In official comments submitted to the U.S. Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology, HIMSS provided recommendations in response to ONC's Notice of Proposed Rulemaking (NPRM) for the Voluntary 2015 Edition Electronic Health Record (EHR) Certification Criteria; Interoperability Updates and Regulatory Improvements.
HIMSS recognises this proposed rule as an opportunity to explore potential program improvement areas and potential scope minimisation, and provide multi-stakeholder feedback to ONC. HIMSS has long advocated for ensuring that all Final Rules and associated changes and new standards are published at least 18 months before the beginning of the required implementation period, to allow adequate time for developers to make the needed technology changes, for the industry to develop its response, for certification to occur, and for providers to plan and implement required software and process changes. While voluntary, the tight timeframes of this proposed regulation go against this position.
HIMSS strongly supports the separation between content and transport as proposed, noting that combination of the two in a single criterion has been challenging for both developers and providers.
Additionally, HIMSS supports the data elements and constraints suggested by ONC for patient matching, and recommends that key performance indicators (KPIs) be used in order to ascertain the quality of the patient data match as part of the 2017 Certification Criteria. Further, on issues related to privacy and security, HIMSS comments on approaches for auditable events, audit reports, end-user encryption and others, and extensive comments on Certification Policy for EHR Modules and Privacy and Security Certification Criteria.
