By Stephanie Jamison (Greenway Health) and Leigh Burchell (Altera Digital Health), Chair and Vice Chair, EHR Association Executive Committee, and Greg Thole (Oracle), Chair, EHR Association Certification Workgroup
Following an in-depth analysis of HTI-2 and the process of drafting comments (available here), the EHR Association has identified several overarching issues, as well as specific concerns related to Insights measures within the proposed rule.
Highlighting the Positives
Before we delve into the negatives, however, it is important to note that we are highly supportive of several of ASTP’s recommendations. One is the proposal to expand the Certification Program to include criteria focused on the adoption and use of certified health IT by both payers and public health agencies (PHAs) to supplement criteria for healthcare providers. Holding all parties to specific and consistent standards and procedures is critical to achieving real end-to-end interoperability.
Greg Thole
Another is the way ASTP has structured the numerous new proposed FHIR API-based required features (e.g., dynamic registration, SMART Health Cards, CDS Hooks, Subscriptions) in a manner that allows developers to re-use the same capability for multiple different use-case-focused criteria. This is a helpful format that allows developers to streamline and avoid duplicating work effort.
Finally, in the context of the Insights requirements, many of ASTP’s proposals demonstrate attentiveness to the questions and concerns raised by the Association and its member companies since the measures were originally finalized in HTI-1 rulemaking. Some of these tweaks to measurement specifications will reduce the burden and make for more consistent and valuable reporting data.
Overarching Concerns
While we do support many elements of HTI-2, there are also several areas of real concern. We’ve raised many of them previously in comments, but they have yet to be adequately addressed by ASTP and other regulatory agencies.
For example, a common refrain in the Association’s comment letters and RFI responses is that compliance timelines and the scope of work in ASTP regulations create significant burdens for all health IT developers, as well as our healthcare provider customers. We delivered this message related to HTI-1, and our members are now devoting extensive resources to compliance—sometimes at the cost of innovation clients have requested.
Yet, as evidenced by the extensive scope of the HTI-2 proposals, ASTP and CMS continue to ignore the significant and serious timeline concerns we’ve voiced for years. CMS programs, such as the Medicare Promoting Interoperability program and Merit-based Incentive Payment System (MIPS), require healthcare providers to use upgraded certified EHR technology effective essentially on the same deadlines set by ASTP for vendors to deliver those updates. This forces developers to deliver compliant solutions significantly earlier than the deadlines officially listed by ASTP and does not allow adequate runway after the deadline for healthcare providers to adopt the updates, potentially compromising a safe and effective implementation process.
By Stephanie Jamison (Greenway Health), Chair, EHR Association Executive Committee
It’s been 20 years since 21 of the industry’s leading EHR vendors came together to create the HIMSS EHR Vendor Association in 2004 to accelerate the widespread adoption of EHRs. The new association was also tasked with helping HIMSS establish its strategic direction and official positions on issues related to the EHR and providing input and feedback on the certification process established by CCHIT.
Now called the EHR Association, what started as a bold concept is still going strong in 2024 with a current membership base of 29 companies: competitors working collaboratively to advance health data interoperability, safely embrace new technologies, and improve the quality and efficiency of care. Our initial focus on furthering the initiatives laid out in the Health IT Strategic Framework, released in July 2004 by the Office of the National Coordinator for Health Information Technology (now known as the Assistant Secretary for Technology Policy, or ASTP), has expanded and evolved along with the state and federal regulatory environment.
At the time, founding Chair Charlene Underwood described the establishment of the EHR Association as a historic opportunity to directly impact healthcare delivery in the US, noting in the press release announcing the new association that “EHR technology has proven its ability to make healthcare safer, more efficient, and more convenient for patients as well as providers.
“As EHR vendors,” she continued, “we have a responsibility to our customers to shape the future of interoperability for effective and secure sharing of patient data, and to the nation to promote the widespread adoption of this life-saving technology.”
Today’s health IT market is vastly different from those early years when hospital EHR adoption was 9% and office-based physician practice adoption was 17%. Now, well over 96% of hospitals and 78% of physicians use an EHR, most of which are certified through the ASTP-driven process. In the years since its establishment, many of the EHR Association’s founding member companies have gone through acquisitions or mergers, and new entrants have stepped up.
