Nothing in the current debate over how to proceed on widespread EHR implementation seems to generate as much heat as the issue of certification.
If you do a Google search on the term CCHIT, you very quickly come across articles and blog posts by people who adamantly believe certifying EHR products is wrong-headed or that one organization is being given too much power. Some argue that certification should be focused at the provider level, not the vendor level. Organizations with open source variations or home-grown clinical information systems or ones cobbled together from multiple vendors wonder how they will be assessed.
Others criticize CCHIT’s relationship with HIMSS (HIMSS was one of its co-founders and provided seed money, although CCHIT is now an independent entity). Still others say that it favors large vendors, who can create soup-to-nuts offerings, over smaller software companies and entrepreneurs.
One of our own bloggers, Holzer Clinic CIO Mark Harvey, argues that because general adoption rates are still far too low, setting the certification bar high initially is a mistake. “Help us digitize first,” Harvey wrote recently. “More sophisticated functionality will follow naturally.”
I have interviewed CCHIT Chair Dr. Mark Leavitt on several occasions and he usually makes the case that the organization is evolving to meet the needs of the industry and points to the number of small vendors that have achieved certification.
I like the suggestion of a recent Markle Foundation report that responsibility for certification shouldn’t reside with a single organization. The Markle report makes the case for letting a government entity such as NIST (National Institute of Standards and Technology) set the core criteria for certification of meaningful-use functionality, and then allowing multiple entities, both public and private, to do the actual certification testing.
“So long as these testing services all work on the same definition, these entities can then compete on their ability to provide value-added services above the minimum requirements,” the report continues. “Once the certification protocols are defined, the door should be left open to a plurality of private certification organizations, including ones like CCHIT, to compete for public and private sector business, as there are now for other IT products and services.”
While it wouldn’t address all the criticisms of CCHIT, opening up the process of certification to multiple organizations sounds reasonable to me. It might ease the fears of a monolithic, bureaucratic organization with too much power. I would be interested to hear what others think.
The Markle report goes on to point out that there also must be a validation mechanism. Certification only checks that a system has the capability to help an organization achieve the meaningful-use objectives. HHS must now develop mechanisms to determine whether organizations are using it in that fashion. Making sure those reporting schemes and attestations are not a huge burden on clinicians and CIOs will be a huge challenge.