ONC eases EHR certification requirements

The Office of the National Coordinator for Health Information Technology wants to make it easier for vendors to get their products certified. Ultimately, the agency hopes this will give IT firms more time to focus on interoperability.

The agency announced today that it will allow vendors to "self-declare" meeting the majority of criteria needed to get their products certified. ONC will also ease requirements for random surveillance of health IT.

These changes will make the ONC Health IT Certification Program more efficient and will reduce the workload on both health IT users and developers, Elise Sweeney Anthony, director of the ONC's office of policy, and Steven Posnack, director of the ONC's office of standards and technology, wrote on the ONC's blog.

But these changes might also make for less capable—and less safe—electronic health records, said Robert Tennant, the Medical Group Management Association's director of health information technology policy.

"Deregulating this area could cause more harm than good," he said.

Providers are required to use a certified EHR in order to be compliant with meaningful use regulations.

Under the announced changes, health IT developers can declare that they've met 30 of 55 certification criteria, rather than having to go through ONC testing. Easing this requirement will cut back on the number of demonstrations and documentation previously necessary to gain certification.

The criteria that are now subject to self-attestation only have to do with functionality, rather than interoperability. The ONC intends for the reduced burden for these functionality-related criteria to spell more time and resources for health IT vendors to dedicate to meeting interoperability requirements that, in turn, will meet the goals set out by the 21st Century Cures Act.

Though easing the requirements might indeed reduce the administrative burden on vendors, it might not bode well for patient safety, Tennant said. Because there are so many products that have been decertified and under corrective action plans, it's tough to take vendors at their word, he said. "I don't know if less oversight is going to result in better products," he said. "I would suspect it might be the opposite. There might be less of an incentive for these vendors to meet the government requirements."

That concern is compounded by the reduction in surveillance of health IT. Historically, the ONC has relied on certification bodies to do random audits. The ONC will no longer check to make sure these bodies are conducting the audits. Freeing them up from doing so will allow them to spend more time certifying health IT under 2015 Edition requirements, Sweeney and Posnack wrote. The more time and resources they can spend on such certification, they wrote, the more certified products will be available to providers in CMS' Quality Payment Program. This will help in the years to come. But right now, these providers—and hospitals subject to meaningful use—aren't under the crunch they once were, since CMS announced last summer that they could continue using 2014 Edition-certified EHRs for another year.