EHRs must deliver on promises or face ONC scrutiny

As physicians continue to maneuver through the electronic health record (EHR) maze, they'll soon start to see more oversight from Uncle Sam.

Following the recent final rule announcement that allows the Office of the National Coordinator for Health Information Technology (ONC) to bolster transparency and accountability and preserve patient health and safety through the ONC Health IT Certification Program, many physician groups expressed approval of the plan, but questions still remain on the full details of its reach.

Study: Why aren't more doctors using patient engagement tools?

“What this rule says is the government needs to be the ultimate backstop here ... for example, if there's a risk to public health and safety ... for the government to act directly and immediately,” Farzad Mostashari, MD, ScM, former National Coordinator for Health Information Technology, tells Medical Economics.

He provided the example of an EHR company receiving complaints for non-conformities in its system, and if those issues are not resolved, it could result in ONC taking regulatory action.

“If they had not fixed it, and if the certifying body had not taken action, that might be the kind of thing that ONC might take direct aim at, according to this rule,” he says.

Editorial: It's time for EHRs to solve problems for doctors rather than cause them

Although DirectTrust President and CEO David Kibbe, MD, MBA, sees those instances of an EHR vendor's products not aligning with certification criteria being “very few,” the end result could still be costly for physicians.

“Even if ONC does do the right thing in a particular case, that doesn't necessarily help the providers,” Kibbe explains. “Because if their product is de-certified, they've got to go get a new one anyways.”

Next: Consequences for not following rules

However, Mostashari says the aim of the rule is not punishment.

“If you're going to have a program that people can count on and rely on, there have to be consequences for not following the rules,” he says. “The goal here is to increase the effectiveness of the certification program so that it can be trusted by people purchasing these products.”

That speaks volumes for those like Melissa Lucarelli, MD, a Medical Economics board member who currently maintains two EHR products following unresolved issues with her first system. A lot of information was unable to be transferred to the new product, so she says when she sees patients, she has to flip between the two.

Hot topic: Here's why a Trump presidency is good for physicians and patients

She says it would be nice when a physician is switching from one EHR to another to have “a little more confidence that what they're buying is going to be better than what they're leaving, that the usability is better.”

According to figures in the final rule, “the estimated average cost per product per provider to implement a new certified health IT product is about $33,000.”

In the meantime, the details need to be worked out for the transition from Meaningful Use, and ONC will need to adapt in updating its certification program, Kibbe explains. The next step is assessing what certification means going forward, he says, mentioning that even with the final rule, the ways in which the ONC will enforce certification criteria is “still a bit of mystery,” and it's a process.

“To over-design this at this point would be a mistake,” he adds.

Next: Three must-know provisions

While the exact formula is still in development, there are three main provisions of the rule that physicians should keep in mind.

1. Direct review

If ONC has reason to believe that there are potential risks to public health and safety, it can take regulatory action, with the framework in place for ONC to directly review certified health IT products in conjunction with certifying bodies.

2. Enhanced authorization, oversight

The final rule allows for ONC to oversee and authorize accredited testing laboratories to fall in line with how ONC oversees authorized certification bodies.

EHR vendors can take their products to these testing laboratories and certification bodies, which are accredited by the government to grant certification.

3. Transparency and accountability

The results of ONC's reviews are made available online, and in addition to that information, consumers can submit complaints about their EHR, explains Mostashari.

“If you find after you bought the [EHR] that you bought a lemon, or that there are some promises made in the certification in what they said in their materials that they're not actually providing in the field, ... then you have recourse,” he says. “That recourse starts with the certifying bodies. You can lodge a complaint with them directly or with ONC.”

Looking ahead

Following the announcement, many organizations like the American Medical Association applauded ONC, but asked for further refinements, including decreasing patient and data security risks, ensuring all of its reviews be transparent, using certificate revocation as a “last resort” and to work the Centers for Medicare and Medicaid Services (CMS) in creating a process that protects patients and physicians from the effects of a suspended or terminated product.

Blog: Is outsourcing the key to solving physician burnout?

While the ONC final rule might seem small compared to the MACRA final rule, Kibbe says it's still a very important story, as certified electronic health records are needed for managing risk as a requirement to participate in the transition from the Meaningful Use program and emerging payment programs.

“All of those things depend on EHRs that we've installed the past five years, and depend on those electronic health records working well,” he says.