The Office of the National Coordinator for Health IT (ONC) held a webinar to address questions raised from the publication of the ONC Health IT Certification Program: Enhanced Oversight and Accountability Proposed Rule in March.
The rules aims to further enhance the safety, reliability, transparency and accountability of certified health IT for users by modifying the ONC Health IT Certification Program to reflect the widespread adoption of certified EHRs and the rapid pace of innovation in the health IT market.
The webinar speakers, Michael L. Lipinski, JD, director of the Department of Health and Human Services’ (HHS) Division of Federal Policy and Regulatory Affairs; and Mark A. Knee, JD, senior policy analyst, cleared up some “incorrect press” by detailing what the rule does and does not enable.
It does not create new certification requirements for health IT developers or create new certification requirements for health IT for providers participating in Department of Health and Human Services programs. The proposed rule also does not establish a means for ONC to directly test and certify health IT. ONC’s authorized certification bodies (ACBs) will continue to test and certify health IT. It does not establish regular or routine auditing of certified health IT by ONC.
The proposed rule does enable ONC to directly review already certify health IT products, increases ONC oversight of health IT testing bodies and enables increased transparency and accountability by making identifiable surveillance results of certified HIT publicly available.
The direct review discussed in the proposed rule would be independent of and may be in addition to reviews conducted by ONC-ACBs. It would extend beyond the continued performance of the certified health IT’s capabilities with the specific certification criteria, test procedures and specific certification requirements. It also would extend to the interaction of all capabilities within the certified health IT technology with certified capabilities and the interaction of all capabilities with other products.
ONC wants to focus on situations that pose a risk to public health or safety and other exigencies, Lipinski said. Goals include supporting greater accountability for health IT developers under the program, provide greater confidence that health IT conforms to program requirements and work with health IT developers to remedy any identified non-conformities of certified health IT in a timely manner.
The agency also wants to ensure that technology continues to perform in the way it was originally tested and certified.
The rule proposes two different notice—one a notice of potential nonconformity and one a notice of nonconformity. Such notices put developers on notice about potential and actual nonconformities, he said. They would specify reasons for the concern. The rule proposes that ONC has the ability to access and share within HHS, with other federal agencies and with appropriate entities a developer’s relevant records related to the development, testing, certification, implementation, maintenance and use of its products as well as any complaint records related to the product.
A 30-day response period unless ONC identifies a different time period, would enable the agency to act very swiftly, Lipinski said.
If a technology is suspended, the developer would be required to notify affected and potentially affected users in a timely manner.
The proposed rule also details the ability of ONC to terminate a technology for generally the same reasons as there are for suspension. That also is warranted if ONC concludes that nonconformities cannot be cured and is effective upon the expiration of the 30-day period for filing an appeal or if the developer does file appeal, upon the final determination to terminate.
ONC is requesting comments on all of these processes.
The proposed rule also calls for the availability of identifiable surveillance results to foster greater transparency. They feel that would motivate some developers to improve their maintenance efforts, but most of the results would serve to reassure customers and users of certified health IT.
When asked whether mobile technology is included within the scope of the proposed rule, Knee said that any technology certified under the program is included.
Another listener asked how the agency would distinguish between differences of opinion—someone might say a problem is a minor annoyance while someone else says the technology is killing