Page 1 of 3. May 2, 2016. Karen DeSalvo, MD, MPH, M.Sc. National Coordinator for Health Information Technology. Acting A
May 2, 2016
Karen DeSalvo, MD, MPH, M.Sc. National Coordinator for Health Information Technology Acting Assistant Secretary for Health U.S. Department of Health and Human Services Hubert H. Humphrey Building 200 Independence Avenue, SW Washington, DC 20201 Dear Dr. DeSalvo: Health IT Now (HITN) is pleased to submit our comments on the proposed rule entitled ONC Health IT Certification Program: Enhanced Oversight and Accountability. HITN is a diverse coalition of health care providers, patient advocates, consumers, employers, and payers who support the adoption and use of health IT to improve health care outcomes and lower costs. HITN appreciates the Office of the National Coordinator’s (ONC) attention to patient safety and the security of patient health information in certified health information technology (health IT). We believe that federal regulatory authorities should use appropriate measures to protect patient safety while allowing for innovation in the marketplace. However, we are concerned that these proposals, if finalized, will not only overstep ONC’s legal authority, but also create more uncertainty in the marketplace for health IT vendors. Specific Comments ONC Oversight of Non-Certified Capabilities HITN is concerned that ONC’s proposal to directly oversee the non-certified capabilities of health IT is a significant overstep of regulatory authority. ONC does indeed have authority, through the HITECH Act, to endorse standards and ensure conformance to those standards for the voluntary health IT certification program that supports the Medicare and Medicaid EHR Incentive Programs (Meaningful Use). Through this voluntary process, ONC must ensure the standards, implementation specifications, and certification criterions endorsed, among other requirements, ensure security of patient health information, improves health care quality, and reduces medical errors. We do not believe, under this authority, ONC has the ability to review non-certified functions of certified health information technology. ONC states in the proposed rule that its statutory authority for the proposed rule comes from requirements in law to create and maintain a voluntary certification program in a manner consistent with the development of a nationwide health information technology infrastructure. Requiring ONC to develop and maintain certification programs that are aligned with the goals of such an infrastructure are in keeping with best practices of cross-agency collaboration. However, it does not in and of itself allow ONC to independently review non-certified functions outside of such certification programs. We therefore request that ONC not move forward with this proposal in the rule.
Further, we believe that more work needs to be done by ONC and HHS to educate the public on the future role they see ONC playing in the marketplace. Outside of ONC’s voluntary certification program, health IT products can be subject to the regulatory authority of a number of various agencies, including the Federal Trade Commission (FTC) and the Food and Drug Administration (FDA). HITN believes that if ONC extends oversight to include the non-certified capabilities of health IT, they will be in direct conflict with the authorities of the FTC to regulate truth in advertising and the FDA’s authorities to regulate products that pose a significant risk to patient safety. Many health IT products’ non-certified capabilities comprise the area of competitive advantage where vendors can incorporate innovative ideas in order to attract more customers. Absent such clarification, we fear the harm that competing or overlapping regulations from various agencies could do to incentives to innovate in the health IT space. While we appreciate ONC’s attention to the security and safety of health IT products, HITN does not believe ONC has the authority to directly oversee the non-certified capabilities of health IT products and we encourage ONC to remove this proposal before finalizing the rule. ONC Oversight of Certified Capabilities HITN has long believed that a lack of regulatory clarity in the health IT marketplace is stifling innovation. Because vendors do not have a firm grasp on what regulations they will be subjected to, by which agency, and to what extent, some are reluctant to enter the marketplace. Ultimately patients and providers suffer the most from this lack of clarity because they are not able to utilize technologies that are readily available in other industries. HITN is concerned that this proposed rule will lead to increased uncertainty in the marketplace beyond what was detailed above. The proposal is not clear in what instances ONC will exercise direct oversight of certified capabilities. Instead, it appears to adopt a “we will know it when we see it” approach to ONC review, which does not provide certainty to purchasers or developers of health IT that ONC is directly reviewing certified products when appropriate. We urge ONC to clarify and provide more clarity as to when they will exercise direct oversight of a health IT product in the case of a non-conformity of certified capability. Additionally, HITN is concerned that there is a lack of clarity for providers if the product they are using is going through the appeal process. While we recognize vendors would not be able to market their products as certified during this period, it is unclear whether or not providers would be able to continue to use this product to attest to Meaningful Use requirements until a final determination is made. ONC should clarify in the final rule. Furthermore, ONC should work with CMS to establish an automatic hardship exemption for providers whose products’ certification is terminated. Vendors should also be required to provide – at no cost - the full suite of data stored in their product in a format convenient for the provider. HITN believes providers should not be held responsible for the bad actions of their vendors, and we urge ONC to coordinate with CMS to establish these protections. Public Availability of Identifiable Surveillance Results HITN strongly supports making surveillance results public and identifiable. Providers should have access to all relevant data about a product before deciding to use one in practice, including data on certification, decertification, and information blocking incidents in a way that is usable and easily accessible to stakeholders. 2
Conclusion We appreciate the opportunity to share our comments on the ONC Health IT Certification Program: Enhanced Oversight and Accountability proposed rule. We look forward to working with ONC to create a more competitive and transparent health IT marketplace. Sincerely,
Robert James Horne Executive Director
3
