Julia Child used a special prep technique for making her famous Queen of Sheba chocolate almond cake. She said, “One thing that you must be sure to do is to read the recipe first. Because, if you don’t, you might  find that in the midst of the batter, you’ll have to rush out to the supermarket to get something, and that will never do.”  

CMS Access is at a similar moment. The industry is moving with haste toward new access and interoperability requirements, but speed without preparation creates risk.

The 21st Century Cures Act and subsequent ONC and CMS interoperability rules expand patient access to electronic health information and prohibit information blocking to enable provider exchange. They follow a strict recipe of standardized APIs, data availability and defined use cases for exchange.

Organizations that move to implementation without first aligning governance, consent workflows, identity management, and audit processes may find themselves scrambling mid deployment.  Nobody likes to run to the supermarket in the middle of making a chocolate cake.

Necessary Instructions

So, what does the CMS Interoperability and Patient Access require? First, payers are required to make claims, encounter data, and clinical data available through FHIR based APIs. Second, it establishes obligations for directory accuracy and encourages broader data sharing across networks which includes payer-to-payer data sharing when members transition between plans.

And prepare yourself further as the idea of compliance is stretched past simple technical connectivity. It includes operational readiness, documented policies, and oversight mechanisms that can withstand regulatory scrutiny.

This is serious stuff. It’s clear that CMS views access as a patient right supported by enforceable standards.

The Special Ingredient: Enforcement

Did you think all these changes to access would come without oversight? Would Julia Child add an egg to her chocolate cake without whisking it first? Unequivocally, “no!”

CMS focuses on program compliance and relies on the ONC/Cures Act framework for steady, enforceable oversight into information blocking and valid certifications.  Federal agencies are serious about auditability and consistent application of exchange purposes. With great power comes great responsibility. Access expansion will directly affect the standardized enforcement of appropriate use, privacy, and anomalous activity.

Julia Child is Always Right

Julia Child had it right: always read the recipe first.

When it comes to CMS Access, that means taking the time to really understand what’s required. What the rules say, where the data comes from, how identity is verified, and who’s responsible for what.

Jumping in without that prep might seem faster, but it usually creates more problems later. Starting with a clear plan makes everything smoother and helps you stay on track as the rules continue to change.

The Final Step: Taste as You Go

Even Julia Child didn’t just follow the recipe; she tasted as she went. CMS Access is no different. Implementation isn’t a one-time effort; it requires ongoing activities that create a continuous improvement cycle. The CMS wants to ensure that data access is appropriate and policies hold up in practice.

Readiness matters, but so does iteration. Because in both baking and interoperability, success comes from paying attention in preparation so the execution is smooth, consistent, and reliable.