The Developer’s Voice
The Association’s record of accomplishments since 2004 reflects the health IT market’s evolution. Over the years, we’ve worked to ensure our members’ voices were heard on regulatory and policy issues of critical importance to both EHR developers and the providers using our technologies. We’ve met with policymakers and submitted comments on everything from meaningful use and standards development to the Nationwide Health Information Exchange and TEFCA to the 21st Century Cures Act and, most recently, HTI-1 and HTI-2.
Our efforts weren’t limited to offering recommendations and feedback, however. We’ve held numerous Congressional Briefings over the years, focusing on issues such as the role of EHRs in value-based care and the 21st Century Cures Act, as well as COVID-19 and health IT, information blocking, and social determinants of health and health equity.
We’ve also leveraged our collective expertise to provide member companies with tools to navigate a tumultuous regulatory landscape. This includes publishing the industry’s first EHR Developer Code of Conduct reflecting our members’ commitment to supporting safe healthcare delivery, fostering continued innovation, and operating with high integrity in the market—a commitment we maintain to this day.
By Stephanie Jamison, Executive Committee Chair and Public Policy Leadership Workgroup Vice Chair, EHR Association.
In the months that have passed since the Office of the National Coordinator for Health Information Technology (ONC) issued the final Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) rule, the health IT sector has been working diligently to meet the earliest compliance timelines even as it continues an in-depth analysis of the regulatory impact on both developers and the providers who use certified technology.
For the EHR Association, that analysis has given rise to several concerns and ambiguities that need to be addressed to ensure HTI-1, which was published in the Federal Register on Jan. 9, 2024, achieves ONC’s stated goal of advancing patient access, interoperability, and standards.
The new regulations are an important step toward implementing key provisions of the Cures Act and enhancing ONC’s Certification Program. However, there are several aspects of HTI-1 that we believe may have unintended consequences for certified EHR technology (CEHRT) developers and users.
The first deadline is Dec. 31, 2024. That is when CEHRT developers must deliver DSI capabilities to maintain certification. Achieving compliance will necessitate substantial development efforts, including in novel areas for the program like AI/ML for predictive DSIs. Other areas of concern include requirements for:
Developing an end-user feedback function for evidence-based DSIs, including an export capability for machine-readable formatted feedback data.
Developing support for a significantly expanded set of data concepts for which selection of evidence-based DSIs must be available.
Developing support for enabling the selection of predictive DSIs using any data expressed in the USCDI.
Producing nine new source attribute data points for all evidence-based DSIs supplied by developers and more than 30 source attribute data points for all developer-supplied predictive DSIs.
Developing support for customer users to access and modify source attribute information provided by developers for those DSIs they supply.
Developing support for enabling customer users to record and modify their own source attribute entries in the system for DSIs they create or implement on their own.
Developing detailed intervention risk management policies and procedures for ongoing management of predictive DSIs supplied by developers.
Meeting these requirements within the 12-month timeframe presents a formidable challenge for CEHRT developers – a challenge amplified by the lack of a certified companion or other resource guide to support developers with compliant updates. Also coming into play are current CMS requirements governing providers’ use of CEHRT that would force developers to deliver updated technology to their customers well in advance of the ONC deadline.
To alleviate these challenges, we are urging ONC to consider implementing an enforcement discretion period of six to 12 months. This would provide much-needed relief for CEHRT developers and healthcare providers alike, while still ensuring that meaningful progress is made toward real-world implementation of DSI provisions by the 2024 deadline.
Many center on the proposed implementation timeframes associated with various concepts included in HTI-1, as well as ONC’s failure to sufficiently consider the burden compliance will place on provider organizations and health IT developers. Specifically, health IT developers need more time than allotted in HTI-1 to deliver safe, compliant, and high-quality versions of their certified products. Providers will also need sufficient time to implement and become proficient with that upgraded software.
We also encourage ONC and the Centers for Medicare and Medicaid Services (CMS) to work more closely together to address the misalignments that frequently occur between when ONC tells software developers to deploy new certified versions and when CMS requires providers to be using them. There are also proposals in HTI-1 that create a dependency on collaboration with healthcare provider organizations for developers to be successful in meeting their obligations, but CMS has included in rulemaking no corresponding incentives for them to do so – making compliance for vendors significantly more challenging.
We have also identified issues with four specific provisions of HTI-1: Insights Condition, USCDI v3, Decision Support Interventions (DSI) and Predictive Models, and Patient Requested Restrictions.
By Stephanie Jamison (Greenway Health), Chair, EHR Association Executive Committee
