions
Stage 2 was more challenging for hospitals. Some hospitals struggled to meet thresholds, particularly for patient electronic access measures dependent on patient action.
Stage 3 (2017-2018)
Stage 3 was the most complex meaningful use stage. Requirements included:
- Higher thresholds on Stage 2 measures
- Eight objectives with specific measures
- Coordination of care through HIE
- Patient-specific education resources
- API access to health information
- Clinical quality measure reporting
Stage 3 used all-or-nothing scoring: hospitals had to meet all measures or face the penalty. Many hospitals expressed concern about the all-or-nothing structure.
2018 Rebranding to Promoting Interoperability
In 2018, CMS rebranded Meaningful Use as Promoting Interoperability and reformed the program structure. Key changes:
- Performance-based scoring replacing all-or-nothing
- Reduced objective count
- Increased emphasis on interoperability
- Patient access prominence
- Reduced administrative burden focus
The rebranding reflected both the maturation of the program and the priorities of the Cures Act information sharing framework.
2019 Performance-Based Scoring
The 2019 final rule established the modern PI performance-based scoring framework that has been incrementally refined since. The framework is the foundation for current PI participation.
Public Health Emergency Flexibilities (2020-2023)
The COVID-19 public health emergency (2020-2023) created flexibilities in PI requirements. CMS provided various accommodations to support hospital response to the pandemic:
Reporting Period Flexibilities
Hospitals received expanded options for reporting periods during the PHE. The flexibilities recognized operational disruption from COVID-19.
Hardship Exceptions
Expanded hardship exception availability during the PHE. Hospitals significantly affected by COVID-19 operations could apply for exceptions.
Measure Modifications
Some measures were modified or temporarily suspended to address PHE operational realities. Public health emergency reporting (COVID-19 case reporting, syndromic surveillance for COVID-like illness) received elevated attention.
Post-PHE Return
After the PHE ended in May 2023, PI requirements have returned to standard structure. The pandemic experience accelerated some interoperability developments (electronic case reporting maturity, public health connectivity) while creating temporary flexibilities.
eCQM Reporting Through IQR Alignment
The Hospital Inpatient Quality Reporting (IQR) program and PI program are increasingly aligned. Electronic Clinical Quality Measures (eCQMs) are reported through IQR and contribute to PI compliance.
eCQM Reporting Requirements
Hospitals must report eCQMs through their CEHRT. The eCQMs measure clinical quality of care for specific conditions:
- Hospital-wide measures
- Condition-specific measures
- Process and outcome measures
CEHRT eCQM Functionality
CEHRT must support eCQM calculation and reporting. Hospital workflows must capture data elements needed for eCQM measurement.
Quality Reporting Alignment
The IQR-PI alignment reflects broader CMS efforts to streamline quality reporting and reduce hospital administrative burden. Aligned reporting reduces duplicative efforts.
Cures Act Patient Access API Implementation
The Cures Act patient access API is a significant operational requirement. Hospitals must support FHIR-based APIs enabling third-party applications to access patient electronic health information (with appropriate authentication).
API Standards
The patient access API uses FHIR R4 (or current FHIR version) as the foundation. Specific implementation guides specify which resources, search parameters, and operations are required.
Authentication
Authentication uses OAuth 2.0 and SMART on FHIR standards. Patients authenticate to access their data; third-party apps obtain access tokens after patient authorization.
Data Access Scope
The API provides access to the designated record set (broadly defined). USCDI data classes are foundational.
App Marketplace
Third-party apps including Apple Health, Google Health, and various specialty apps integrate with hospital patient access APIs. Patients can choose which apps to authorize and what data to share.
Cures Act Provider Access API and HIE
Beyond patient access, the Cures Act envisions provider-to-provider information sharing through APIs and health information exchange. The provider access framework supports care coordination across providers.
Provider-to-Provider Sharing
When a patient is referred from one provider to another, electronic referral with care summary information should follow. PI measures include this provider-to-provider sharing.
HIE Participation
Health information exchanges aggregate and share information across multiple providers. Georgia historically had limited statewide HIE infrastructure; recent TEFCA developments may expand HIE.
