CCHIT

Privacy should be #1 PHR priority, CCHIT committee says

Anne Zieger — Sun, 27 Jul 2008 19:04:06 -0400

While other issues matter, privacy should be the top priority in setting certification criteria for PHRs, according to a task force run by the Certification Commission for Healthcare Information Technology. The CCHIT's Personal Health Records Advisory Task Force recommended not only that PHRs protect private patient information, but also that they be able to send and receive data from varied data sources including ambulatory and hospital EMRs, labs and pharmacies.

The committee's work builds on prior research done by the National Alliance for Health Information Technology, which developed standardized definitions for six key health IT terms. These include that PHRs would conform to nationally recognized interoperability standards, and also, that individuals would manage PHR data.

To learn more about the PHR task force's recommendations:
- read this Modern Healthcare piece (reg. req.)

Related Articles:
Key players agree on PHR framework
AHIMA demands better PHR privacy protections
Addressing ID verification could spur PHR adoption
HIPAA privacy officer job expanding quickly

NAHIT name game gives some vendors a headache

Mon, 09 Jun 2008 06:59:55 -0400

In theory, it doesn't make sense to move ahead with major IT initiatives until the industry has at least some clue as to how to define key terms. However, a recent effort by the National Alliance for Health Information Technology (NAHIT)--particularly in defining the difference between EMRs and EHRs--seems to be creating as many problems as it solves. Over several months, NAHIT came up with definitions for key terms in HIT, including EHR, EMR, personal health record, health information exchange and regional health information organization. Most notably, as NAHIT defines things, an EMR is a record used internally in a medical practice that can't share information with other practices, while EHRs can do so.

The problem with this is that NAHIT seems to have defined some vendors right out of their marketing position. There are several companies that use the term "EMR" to define themselves, such as NextGen Healthcare Information, and have gotten their interoperability certification from the CCHIT. If they have to go back and rebrand themselves as an "EHR" they'll be a bit annoyed, to say the least, officials note.

To learn more about the terminology dispute:
- read this Modern Healthcare piece (reg. req.)

Related Articles:
CCHIT makes EMR certification simpler
CCHIT gets official, approves new vendors

ALSO NOTED: Community, public clinics urged to collaborate on EMRs;MA EMR/HIE pilot extended; and much more...

Mon, 21 Apr 2008 06:59:50 -0400

> A new report from the California HealthCare foundation suggests that community and public health clinics should work together to implement EMRs. Article (Colorado has already done something similar. Article)

> An EMR and HIE pilot project taking place in three Massachusetts towns has been extended six months using a funding surplus. Article

> The CCHIT will begin a two-week application period today to seek additional volunteers for its work group. Article

> An Arizona hospital has begun posting ED wait times for its three hospitals on its website. FierceHealthcare

And Finally... If you're going to go anyway, you might as well not take too much with you. Article

CCHIT invites vendors to apply for EMR pilot

Mon, 11 Feb 2008 06:59:56 -0500

The Certification Commission for Healthcare Information Technology (CCHIT) has begun inviting electronic medical record vendors to apply for participation in the pilot test for its EMR certification programs. CCHIT plans to hold the test, which is intended to validate its criteria, test steps and tools, between March 17 and April 2, so applications are due by a rapidly-approaching February 22nd deadline. It will roll out the fully-fledged EMR certification July 1st. Later this year, it also plans to hold a pilot test for health information exchange certification.

CCHIT is testing several categories of EMR during the pilot, include ambulatory, inpatient, emergency department and child health. Meanwhile, in an effort to make sure that participants reflect the broader EMR industry, applying vendors will be asked whether they serve small, mid-sized or enterprise customers.

