The Information-Blocking Crackdown Has Arrived
Why now is the time to take information sharing seriously
It’s official: HHS has shifted from guidance to enforcement. On September 3, 2025, HHS announced it is ramping up enforcement against entities restricting patients’ access, exchange, or use of electronic health information (EHI). The notice underscores that ASTP/ONC and HHS‑OIG will now focus on enforcement of the longstanding information blocking rules and urges people to report suspected information blocking.
The message is clear: investigations are no longer theoretical. They’re here.
In his latest video, HHS Secretary RFK Jr. captures the urgency of implementing transparency. Hear why this enforcement push isn’t only about policy; it’s about performance.
What Changed This Week
Under the 21st Century Cures Act, ASTP/ONC and OIG are now actively investigating and penalizing information blocking. As evident from Secretary Kennedy’s video above, the announcement emphasized three key points:
· Mandatory reporting: Patients, providers, and attorneys are being actively encouraged to file suspected cases on Information Blocking Portal
· Real penalties: OIG can impose fines of up to $1 million per violation on developers, HIEs, and HINs
· Provider disincentives: CMS is implementing measures that can directly affect Medicare participation and quality program standing
Why It Matters
Information blocking is no longer a technicality. It carries financial, operational, and reputational risks. With ASTP’s QuickStats dashboard, Information Blocking Claims: By the Numbers, surfacing complaints and enforcement agencies (HHS and OIG) pursuing them, organizations risk penalties and being visibly named in the process.
| Regulators Say | What It Means for You |
|---|---|
| Patients, providers, and attorneys should report suspected information blocking. | Expect more complaints to be filed – many from patients and their representatives. Every workflow is now subject to scrutiny. |
| OIG can impose fines of up to $1 million per violation on developers, HIEs, and HINs. | Vendors and networks face steep financial penalties, and providers connected to them may feel the ripple effects. |
| CMS is activating provider disincentives tied to Medicare participation and quality programs. | Compliance lapses can directly affect reimbursement and program standing, not just create legal exposure. |
What the Data Shows
ONC’s Information Blocking Claims dashboard reveals that as of August 31, 2025:
1,420 complaints received.
1,336 possible claims of information blocking.
Most complaints come from patients and their representatives. Attorneys are also filing, and their cases often involve higher stakes due to demonstrated patient harm.
Staying Off the Radar
Organizations that thrive in this new environment have one thing in common: robust, documented, FHIR-standard information sharing. That means:
· Ensuring patient access without unnecessary fees or delays.
· Enabling provider-to-provider exchange without stalling.
· Avoiding “gotcha” paywalls that violate EHI access/exchange/use rules.
· Documenting exceptions when sharing isn’t possible (harm, privacy, infeasibility).
· Maintaining clear audit logs of requests, releases, exceptions, and response time to prove compliance.
A Smarter Way Forward with Darena Health
At Darena Health, we’ve built compliance into the workflow itself. ONC-certified FHIR API, exception-aware processes, and detailed audit trails make it easier for providers and developers to stay compliant while keeping patient care front and center.
| What We Provide | Why It Protects You |
|---|---|
| FHIR-standard patient access - app-of-choice access with no unnecessary fees or delays. | Avoids accusations of blocking patients from their own health data. |
| Provider-to-provider exchange - seamless sharing without stalling or unjustified delays. | Ensures timely clinical collaboration and keeps you aligned with enforcement expectations. |
| No “gotcha” fees - practices aligned with Fees & Licensing exceptions. | Prevents violations tied to hidden charges or paywalls for EHI access. |
| Exception documentation - workflows for Privacy, Preventing Harm, or Infeasibility. | Shows regulators that restrictions were legitimate, not obstruction. |
| Comprehensive audit logs - requests, releases, exceptions, and response times all tracked. | Creates evidence you can present if complaints or investigations arise. |
Information blocking is not a hidden risk. It’s a public, enforceable one. Your best protection is making information sharing a default.
EHRs will need a working FHIR API. Simply having one that checks the box will not suffice.
If your EHR has a working FHIR API (or you are a Darena Health customer):
Verify your Information Sharing configuration is ON and working as designed.
Run a quarterly self‑audit (we can provide a quick checklist, if needed).
If you are uncertain about any workflow, request a 15‑minute compliance review.
Ready to strengthen your compliance posture?
Connect with us for a quick review and see how to enable seamless, certified information sharing while keeping your EHR and the providers you support off the enforcement radar.
