Innovation Files has moved! For ITIF's quick takes, quips, and commentary on the latest in tech policy, go to

Industry Should Help Certify Online Health Records

recent article in The Washington Post has called into question the role of the private sector in setting standards for electronic health record (EHR) systems. Specifically, the article questions the appropriateness of allowing a group that originally pushed for stimulus funds to now have an oversight role in how those funds are spent.

This thinking is misguided. While government should continue to set the broad principles in defining “meaningful use” of EHR systems, it should also welcome the opportunity to partner with the private sector in defining certification requirements.

At issue are the efforts of the Healthcare Information and Management Systems Society (HIMSS), an association of healthcare technology vendors and medical providers, to convince the U.S. Department of Health and Human Services to require that EHR systems receiving stimulus funds be certified by the Certification Commission for Healthcare Information Technology (CCHIT).

As documented by the Post, CCHIT includes “several board members that work for technology vendors,” and the current president is a former HIMSS executive.

HIMSS also helped educate Congress on the benefits of using stimulus funds for health IT, which resulted in the final stimulus legislation including billions for EHR systems that provide “meaningful use.” While that term still needs to be clearly defined by the federal government, the private sector should help in that process.

CCHIT is not a mere puppet of health IT vendors. Since 2006, it has been recognized as a certification body by Health and Human Services. In addition, regardless of its origins, CCHIT is primarily funded through its government contracts — Health and Human Services has contracted with CCHIT to develop EHR certification requirements.

Moreover, CCHIT is working with Health and Human Services to develop new standards for 2009-2010 that fully address the requirements of the American Recovery and Reinvestment Act.

Finally, CCHIT has developed and applied its certification requirements to numerous health IT systems, including ambulatory EHR systems, inpatient EHR systems, and health information exchanges. Its body of work suggests it has developed an effective certification process.

The real question is not over CCHIT, but over whether or not the private sector should be an integral part of the certification process.

What is the alternative? CCHIT is the only certification body for health IT systems — in fact, the government even uses CCHIT to certify its own systems.

The federal government does have some expertise in developing EHR systems, but it is rather limited. For example, it has led the development of the Department of Veterans Affairs VistA system and the Indian Health Service Resource and Patient Management System. However, contractors completed much of this work.

Looking at lessons from abroad, involving industry in this process should be a no-brainer. Denmark, probably the country with the most advanced national implementation of health IT systems, actively engages with industry for certification. For example, MedCom, the Danish healthcare organization responsible for setting standards for health IT systems, acts as the coordinating body to bring vendors to the table to set the actual standards (along with doctors, health care organizations, laboratories, and others).

Similar activity can be seen in Finland, a country with nearly universal EHR usage, where the Ministry of Social Affairs and Health has created a number of working groups to define various standards. These groups labor to build consensus on standards by engaging with everyone from IT vendors to healthcare professionals.

Probably the best example can be seen in the Netherlands. Since 1991, primary care providers could receive bonus payments by using a qualified computer system. To receive the payments, however, the doctor’s system has to meet certain criteria determined by the Dutch National Association of Practitioners.

CCHIT has a good track record with certification, and its industry insider knowledge should be seen as an asset, not a liability. In addition, we see good results in some of the leading countries where vendors have an important seat at the table in developing health IT policy and standards.

While government should have a role in setting the broad principles of “meaningful use,” such as functionality, interoperability, security, and privacy, many of the details can and should be left to industry.

Originally posted on


Print Friendly, PDF & Email