EHR Certification Plan Unveiled

Permanent Program for HITECH EHR Certifiers
EHR Certification Plan Unveiled
Federal authorities have unveiled details for a permanent program to certify electronic health records software for the HITECH Act EHR incentive program.

The final rule establishing the permanent program outlines the process for selecting certifiers and spells out their duties in verifying software meets the HITECH certification standards. To be certified, EHR software must contain numerous security functions, including encryption and authentication.

The permanent program is slated to replace the temporary EHR certification program by Jan. 1, 2012, "or at a later date when the processes necessary for the permanent certification program to operate are completed," according to an announcement from the Department of Health and Human Services' Office of the National Coordinator for Health IT.

"The permanent program provides new features that will enhance the certification of health information technology, including increasing the comprehensiveness, transparency, reliability and efficiency of the current processes used for the certification of electronic health record technology," according to the ONC, which is headed by David Blumenthal, M.D.

The temporary, less comprehensive, certification effort was created to kick-start the incentive program so it could begin accepting applications Jan. 3 for Stage 1. So far, more than 150 EHR applications have been certified.

Organizations serving as certifiers under the temporary program will have to re-apply to participate in the permanent program. Those now certifying all aspects of EHRs are: ICSA Labs, SLI Global Solutions, The Certification Commission for Health Information Technology, the Drummond Group Inc. and InfoGard Laboratories Inc. In addition, Surescripts was recently selected to certify only the e-prescribing, privacy and security modules of electronic health records.

Under the permanent certification program:

  • Organizations must first be accredited to test and/or certify EHRs. The National Institute of Standards and Technology will develop the accreditation program.
  • Certification bodies will be required to conduct post-certification surveillance of applications.
  • Certifiers will be able to offer "gap certification" of EHRs already certified to verify that they comply with new or revised certification criteria.

The final, official rule creating the permanent EHR certification program was posted in the Federal Register Jan. 7.

About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.