TEFCA and QHINs
TEFCA-designated Qualified Health Information Networks (QHINs) are emerging as the national network infrastructure. Hospitals may participate through their EHR vendors' QHIN affiliations.
Compliance and Operational Best Practices
Best practices for managing PI compliance include:
- Dedicated PI program management: hospital health IT staff focused on PI
- CEHRT maintenance: keeping EHR systems on current certified editions
- Vendor coordination: working with EHR vendor on PI optimization
- Annual rule monitoring: tracking IPPS proposed and final rules for PI changes
- Performance monitoring: ongoing measurement of PI metrics
- Public health connectivity: maintained integrations with Georgia DPH systems
- Patient portal optimization: maximizing patient portal adoption and use
- Care coordination workflows: leveraging EHR for HIE measures
- Clinical decision support: maintaining CDS for measures
- Documentation: thorough documentation supporting attestation
- Information blocking compliance: review of practices against 45 CFR 171 exceptions
- OpenNotes implementation: sharing clinical notes with patients
- Audit preparation: maintained records for CMS audit
- Staff training: regular training on PI requirements and changes
OIG Audits and Enforcement
The HHS Office of Inspector General conducts audits and enforcement related to the EHR Incentive Programs and Promoting Interoperability. OIG has identified significant compliance issues over the program's history.
OIG Audit Findings
OIG audits have found various compliance issues including:
- Inaccurate attestations by hospitals and eligible professionals
- EHR vendor false certification representations
- Inadequate security risk analyses
- Insufficient documentation supporting attestation
- Improper incentive payment receipts
False Claims Act Cases
Major False Claims Act cases have addressed EHR Incentive Program fraud:
- eClinicalWorks (2017): $155 million settlement for false certification representations and supporting attestation fraud
- Greenway Health (2019): $57 million settlement for false certification claims
- Athenahealth (2021): $18 million settlement for incentive program-related claims
These cases addressed EHR vendor conduct in supporting customer attestations. Provider False Claims Act cases have been less common but exist.
Refund Demands
Hospitals found to have incorrectly attested may face incentive payment refund demands or penalty adjustments. Audit findings can require substantial corrective actions.
Hospital Compliance Programs
Hospital compliance programs incorporate PI compliance as a regular review element. Internal audits validate attestation accuracy before submission to CMS.
Reform Debate and Future Direction
The PI program continues to evolve through annual rulemaking, ONC interoperability standards updates, and policy debate.
Reform Themes
Key reform themes in PI policy discussion include:
- Reducing clinician burden: addressing EHR-related provider burnout
- Increasing patient access: strengthening Cures Act information sharing
- Improving interoperability: TEFCA implementation, FHIR adoption
- Public health surveillance: building on COVID-19 lessons
- Workforce impact: addressing clinician concerns about EHR design
CMS Patients Over Paperwork
The CMS Patients Over Paperwork initiative aims to reduce administrative burden across CMS programs including PI. Specific PI burden reductions have been incorporated in recent rules.
AHA Position
The American Hospital Association advocates for PI requirements that balance information sharing goals with implementation feasibility. AHA participates in CMS rulemaking and provides member guidance.
AMA Position
The American Medical Association has been vocal about EHR burden and its contribution to physician burnout. AMA advocates for usability improvements, reduced documentation requirements, and EHR design changes.
Patient Advocacy Perspective
Patient advocacy organizations support strong information sharing requirements. The Cures Act information blocking framework reflects patient access advocacy.
Future Trajectory
The PI program is expected to continue with annual updates, increasing thresholds, expanded interoperability requirements, and integration with broader CMS quality and payment programs. The Cures Act information sharing framework will continue to mature.
Common Errors and How to Avoid Them
Common errors that affect PI compliance include:
- Incorrect CEHRT version: using EHR not certified to current edition
- Inadequate scoring on patient portal measures: low patient registration or usage
- Health information exchange gaps: not sending or receiving referral information
- Public health reporting failures: missed eCR, syndromic, or immunization reporting
- Information blocking practices: practices interfering with information sharing
- Reporting period selection errors: choosing suboptimal 90-day window
- Attestation errors: incorrect performance scores submitted
- Documentation gaps: inadequate documentation supporting attestation
- Hardship exception oversights: not applying when justified
- EHR upgrade delays: not maintaining current CEHRT version
- Workflow integration failures: clinical workflows not aligned with measure requirements
- Audit response inadequacy: not providing requested documentation timely
- Vendor communication failures: not coordinating with EHR vendor on optimization
- Failure to monitor program changes: missing annual rule updates affecting PI
Frequently Asked Questions
::: accordion
What is the Medicare Hospital Promoting Interoperability program?
