Guerra On Healthcare: Meaningful Use Certification Confounds CIOs - InformationWeek
Healthcare // Electronic Health Records
08:01 PM
Anthony Guerra
Anthony Guerra
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Guerra On Healthcare: Meaningful Use Certification Confounds CIOs

Uncertainty over the data certification requirements for Electronic Health Records has normally unflappable healthcare CIOs exasperated.

Image Gallery: African Hospital Digitizes Medical Records
(click for larger image and for full photo gallery)
Having worked with them in two industries over the last 10 years, I can tell you that CIOs are a pretty unflappable bunch. They're used to seeing inside and outside influences -- the government, their CEOs, and corporate boards -- upset the five year plan apple cart they've meticulously constructed to bring their organization through the coming years, so they're also used to revising, and sometimes scrapping, their strategic plans. But the latest tunes the government is singing about Meaningful Use-related certification have this usually phlegmatic bunch quite exasperated.

I can attest to this because I've been asked if I can shed light on rumors that any data -- either sent to another healthcare provider or CMS itself -- that comes out of a certified EHR and goes through a data warehouse or integration technology before reaching the counter party will not qualify for Meaningful Use dollars unless the warehouse or engine is also certified.

Now, I can tell you that I was on a CMS "educational seminar" call during which a question related to the scenario above was asked. The CMS speaker first stated that any EMRs which gained certification under the new regime would be able to handle data exchange or reporting requirements without assistance from third-party technology. If, however, an institution did send data through some translating (think HL7) or interfacing software, yes, that software would need to be certified.

This, of course, begs the question: certified as what by whom? As CMS/ONC have yet to certify any organizations to test EHRs, it seems odd that a new program -- lacking the legislative sanction which HITECH granted to EHRs -- is in the offing. One would think CMS/ONC have enough on their plates.

But government biting off more than it can chew is not of concern to most CIOs. What is of concern is the continuing uncertainty such chatter creates in the marketplace. I heard from one CIO who said she had tabled a project due to certification-related confusion. To be sure, she continued, if CMS is going to require certification of interface engines, it has better get started soon, because every hospital in the country uses them.

I've also written before that some of CMS's Q&A sessions saw the agency leave with as many questions to research as it was able to answer during the meeting. To be fair, it's probably impossible to craft a program of this scope and magnitude without having some loose ends that need to be tied up, but it seems CMS/ONC is fraying new edges all on its own. ONC was granted a legislative mandate to certify EMRs, not the ancillary systems that make their interaction possible. If it eventually decides to move in that direction, fine, but now is not the time.

CIOs, and the industry at large, have enough marching orders to follow without being stymied at the starting gate. They need reassurance that though the road ahead involves a steep climb, there are no hidden potholes. They need to settle down and dig in. The latest talk that CMS/ONC is expanding its certification purview and/or disallowing the use of omnipresent technologies is stopping projects and causing consternation. A clear message from the government that such chatter is groundless would be most welcome.

Anthony Guerra is the founder and editor of, a site dedicated to serving the strategic information needs of healthcare CIOs. He can be reached at

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll