Skip to content Skip to navigation

ONC Issues Final Rule to Modify EHR Certification Program, Creates More Direct Oversight

October 14, 2016
by Heather Landi
| Reprints
Click To View Gallery

The U.S. Department of Health and Human Services' (HHS) Office of the National Coordinator for Health Information Technology (ONC) issued a final rule today that updates the ONC Health IT Certification Program which sets up a regulatory framework for ONC to directly review certified health IT products and gives the agency more direct oversight of health IT testing labs.

The new rules on oversight and accountability are designed to address issues of public health and patient safety and increase accountability and transparency into the surveillance of certified electronic health record (EHR) products, according to ONC officials.

According to an ONC press release, the “ONC Health IT Certification Program: Enhanced Oversight and Accountability” final rule will enable the ONC Health IT Certification Program to better support physicians and hospitals–the vast majority of whom use certified electronic health records (EHRs)– and the rapid pace of innovation in the health IT market.

As with the proposed rule, which HHS and ONC released March 1st during HIMSS16, the final rule will focus on three key areas—direct review, enhanced oversight and greater transparency and accountability.

According to an ONC fact sheet, the final rule updates the ONC Health IT Certification Program to provide enhanced oversight and health IT developer accountability. “Specifically, the final rule stands up a focused ONC direct review regulatory framework, aligns the testing lab oversight with the existing processes for ONC-Authorized Certification Bodies (ONC-ACBs), and makes a more comprehensive set of ONC-ACB surveillance results publicly available,” ONC officials stated.

The final rule will focus on three key areas:

Direct Review: Provides a regulatory framework for ONC to directly review certified health IT products and take necessary action in circumstances involving: (1) potential risks to public health and safety; or (2) circumstances that present practical challenges for ONC-Authorized Certification Bodies (ONC-ACBs)—such as when issues arise involving multiple certified functionalities or products that have been certified by multiple ONC-ACBs. The final rule also focuses on corrective action plans to address issues and includes an appeals process under the Program for health IT developers that have products under direct review.   

Consistent Authorization and Oversight: Establishes a process for ONC to authorize and oversee accredited testing laboratories (ONC-ATLs) to align with ONC’s existing oversight of ONC-ACBs, and facilitates ONC’s ability to quickly, directly, and precisely address testing and performance issues.

Increased Transparency and Accountability: Makes identifiable surveillance results of certified health IT publicly available to advance ONC’s overall commitment to transparency and provide customers and users with valuable information about the performance of certified health IT, including illuminating good performance and continued conformance with program requirements.

The final rule will require ONC-ACBs to make identifiable surveillance results publicly available on the web-based Certified Health IT Product Lis (CHPL) on a quarterly basis. According to ONC, this information will also benefit health IT developers that perform well. “To date, ONC only lists corrective action plans for non-conformities on the CHPL. Through this final rule, ONC will provide more complete information that illuminates good performance and continued conformity with program requirements for certified health IT,” ONC stated.

As previously reported by Healthcare Informatics, in May, comments from health IT stakeholders on the rule became public, with concerns stemming regarding ONC’s ability to perform the above actions.

In a statement about the final rule issued today, Health IT Now Coalition executive director Robert Horne, said ONC “is clearly overstepping its statutory authority by moving forward with direct review of uncertified functionalities and products, in addition to certified products.”

“Our chief concern is the potential for negative consequences from the ONC final rule. Simply put, the Office of the National Coordinator for Health IT was not created by Congress to be a regulator like the Food and Drug Administration (FDA),” Horne said in his statement. “By focusing on safety issues, ONC is encroaching on the regulatory functions of other federal agencies like the FDA. The FDA, Congress, and other stakeholders have been working for many years to strike an appropriate balance between supporting innovation and regulatory clarity for health IT products. Much progress has been made, with more work needing to be done. This ONC action has the potential to negatively impact those efforts, create confusion in the marketplace, slow innovation, and adversely affect patient safety by impeding access to health IT products.

Health IT Now also stated that it is urging the White House to reconsider this approach. “We also urge Congress to use its authorities to prevent this rule from being implemented, including the withholding of appropriations,” Horne said.