ONC EOA Final Rule: Public Availability of Identifiable Surveillance Results
This is a blog post in a series on our review of our Enhanced Oversight and Authority (EOA) Final Rule. Check out the others on our blog via the EOA tag.
Summary
ONC issued some specific requirements on surveillance and transparency of certified health IT systems in their 2014 Edition Final Rule. They expanded their scope of surveillance requirements with the 2015 Edition Final Rule where they required randomized, “in-the-field” surveillance as well as continuing reactive surveillance coming from reports of complaints and non-compliances.
They also required ONC-ACBs to reveal errors or non-compliances to the certified criteria or program requirements they discover from their surveillance onto the ONC CHPL entry of the certified health IT system which is publicly accessible. However, they stopped short of making all of their surveillance efforts and outcomes available to the public, but this EOA rule changes that.
Starting in 2017, all quarterly surveillance results of the ONC-ACBs will be accessible via the ONC CHPL. This information will include both surveillance efforts where the findings are “positive” and do not reveal any errors or non-compliances of the certified health IT systems as well as surveillance findings revealing non-compliances. Details of non-compliances are still available through the CHPL. Through the CHPL interface, users will be able to search for surveillance information for developers.
Analysis
For developers and clinicians alike, this is a very good thing. Previously, it was like getting an annual evaluation that only listed the negative things you did or needed improvements. The ACBs were only reporting the non-compliance surveillance results, but now, a more complete picture of surveillance is being shown.
Developers should readily point toward their positive surveillance findings as proof their product is working, and clinicians should be pleased to see their health IT systems are being surveyed and finding no known non-compliances.