ONC to Scale Back Oversight of EHRs With Updates to Health IT Certification | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

ONC to Scale Back Oversight of EHRs With Updates to Health IT Certification

September 21, 2017
by Heather Landi
| Reprints

The Office of the National Coordinator for Health Information Technology (ONC) on Thursday announced two major changes to the ONC Health IT Certification program that signals it will relax its oversight of how well electronic health records (EHRs) meet government standards.

ONC officials stated that the changes are intended to improve the program’s efficiency and reduce burden on health IT developers and users. Through these two changes, ONC will allow self-declaration for certain certification criteria and will exercise discretion in randomized surveillance requirements.

In an ONC Health IT Buzz blog post, Elise Sweeney Anthony, director of ONC’s Office of Policy, and Steven Posnack, director of ONC’s Office of Standards and Technology, said the changes entail approving more than 50 percent of test procedures to be self-declaration and exercising discretion for randomized surveillance of certified health IT products.

These changes were recently issued to ONC-Authorized Certification Bodies (ONC-ACBs) and ONC-Authorized Testing Laboratories (ONC-ATLs), Anthony and Posnack said.

The first change entails ONC revising the ONC-approved test procedures for 30 out of the 55 certification criteria that were adopted to, in part, support the Centers for Medicare & Medicaid Services’ (CMS) Quality Payment Programs. Those 30 certification criteria are now “self-declaration only.”

“This means that health IT developers will self-declare their product’s conformance to these criteria without having to spend valuable time testing with an ONC-ATL. This testing typically included either a visual demonstration of the product’s functionality or submission of documentation confirming the required functionality,” Anthony and Posnack wrote.

The ONC officials note that self-declaration is not a new approach and is used among other industry testing programs. In evaluating the Certification Program’s potential burdens, ONC determined that this industry approach would best meet its efficiency goals while maintaining overall integrity, Anthony and Posnack wrote.

The test procedures for health IT products now designated as “self-declaration” are for functionality-based certification criteria.

“By making this change, ONC enables ONC-ATLs and health IT developers to devote more of their resources and focus on the remaining interoperability-oriented criteria, aligning with the tenets of the 21st Century Cures Act,” Anthony and Posnack wrote. “In addition, health IT developers are still required to meet certification criteria requirements and maintain their products’ conformance to the full scope of the criteria. Any non-conformity complaints received and associated with these certification criteria would continue to be reviewed and investigated by ONC-ACBs.”

The second change ONC announced on Thursday relates to exercising enforcement discretion when it comes to ONC-ACBs conducting randomized surveillance. ONC-ACBs are required to conduct randomized surveillance for, at a minimum, two percent of the health IT certifications they issue.

ONC will not, until further notice, audit ONC-ACBs for compliance with randomized surveillance requirements or otherwise take administrative or other action to enforce such requirements against ONC-ACBs, Anthony and Posnack wrote.

“In addition, we will not consider lack of implementation of these requirements by an ONC-ACB to be a violation of an ONC-ACB’s compliance requirements under the Principles of Proper Conduct, nor will it impact an ONC-ACB’s good standing under the Certification Program,” the ONC officials stated.

This change will permit ONC-ACBs to prioritize complaint driven, or reactive, surveillance and allow them to devote their resources to certifying health IT to the 2015 Edition, Anthony and Posnack stated. “These new actions we are announcing today will support greater availability of certified health IT for providers participating in the CMS’ Quality Payment Program,” the ONC officials wrote.






Get the latest information on Meaningful Use and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Allscripts Acknowledges Ransomware Attack, Says Impact is “Limited”

Health IT vendor Allscripts has acknowledged that it is investigating a ransomware incident that has impacted a limited number of its applications.

AHRQ to Fund Patient Safety Learning Laboratories

The federal Agency for Healthcare Research Quality plans to spend up to $5 million in fiscal 2018 to support as many as eight patient safety learning laboratories.

RCM Global Software Market to Hit $43.3B by 2022, Report Finds

The global market for healthcare revenue cycle management software is estimated to reach $43.3 billion by the end of 2022, according to a report from Future Market Insights (FMI).

Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy

OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”

Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients

International media outlets are reporting that a hacker or hacker group breached the systems of Norway’s Health South East EHF, potentially compromising the healthcare data of nearly 3 million patients, or about half of Norway’s population.

Healthcare Groups Call for Improvements to Prior Authorization Process

A collaborative of healthcare organizations, including the American Medical Association, the American Hospital Association, and the Medical Group Management Association, released a joint statement this week calling for improved prior authorization procedures, including automating the process to improve transparency and efficiency.