The Promoting Interoperability (PI) program is the Medicare program requiring hospitals to use certified electronic health record technology (CEHRT) in specified ways. Originally known as the Medicare EHR Incentive Program (Meaningful Use), it was renamed Promoting Interoperability in 2018. Authorized at Section 1886(n) of the Social Security Act, the program shapes how hospitals document, share, and provide access to patient electronic health information.
How was the program established?
Section 4101 of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 (Public Law 111-5) established the Medicare and Medicaid EHR Incentive Programs. HITECH was part of the American Recovery and Reinvestment Act 2009.
What is the penalty for non-compliance?
Section 1886(b)(3)(B)(ix) of the SSA imposes a payment reduction (originally up to 75 percent of the market basket update over multiple years) for hospitals failing to demonstrate meaningful EHR user status. The reduction is applied through the annual IPPS payment.
What are the four performance objectives?
The four current performance objectives are: (1) Electronic Prescribing; (2) Health Information Exchange; (3) Provider to Patient Exchange; (4) Public Health and Clinical Data Exchange. Hospitals receive points for performance on specific measures within each objective.
What is the minimum score for FY 2026?
The minimum threshold for FY 2026 is 75 points. Hospitals scoring 75 or more avoid the Section 1886(b)(3)(B)(ix) penalty. Hospitals scoring below 75 face the payment reduction.
What is CEHRT?
CEHRT stands for Certified Electronic Health Record Technology. CEHRT is EHR technology certified by an ONC-Authorized Certification Body to meet specified standards. Hospitals must use CEHRT to participate in PI. 45 CFR 170 establishes the certification framework.
What is Section 4003 of the 21st Century Cures Act?
Section 4003 of the 21st Century Cures Act of 2016 added information blocking provisions. The Cures Act prohibits practices that interfere with access, exchange, or use of electronic health information. 45 CFR 171 implements the provisions.
What is information blocking?
Information blocking is a practice that is likely to interfere with access, exchange, or use of electronic health information. The Cures Act prohibits information blocking unless an exception applies (eight exceptions specified at 45 CFR 171).
What is USCDI?
The United States Core Data for Interoperability (USCDI) is the standardized data set required for electronic health information exchange. USCDI versions have evolved: v1 (2020), v2 (2022), v3, v4. CEHRT supports current USCDI.
What is FHIR?
Fast Healthcare Interoperability Resources (FHIR) is the modern API-based health data exchange standard. FHIR R4 is the foundation for Cures Act patient access APIs.
What is TEFCA?
The Trusted Exchange Framework and Common Agreement (TEFCA) establishes a national network of networks for health information exchange. Qualified Health Information Networks (QHINs) implement TEFCA, providing interconnection across the country.
What is Electronic Case Reporting (eCR)?
eCR is automated reporting of notifiable diseases from hospital EHRs to public health agencies. It replaces manual case reporting. Georgia hospitals report to the Georgia Department of Public Health through eCR.
What is GRITS?
The Georgia Registry of Immunization Transactions and Services (GRITS) is Georgia's state immunization registry. Hospitals report immunizations to GRITS, consolidating immunization records across providers.
How does the program affect Medicare beneficiaries?
Beneficiaries benefit through patient portal access to their health information, secure messaging with providers, electronic prescription transmission supporting safety, information sharing across providers, and Cures Act information blocking protections ensuring access to electronic health information.
What is OpenNotes?
OpenNotes is the practice of sharing clinical notes with patients. The Cures Act information sharing requirements have made OpenNotes increasingly standard. Patients can read the same notes their providers see.
Can patients access their hospital records electronically?
Yes. The Cures Act and PI requirements ensure patients can access their electronic health information through patient portals and (for those using compatible apps) through Cures Act patient access APIs.
What EHR vendors do major Georgia hospitals use?
