Question [9-10-001-1]: What certification criteria will ONC-ATCBs use to certify EHR technology for purposes of the “deeming” provision of the Physician Self-Referral Prohibition and Anti-Kickback Electronic Health Record (EHR) Exception and Safe Harbor Final Rules?
Question [9-10-002-1]: If my EHR technology is capable of submitting batch files to an immunization registry using the adopted standards (HL7 2.3.1 or 2.5.1 and CVX), is that sufficient for demonstrating compliance with the certification criterion specified at 45 CFR 170.302(k)?
Question [9-10-003-1]: In the “Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology” Final Rule published on July 28, 2010, the Secretary adopted the following implementation specifications at 45 CFR 170.205(d)(2) for HL7 2.5.1 – Public Health Information Network HL7 Version 2.5 Message Structure Specification for National Condition Reporting Final Version 1.0 and Errata and Clarifications National Notification Message Structural Specification. We believe that these implementation specifications may have been adopted in error because they only provide direction to public health agencies on how to report to the Centers for Disease Control and Prevention (CDC). Therefore, their adoption does not appear to either provide the appropriate or requisite implementation guidance for the adopted standard, HL7 2.5.1, or more importantly, to enable the user to “electronically record, modify, retrieve, and submit syndrome-based public health surveillance information…,” as required by the adopted certification criterion, 45 CFR 170.302(l). Please clarify whether these implementation specifications are appropriate for the intended capability specified by the public health surveillance certification criterion at 45 CFR 170.302(l)?
Question [9-10-004-1]: I currently use EHR version 1.3 which I purchased from EHR technology developer XYZ. EHR technology developer XYZ has informed me that it is not going to seek certification for EHR version 1.3. Can I seek certification for EHR version 1.3 or can I partner with a group of other health care providers that also use version 1.3 to split the cost of certification? Additionally, if EHR version 1.3 becomes certified can anyone else using EHR version 1.3 rely on the certification issued to EHR version 1.3?
Question [9-10-005-1]: I am an EHR technology developer. I have sought and achieved certification for the Complete EHR that I sell. The Complete EHR, however, is also designed to be sold in separate components so that I can offer my customers different prices based on the capabilities they seek to implement. Is it possible for me to sell components of my certified Complete EHR separately as certified EHR Modules, or do I need to seek testing and certification for each of the separate components that I plan to sell as certified EHR Modules?
Question [9-10-006-1]: I submitted a Complete EHR for certification, but it has not passed a test for one or more of the certification criteria. Can I request that the ONC-ATCB certify the EHR technology that I submitted as an EHR Module instead (i.e., certify only those capabilities that have been tested successfully)?
Question [9-10-007-1]: My hospital purchased a certified EHR Module that provides approximately 75% of the capabilities we need to meet the definition of Certified EHR Technology. The other 25% are provided by our own self-developed system(s). Can we have our self-developed system tested and certified as an EHR Module and then subsequently use the combination of our self-developed certified EHR Module with the certified EHR Module we purchased to meet the definition of Certified EHR Technology? As a follow up, do we need to have the combination of the purchased certified EHR Module and our self-developed certified EHR Module tested and certified together as a Complete EHR (above and beyond the certifications they have already been issued)?
Question [9-10-008-1]: If an EHR Module addresses multiple certification criteria (thus providing multiple capabilities), does it need to be tested and certified to the applicable privacy and security certification criteria as a whole or for each capability?
Question [9-10-009-1]: I'm an EHR technology developer and I've had my Complete EHR certified. I work with business partners/distributors and permit them to sell my (unmodified) certified Complete EHR under their own brand/name/label. Is this business practice permitted? Is there anything that I should do or be aware of?
Question [9-10-010-1]: My EHR technology is designed to receive demographic data from a registration system or a practice management system. The data from these other IT systems is then used by my EHR technology to demonstrate compliance with one or more certification criteria. Do these other IT systems that act as data sources to my EHR technology need to be certified?
