Practices that could constitute information blocking:
Practices that restrict authorized access, exchange, or use under applicable state or federal law of such information for treatment and other permitted purposes under such applicable law, including transitions between certified health information technologies (health IT);
Implementing health IT in nonstandard ways that are likely to substantially increase the complexity or burden of accessing, exchanging, or using EHI;
Implementing health IT in ways that are likely to restrict the access, exchange, or use of EHI with respect to exporting complete information sets or in transitioning between health IT systems;
Limiting or restricting the interoperability of health IT, such as disabling or restricting the use of a capability that enables sharing EHI with users of other systems or restricting access to EHI by certain types of persons or purposes that are legally permissible, or refusing to register a software application that enables patient access to their EHI (assuming there is not a legitimate security reason that meets the conditions of the Security Exception, discussed further below);
Implementing health IT in ways that are likely to lead to fraud, waste, or abuse, or impede innovations and advancements in health information access, exchange, and use, including care delivery enabled by health IT.
Acts that lead to fraud, waste, or abuse, or impede innovations and advancements in health information access, exchange, and use, including care delivery enabled by health IT; and
Restrictions on access, exchange, and use, such as may be expressed in contracts, license terms, EHI sharing policies, organizational policies or procedures or other instruments or documents that set forth requirements related to EHI or health IT, such as Business Associate Agreements (BAAs).