Major changes are coming to the electronic health record certification process and despite some industry members surprised by the stance, the Office of the National Coordinator for Health IT signaled on Sept. 21, 2017, that, yes, it’s true, that it is indeed pulling back on EHR certification attestation requirements. The move, as announced by the agency is to remove many of the burdens on users and software developers, as well as an effort meant to drive interoperability.
HealthIT.gov, featured a blog titled, “Certification Program Updates to Support Efficiency & Reduce Burden,” in which ONC officials said that the program’s primary changes affect 30 of the 55 electronic health record (EHR) certification criteria. As such, per ONC, developers can “self-declare” that their product meets requirements, a vast difference from the previous allowance that said vendors were required to conduct a demo with a testing laboratory or submit documentation supporting certification claims.
American Medical Association (AMA) president David O. Barbe, M.D., told Fierce Healthcare that he appreciated the ONC's effort to focus on interoperability and usability, but argued the certification change could compromise patient care. "We believe that vendor self-declaration of certain EHR functions could have unintended consequences that jeopardize patient health, care coordination, and physician success in the Quality Payment Program," he said in a statement. "We encourage ONC to develop a timely, transparent process to hold health IT vendors accountable for their self-declarations."
Many others voiced their opinions as they try to wrap their heads around what all of the means. For example: “It may be these criteria fall into the category of rarely are they ever screwed up and it’s easy to tell if they weren’t done properly,” said Jeff Smith, vice president of public policy at the American Medical Informatics Association (AMIA). “It’s kind of like, you don’t need to certify that this car has four tires because, without that fourth tire, the car’s not going anywhere.”
There are others who are worried. Highlands Health System, which has two EHR vendors in its facilities across Kentucky, is feeling the burn. Its vendors include Cerner and eClinicalWorks. As you may recall, eClinicalWorks just paid $155 million to settle claims it falsely obtained certification for its EHR software. Michael Roberts, chief information officer of the health system said he’s concerned new changes to the program will allow vendors to obtain certification with less oversight. “When I hear that announcement, what I feel is you’re going to allow vendors who have already been caught cheating more flexibility and make it easier on them to cheat,” he said.
So, what’s changed, if you don’t already know? Essentially, changes cover functionality-based certification criteria that is meant to allow developers to devote more time to interoperability. “Health IT developers are still required to meet certification criteria requirements and maintain their products’ conformance to the full scope of the criteria,” Elise Sweeney Anthony, ONC’s director of the Office of Policy, and Steven Posnack, director of the Office of Standards and Technology wrote in the post. “Any non-conformity complaints received and associated with these certification criteria would continue to be reviewed and investigated by ONC [Authorized Certification Bodies].”
What does that leave? Well, it’s simple, apparently. According to ONC, nearly all of the remaining requirements that still require testing have some ties to interoperability, while the remainder—like computerized physician order entry, medication lists and family health history—are now self-declared. Clear enough.
Regarding certification enforcement, under this rule change that’s a lot more lax; ONC is exercising enforcement discretion by ending requirements that Authorized Certification Bodies (ACBs) conduct random surveillance of at least 2 percent of the health IT certification issued. Vendors might be able to take a deep breathe there.
“ONC will not, until further notice, audit ONC-ACBs for compliance with randomized surveillance requirements or otherwise take administrative or other action to enforce such requirements against ONC-ACBs,” the ONC officials said via their blog.
National Coordinator Donald Rucker, MD, said ONC wasn't sacrificing any of its regulatory oversight but was doing what it could to reduce the hoop-jumping required of vendors so they could better allocate their resources to more usable and interoperable products.
"What we're trying to do here is make things as smooth as possible in the regulatory process," Rucker said during a call with reporters. "We're not changing the certification requirements, per se. We're doing a little bit of streamlining on the process. So that will hopefully, in part, reduce vendor costs – and in a market economy over time some of those savings come down to providers."
Rucker added that the goal of the de-regulation is to "increase the operational efficiency of the vendors to the extent that we can. Because those (testing) costs are all eventually, sooner or later, borne by the providers purchasing the products."