Question [9-10-011-1]: I’ve identified that I am using two different EHR technologies to meet a single certification criterion (my document management system receives and displays summary records (45 CFR 306(f)(1)) and my EHR technology from EHR technology developer XYZ transmits summary records (45 CFR 306(f)(2)). Do both EHR technologies need to be certified?
Question [9-10-012-1]: How many clinical quality measures must EHR technology be capable of calculating in order to get certified?
Question [9-10-013-1]: I plan on sending/transferring meaningful use quality reporting data from my EHR technology to my “data warehouse” and have the data warehouse submit/report out the data to CMS. Does my data warehouse need to be certified?
Question [9-10-014-1]: I’ve selected a certified Complete EHR [or certified EHR Module] from EHR technology developer XYZ. That being said, I prefer the certified CPOE EHR Module designed by EHR technology developer ABC over the CPOE capability included in EHR technology developer XYZ’s Complete EHR. Can I use the certified CPOE EHR Module from EHR technology developer ABC instead of the CPOE capability included in EHR technology developer XYZ’s certified Complete EHR? Alternatively, can I use both of the certified CPOE capabilities included in EHR technology developer XYZ and ABC’s EHR technologies at the same time? In other words, can I use duplicative or overlapping certified capabilities of different certified EHR technologies without jeopardizing my ability to meaningfully use Certified EHR Technology?
Question [9-10-015-1]: I am an EHR technology developer preparing my EHR technology for certification. I am relying on a 3rd party software program to demonstrate my compliance with a specific certification criterion. Does this 3rd party software program need to be independently certified?
Question [9-10-016-1]: I’m in the process of implementing EHR technology developer XYZ’s certified Complete EHR [or certified EHR Module] “E-HealthSystem2010.” Scenario 1: I have determined that E-HealthSystem2010 needs to be reconfigured in order to connect with one of my patient registration systems. Can I reconfigure E-HealthSystem2010 without compromising the certified status of my implementation of E-HeatlhSystem2010? Scenario 2: EHR technology developer XYZ communicated to my organization that they relied upon a 3rd party software program “PatientInfoTracker 2.0” for the purposes of demonstrating compliance with the “generate patient lists” certification criterion specified at 45 CFR 170.302(i) in achieving E-HeatlhSystem2010’s certification. I have already implemented, use, and would like to continue using “SuperListGenerator 7.0.” I have determined that I can reconfigure SuperListGenerator 7.0 to work with E-HeatlhSystem2010. Can I use SuperListGenerator 7.0 in lieu of PatientInfoTracker 2.0 without compromising the certified status of my implementation of E-HeatlhSystem2010?
Question [9-10-017-1]: Under the Medicare and Medicaid EHR Incentive Programs Final Rule, eligible health care providers are permitted to defer certain meaningful use objectives and measures and still receive an EHR incentive payment. However, it is our understanding that in order for us to have our EHR technology certified, we must implement all of the applicable capabilities specified in the adopted certification criteria regardless of whether we intend to use all of those capabilities to qualify for our EHR incentive payment. Is our understanding correct?
Question [9-10-018-1]: I use or would like to use an “interface” to submit data to a public health agency/registry. Does this interface need to be certified?
Question [9-10-019-1]: The “electronic copy of health information” certification criteria (45 CFR 170.304(f) and 45 CFR 170.306(d)) each require that Certified EHR Technology “enable a user to create an electronic copy of a patient’s clinical information… in: (1) Human readable format; and (2) On electronic media or through some other electronic means….” Is there more than one way to demonstrate compliance with these certification criteria?
Question [9-10-020-1]: The certification criterion at 45 CFR 170.302(n) specifies that “[f]or each meaningful use objective with a percentage-based measure, electronically record the numerator and denominator and generate a report including the numerator, denominator, and resulting percentage associated with each applicable meaningful use measure.” Is it possible for the action of “record” in the certification criterion to be implemented in different ways and still remain in compliance with the certification criterion? For example, could “record” comprise the ability of a centralized analytics EHR Module to accept or retrieve raw data from another EHR Module or EHR Modules, and upon receipt of this raw data, the centralized analytics EHR Module would calculate the numerator, denominator, and the resulting percentage as specified by 45 CFR 170.302(n)?