Skip to content Skip to navigation

HIMSS Offers Guidance on Health IT Framework

November 8, 2013
by Gabriel Perna
| Reprints


The Healthcare Information and Management Systems Society (HIMSS) has written a letter to Health and Human Services Secretary Kathleen Sebelius offering feedback on health IT regulation, pertaining to the Food and Drug Administration Safety and Innovation Act (FDASIA) 2012. 
The letter starts off with a clarification that health IT products used primarily for the subsequent transmission, storage or management of data, including electronic health records (EHRs) and Clinical Decision Support (CDS) systems, do not fit the "definition of, nor would be appropriately regulated as, medical devices." 
As such, HIMSS writes, these (health IT) products should "be subject to a new risk-based oversight framework that takes into account factors such as risk relative to intended use and cost/benefit of any proposed oversight and the construct of shared responsibilities, with the intent of ensuring patient safety and appropriate improvements in quality, effectiveness, and efficiency of care delivery."
HIMSS says this oversight framework should act in concert with medical device regulation framework from the standpoint of the end-user or manufacturer. 
"We recognize that health IT and medical devices are interwoven into a single, broad patient care ecosystem, and believe that the new health IT framework can complement the existing medical device regulatory process. Our comments offer proposed elements and rationales of such an oversight framework," HIMSS writes. 
In the letter, signed by Chair of the HIMSS Board of Directors Scott MacLean and President & CEO Steve Lieber, the advocacy group mentions four areas this framework should address. This includes: 
  1. Balancing the costs and benefits of any program proposal;
  2. Ensuring clear, consistent and non-duplicative language and enforcement;
  3. Being affordable to those expected to bear direct and indirect compliance costs; and
  4. Avoiding adding burdens that inhibit or delay improvements to systems that improve care delivery and safety.




EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.

Healthcare Organizations Again Go to Bat for AHRQ

Healthcare organizations are once again urging U.S. Senate and House leaders to protect the Department of Health and Human Services’ Agency for Healthcare Research and Quality (AHRQ) from more budget cuts for 2017.

ONC Pilot Projects Focus on Using, Sharing Patient-Generated Health Data

Accenture Federal Services (AFS) has announced two pilot demonstrations with the Office of the National Coordinator for Health Information Technology (ONC) to determine how patient-generated health data can be used by care teams and researchers.

Is it Unethical to Identify Patients as “Frequent Flyers” in Health IT Systems?

Several researchers from the University of Pennsylvania addressed the ethics of behavioral health IT as it relates to “frequent flyer” icons and the potential for implicit bias in an article published in JAMA.