Guerra On Healthcare: EHR Certification Boosts Competition
Electronic health record vendors are applying for -- and receiving -- a government-backed stamp of approval, expanding options for vendors and buyers.
No one is a bigger critic of the government's Health Information Technology for Economic and Clinical Health (HITECH) program than I, but I have to give credit where it's due.
Before we started down this road, there was one certification organization -- the Certification Commission for Health Information Technology (CCHIT). And it had all sorts of PR problems in the form of links to the vendor-run Healthcare Information and Management Systems Society (HIMSS). But at that time, without certification tied to the distribution of taxpayer money, no one could too vociferously decry a lack options. HITECH, however, changed all that.
Enter the Department of Health and Human Services (HHS) Health IT Policy Committee and a workgroup formed to investigate the state of certification headed by Paul Egerman, software entrepreneur, and Marc Probst, CIO at Intermountain Healthcare. I listened to meetings during which the duo detailed a new vision for electronic health record (EHR) certification, based on internationally respected procedures and a competitive landscape where private companies -- sanctioned by the government -- would compete on price and service.
It was a good vision, one I agreed with, but I had doubts about it coming to fruition. First off, I thought a lack of clarity around just about everything involved with the business would keep most prospective companies -- and I couldn't imagine the total universe being too large -- from taking up the gauntlet. I thought it would be prohibitively difficult for a company to determine if it could make a profit from certifying EHRs.
But the HIT Policy Committee endorsed the workgroup's proposal and those recommendations went to the Office of the National Coordinator for Health Information Technology (ONC), later making their way into a Notice of Proposed Rulemaking (NPRM) and, finally, a rule. However, the only thing that had really been created was the possibility of competition, which would only become reality when another company, besides CCHIT, got its government stamp of approval (as an Authorized Testing and Certification Body, or ONC-ATCB).
In an "and then there were two" moment, the Drummond Group announced it would seek ONC-ATCB status, gaining it on the same day as CCHIT, Sept. 3. The vision had started to become reality. Later, InfoGard Laboratories entered the mix, qualifying on Sept. 24; followed recently by ICSA Labs and SLI Global Solutions on Dec. 10. Amazingly, at least to me, the industry now had a certification marketplace.
And that marketplace is being used. I've seen announcements by major EHR vendors who are patronizing organizations other than the incumbent CCHIT. And what's even more interesting is CCHIT has stepped up its game in response to the new landscape. That organization is now offering one of the most interesting programs around -- self-certification for hospitals that are either using homegrown software or an older version of an off-the-shelf EHR that won't be certified.
In a relatively short span of time, we've moved from the vision of competition in the certification marketplace to reality. That happened because the vision was solid, backed by action, and carried forward with the flexibility needed to make course corrections along the way. Hopefully the program will get better and better as more lessons learned are absorbed and applied.
Kudos to Egerman and Probst for setting the agenda on this, and for everyone along the way who helped make it a reality.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.