To learn more about the application process:
- read this Healthcare IT News piece

Related Articles:
CCHIT gets official, approves new vendors. Report
HHS rules on doctor IT subsidies muddy the waters by demanding annual CCHIT certifications for vendors. Report
CCHIT makes EMR certification simpler. Report

CCHIT makes EMR certification simpler

Mon, 12 Nov 2007 06:59:57 -0500

Given pressure on vendors to re-certify early and often, it's definitely a good sign that the Certification Commission for Healthcare Information Technology (CCHIT) is rolling out plans to make EMR certifications simpler. CCHIT is now working with the MITRE Corp. on an open source software-testing framework, dubbed LAIKA, which will let vendors test and verify on their own whether their products meet CCHIT standards. The software, which will be distributed by Apache 2.0, should be be available at no charge as of March 21.

With HHS's demanding that re-certifications take place every 12 months to meet its safe harbor rules, vendors have been in a quandary, as they typically only do upgrades every 18 to 24 months. The new tool won't change the vendors' development cycle, but it will help them determine where they stand and possibly take steps to meet standards on the revolving 12 month schedule HHS has set. All in all, while this won't be a cure all, it can't be a bad thing either.

To find out more about the new software:
- read this Healthcare IT News article

Related Articles:
HHS rules on doctor IT subsidies muddy the waters. Report
CCHIT gets official, approves new vendors. Report
IRS gives physician EMR donations the OK. Report
Want shared EMRs? Drop the technology debates. Editorial
HHS, IRS rules on EMR donations clash. Report

ALSO NOTED: Clinton touts EMRs as national health system fix; EMR vendors working to meet interoperability standards; and much

Mon, 29 Oct 2007 07:59:50 -0400

> Democratic presidential candidate Sen. Hillary Rodham Clinton (D-NY) is arguing that EMRs are central to improving the health of the U.S. healthcare system. Article

> Despite their complaints on the subject, EMR vendors are working hard to meet the interoperability requirements imposed by the CCHIT. Article

> The state of Minnesota has set plans to award $3.5 million in grants to help rural and small-town providers implement EMRs. Article

> HIT vendor Misys Healthcare Systems has introduced a line of subscription-based hosted applications for use by smaller medical practices. Article

And Finally... A high-profile hospital CIO details his plans for building out "green" data centers. Article

HHS rules on doctor IT subsidies muddy the waters

Mon, 15 Oct 2007 06:59:56 -0400

Last year, HHS took a step which should have been a big relief to hospital IT departments--it gave hospitals guidance on how they could provide doctors with EMR systems without running afoul of federal anti-kickback and self-referral provisions. However, as it's turning out, the new regs may have done more to muddy the waters than clear them. Why the confusion? In essence, it's because the scheme HHS has set up make it very difficult for a hospital to buy an approved EMR system.

To qualify for anti-kickback and self-referral rule exceptions, hospitals must prove that their systems are interoperable with other clinical data systems elsewhere (which, presumably, makes sure that physicians aren't locked in to a particular facility once they accept an EMR). Sounds good in theory. However, to meet this criteria, hospitals must either a) attest that their systems are interoperable under HHS specs, a difficult and dicey move or b) buy a system which has gotten a CCHIT certification within the last 12 months.

If you're thinking that b) is an easy solution, think again. Unfortunately, most EMR vendors have 18 to 24 month development cycles, so few are expected to get recertified by CCHIT annually. That cuts hospital's EMR choices down drastically. For that reason, vendors are pushing hard to get HHS to accept CCHIT's three-year certification period. However, to date HHS hasn't budged on the issue. Add this to the fact that the IRS has its own regs on the subject of EMR donations, and things look even stickier. What a mess.

To learn more about this issue:
- read this Modern Healthcare article

Related Articles:
CCHIT gets official, approves new vendors. Report
IRS gives physician EMR donations the OK. Report
Want shared EMRs? Drop the technology debates. Editorial
HHS, IRS rules on EMR donations clash. Report

Study: EMRs still vulnerable to security breaches

Mon, 24 Sep 2007 06:59:56 -0400

Your clinical data may be more vulnerable than you think. According to a new study, many healthcare providers aren't meeting the grade when it comes to protecting their EMRs. What's more, they noted, the CCHIT certification that is used to distinguish ambulatory EMRs may not be worth much when it comes to security. To conduct the study, the group surveyed more than 850 provider organizations, and then conducted penetration testing of seven such systems.

