Having worked with them in two industries over the last 10 years, I can tell you that CIOs are a pretty unflappable bunch. They're used to seeing inside and outside influences -- the government, their CEOs, and corporate boards -- upset the five year plan apple cart they've meticulously constructed to bring their organization through the coming years, so they're also used to revising, and sometimes scrapping, their strategic plans. But the latest tunes the government is singing about Meaningful Use-related certification have this usually phlegmatic bunch quite exasperated.
I can attest to this because I've been asked if I can shed light on rumors that any data -- either sent to another healthcare provider or CMS itself -- that comes out of a certified EHR and goes through a data warehouse or integration technology before reaching the counter party will not qualify for Meaningful Use dollars unless the warehouse or engine is also certified.
Now, I can tell you that I was on a CMS "educational seminar" call during which a question related to the scenario above was asked. The CMS speaker first stated that any EMRs which gained certification under the new regime would be able to handle data exchange or reporting requirements without assistance from third-party technology. If, however, an institution did send data through some translating (think HL7) or interfacing software, yes, that software would need to be certified.
This, of course, begs the question: certified as what by whom? As CMS/ONC have yet to certify any organizations to test EHRs, it seems odd that a new program -- lacking the legislative sanction which HITECH granted to EHRs -- is in the offing. One would think CMS/ONC have enough on their plates.
But government biting off more than it can chew is not of concern to most CIOs. What is of concern is the continuing uncertainty such chatter creates in the marketplace. I heard from one CIO who said she had tabled a project due to certification-related confusion. To be sure, she continued, if CMS is going to require certification of interface engines, it has better get started soon, because every hospital in the country uses them.
I've also written before that some of CMS's Q&A sessions saw the agency leave with as many questions to research as it was able to answer during the meeting. To be fair, it's probably impossible to craft a program of this scope and magnitude without having some loose ends that need to be tied up, but it seems CMS/ONC is fraying new edges all on its own. ONC was granted a legislative mandate to certify EMRs, not the ancillary systems that make their interaction possible. If it eventually decides to move in that direction, fine, but now is not the time.
CIOs, and the industry at large, have enough marching orders to follow without being stymied at the starting gate. They need reassurance that though the road ahead involves a steep climb, there are no hidden potholes. They need to settle down and dig in. The latest talk that CMS/ONC is expanding its certification purview and/or disallowing the use of omnipresent technologies is stopping projects and causing consternation. A clear message from the government that such chatter is groundless would be most welcome.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.