Last week, the Health IT Policy Committee unanimously approved recommendations from its adoption and certification work group and its privacy and security work group on the proposed rule for EHR certification programs.
In the first letter to David Blumenthal, M.D., National Coordinator for Health IT, the panel approved 12 recommendations from the certification/adoption work group, including the following:
- The surveillance process used to evaluate certified products to ensure they adhere to adopted standards should be in compliance with testing criteria and certification criteria, and should maintain the effectiveness of systems and implementations.
- ONC should have the authority to de-certify EHRs or EHR modules if a pattern of unsatisfactory surveillance results emerges or if patient-safety concerns emerge.
- For certification and testing for stages 2 and 3, differential testing and certification should be allowed if: an applicant has already passed a specific test in a prior stage, there has been no change in the criteria for that specific test in a subsequent stage, and there has been no change in the applicant’s software version.
- It should be required that certified EHR modules are sold with a label indicating that the module has not been tested for interoperability with other modules.
- The ONC-Authorized Certification Body (ACB) should be permitted to test at its own facility, remotely, and at the site of a healthcare organization.
- ONC, as well as each ONC-ACB, should maintain a Website that clearly identifies the names of vendors and the vendor version numbers that have received certification and which shows which Meaningful Use stage has been tested and certified.
- Future flexibility should be allowed to certify other HIT systems, such as PHRs.
The committee also approved recommendations from its privacy work group related to the testing and certification of the modular components of EHR systems. The group advised that vendors be required to label the modules to identify the extent of the privacy and security components.
“We are pleased with ONC’s structural approach to certification,” says the committee. “By separating the certification process from the testing process, and by utilizing existing international testing, accreditation, and certification standards, ONC is improving the objectivity and transparency of the certification and testing processes.”