Major Georgia hospitals primarily use Epic (Emory, Wellstar, Piedmont, Northside, Phoebe Putney, NGMC, Grady, CHOA) and Cerner/Oracle Health (AU Medical Center, Atrium Health Floyd, Memorial Savannah). Other vendors including MEDITECH have smaller Georgia presence.
How do hospitals attest to PI compliance?
Hospitals submit their PI performance through QualityNet self-attestation. The submission includes scores on each measure, documentation references, and certifications.
What is the reporting period?
Hospitals can elect a 90-day reporting period within the calendar year or a full-year reporting period. Most hospitals select the 90-day option for flexibility.
What is the FY 2026 payment year reporting basis?
The FY 2026 payment year (October 1, 2025 to September 30, 2026) is based on calendar year 2024 performance. The reporting year/payment year lag is standard.
How do hardship exceptions work?
Hospitals may apply for hardship exceptions in specific circumstances (infrastructure issues, new EHR implementation, other extraordinary circumstances). Approved exceptions exempt the hospital from the penalty for that year.
What is the HHS disincentive for provider information blocking?
For hospital information blocking, HHS imposes a disincentive through reduction in the PI scoring, affecting Medicare payment. The disincentive framework operates through CMS rulemaking.
How can patients report information blocking concerns?
Patients can submit complaints to the HHS Office of Inspector General about information blocking. The OIG investigates complaints and may take enforcement actions against entities engaged in information blocking.
What public health data do Georgia hospitals report?
Georgia hospitals report electronic case reports (eCR), syndromic surveillance data (ED visits), immunization registry data (to GRITS), reportable lab results, and other public health data to the Georgia Department of Public Health.
Where can Georgia beneficiaries learn about their electronic health information rights?
Patients can contact their hospital's medical records office, the HHS Office for Civil Rights for HIPAA-related questions, the HHS Office of Inspector General for information blocking concerns, or GeorgiaCares SHIP for general assistance. :::
Beneficiary Implications and Patient Rights
The Promoting Interoperability program affects Georgia Medicare beneficiaries in several important ways.
Patient Portal Access
Through hospital patient portals (such as MyChart for Epic-based hospitals), beneficiaries can:
- View their medical records electronically
- Download their records
- Transmit records to other providers
- Message their providers securely
- Schedule appointments
- Review test results in real-time
- Access health education resources
Patient portal adoption has grown substantially driven by PI requirements. Most Georgia hospitals now have well-functioning patient portals.
Cures Act API Access
The Cures Act patient access API enables beneficiaries to use third-party applications (with appropriate authentication and authorization) to access their electronic health information. This expands beyond hospital-provided portals to include independent apps that aggregate health information across providers.
Information Sharing Across Providers
Health information exchange measures ensure that beneficiary information is shared across providers, supporting care coordination. When a beneficiary sees their primary care physician after a hospital admission, the PCP can receive the hospital discharge information electronically.
Public Health Surveillance Benefits
Public health reporting supports community health benefits. Faster disease outbreak detection, better immunization registry coverage, and improved disease surveillance all benefit individual beneficiaries through stronger public health infrastructure.
Information Blocking Protections
Beneficiaries have protections under the Cures Act information blocking provisions. Hospitals cannot unreasonably interfere with beneficiary access to their electronic health information. If a beneficiary believes information blocking is occurring, they can report concerns to the HHS Office of Inspector General.
How Brevy Helps Georgia Families Navigate Electronic Health Information
Brevy at brevy.com helps Georgia Medicare beneficiaries, families, and caregivers understand the Medicare Promoting Interoperability program, electronic health information access rights, patient portal use, and information sharing protections. While PI is primarily a hospital compliance program, its consumer-facing dimensions affect every Georgia beneficiary who has interacted with a hospital, used a patient portal, or shared health information with providers.
Our team monitors annual IPPS rulemaking for PI updates, ONC certification framework changes, Cures Act information blocking rule developments, and Georgia Department of Public Health integration with the state's hospitals. We translate technical health IT policy into plain-language guidance for Georgia families navigating patient portals, requesting electronic health information, and exercising their rights under the Cures Act.