Among other problems, the group found that EMR vulnerabilities can often be exploited to gain control of applications or access data, and worse, can be done by attackers of minimal skill. Not only that, it found that vendors may not address known vulnerabilities for significant amounts of time--and that they may not let customers know what the vulnerabilities are in advance. To address such broad-based EMR industry issues, the group recommended that the industry create a trade group focused on security standards, policies and processes specifically for health IT.

To learn more about the study:
- read this Healthcare IT News article
- read the executive summary of the study

Related Articles:
AMA develops EMR security guidelines. Report
GAO reports numerous security breaches. Report

New EMR incentives--or threats?

Mon, 17 Sep 2007 06:59:59 -0400

Wow, someone outside of politics or the health insurance industry is acknowledging the benefit of EMRs. A Minneapolis-based medical malpractice insurer has agreed to give physicians who use EMRs a premium credit of 2 percent to 5 percent if the practice meets some key criteria. This suggests that the insurer sees EMRs as having a practical impact on its costs, not just producing some ill-defined efficiency benefit, which is quite interesting.

To qualify for the credit, which applies to either solo practitioners or group practices, the practice must use a CCHIT-certified EMR, must have implemented vendor updates (or plan to do so) and must be using the EMR for at least a year. Also, three-quarters of physicians in the practice must be using the EMR. What's more, the practice must be using at least two of the six EMR functions listed on the company's policy application.

Honestly, I don't think a huge number of practices will benefit from this credit. After all, few will meet the requirements. Still, it's interesting to see the P&C insurance sector take this tack. And it makes me wonder who else will move in this direction, and how.

Will health insurers offer discounts to patients who visit EMR-equipped doctors? Will employers go beyond their current focus on PHRs to demand digital records from physicians--and penalize those who don't offer them? Will pay for performance program managers start demanding IT investment, rather than simply acknowledging that it probably helps outcomes?

Another big question: will governments (state, federal and even local) finally put their money where their mouth is and offer tax credits (or similar incentives) for EMR adoption? They're certainly in a better position to fund this massive investment then even the deep-pocketed health insurance business.

Perhaps most importantly, when will all of this happen, if it does?

All I know is that I'm going to be keeping a close eye on where incentives (and disincentives) for EMR adoption are headed. With EMR use and adoption becoming a public focus and political football, heaven only knows who'll get involved next. - Anne

P.S. Last week, I took a contrarian position on the issue of RHIOs, outlining some reasons why they may be a bad idea. For an interesting and highly articulate response, I encourage you to check out the blog entry by Martin Jensen of the Healthcare IT Transition Group, in which he takes apart my argument graciously and thoughtfully. Worth a read!

U.S. on track to reach seven-year IT adoption goals

Tue, 04 Sep 2007 06:59:58 -0400

Despite evidence to the contrary, health-IT czar Robert Kolodner insists that the U.S. will still meet the health IT adoption goals set by President Bush. Bush has set a goal of seeing that the majority of Americans have access to EMRs by the year 2014. At a recent meeting on healthcare informatics, Kolodner said he was optimistic thanks to a number of factors including growing interest in EMRs, the emergence and coordination of standards and encouraging results from federal interoperability studies. He's also enthused about the fact that 40 percent of known ambulatory EMR vendors have earned CCHIT certifications.

To learn more about U.S. IT adoption patterns:
- read this Digital Healthcare and Productivity article

Related Articles:
Feds ease e-health record rules for doctors. Report
Bush push may also advance healthcare IT. Report
CCHIT unveils new EMR certification criteria. Report