Brevy maintains comprehensive Georgia state guides covering Medicare benefits, Medicaid programs, hospital payment programs (DSH, IME, GME, wage index, cost report, HRRP, HVBP, HACRP, bad debt, IPPS update factor, PI), and consumer protections. For beneficiaries seeking to understand their electronic health information rights or navigate hospital patient portals, Brevy provides accessible guidance.
Disclaimers
This guide describes the Medicare Hospital Promoting Interoperability framework, including Section 1886(n) of the Social Security Act, Section 4101 of the HITECH Act of 2009, Section 1886(b)(3)(B)(ix) of the SSA, 42 CFR 495, 45 CFR 170, Section 4003 of the 21st Century Cures Act of 2016, 45 CFR 171, and related rules as of May 2026. Statutory provisions, regulatory text, and CMS/ONC guidance change over time. Verify current rules with Medicare (1-800-MEDICARE), CMS (cms.gov), ONC (healthit.gov), the Georgia Department of Public Health (dph.georgia.gov), or qualified professional advisors.
The worked examples are hypothetical and illustrative. Actual hospital PI scoring depends on the specific measures, performance, and reporting period selected. Specific Georgia hospitals' PI performance, EHR vendor relationships, and public health reporting practices may differ from descriptions in this guide.
This guide is not legal, financial, or technology advice. Beneficiaries with questions about electronic health information access, patient portal use, or information blocking concerns should contact Medicare, GeorgiaCares SHIP, the HHS Office of Inspector General (for information blocking complaints), the HHS Office for Civil Rights (for HIPAA-related questions), or a qualified attorney. Hospitals seeking PI guidance should consult qualified health IT consultants, attorneys, or industry advisors.
::: cta
Get Help with Medicare Hospital Records, Patient Portals, and Electronic Health Information in Georgia
If you are a Georgia Medicare beneficiary or family member with questions about hospital records, patient portals, electronic health information access, or care coordination, these resources can help. Brevy at brevy.com provides comprehensive Georgia state guides on Medicare, Medicaid, and hospital programs.
Medicare and Medicaid
- Medicare: 1-800-MEDICARE (1-800-633-4227)
- Palmetto GBA Customer Service: 1-866-238-9650
- CMS Provider Enrollment: 1-866-484-8049
- Georgia DCH Medicaid Member Services: 1-866-211-0950
Beneficiary Assistance and Advocacy
- GeorgiaCares State Health Insurance Assistance Program (SHIP): 1-866-552-4464
- Medicare Rights Center: 1-800-333-4114
- Atlanta Legal Aid: 404-377-0701
- Georgia Legal Services Program: 1-800-498-9469
- 211 Georgia: dial 211 from any Georgia phone
- Eldercare Locator: 1-800-677-1116
Health Information Privacy and Access
- HHS Office for Civil Rights (HIPAA): 1-800-368-1019
- HHS Office of Inspector General (Information Blocking): 1-800-447-8477
- ONC Health IT: healthit.gov
Federal Health Policy
- CMS Promoting Interoperability: cms.gov
- CMS Hospital Compare: medicare.gov/care-compare
- Office of the National Coordinator for Health IT (ONC): healthit.gov
Georgia Public Health
- Georgia Department of Public Health: 1-866-PUB-HLTH (1-866-782-4584)
- Georgia Immunization Registry (GRITS): dph.georgia.gov/grits
If you have a hospital patient portal account (MyChart for Epic-based hospitals, or similar for other systems), you can access your medical records, message your providers, view test results, and download your records electronically. The Cures Act of 2016 protects your right to access your electronic health information; if you believe a hospital is blocking your access, you can report concerns to the HHS Office of Inspector General. For general assistance with Medicare benefits or appeals, contact GeorgiaCares SHIP or the Medicare Rights Center. For HIPAA privacy concerns, contact the HHS Office for Civil Rights. :::
Related Brevy Guides
- Georgia Medicaid Overview
- Medicare Cost Report (Georgia)
- Medicare Disproportionate Share Hospital (Georgia)
- Medicare Hospital Readmissions Reduction Program (Georgia)
- Medicare Hospital Value-Based Purchasing (Georgia)
- Medicare Hospital Inpatient Benefit (Georgia)
- Medicare 340B Drug Pricing (Georgia)