Search the KHIT Blog

Sunday, September 9, 2012

Draft 2014 CEHRT Certification Testing Stds Issued

2014 Edition Draft Test Procedures
The Office of the National Coordinator for Health Information Technology (ONC) has posted the first wave of draft Test Procedures and applicable test data files for the 2014 Edition EHR certification criteria. The Test Procedures, once finalized and approved by the National Coordinator, will be used for testing and certifying EHR technology under the ONC HIT Certification Program (formerly referred to as the Permanent Certification Program or PCP). The Test Procedures are being developed in collaboration with the National Institute of Standards and Technology (NIST).
I'm not seeing much new here, conceptually, at first blush. More "user acceptance testing." But, I will review all of the drafts when I get to the office. One fundamental example:

This test evaluates the capability for a Complete EHR or EHR Module to enable a user to electronically record, change, and access the following order types, at a minimum:

(i) Medications; 

(ii) Laboratory; and 
(iii) Radiology/imaging.

The test procedure is not prescriptive about the method [emphasis mine] used to change an order. For example, changing an order does not require changing an existing instance of an order. 

Change may be accomplished through discontinuing/canceling an existing order and entering a new order.

This test procedure is organized into three sections:
Record - evaluates the capability to electronically enter orders for medications, laboratory, and radiology/imaging within the EHR system
  • The Tester enters the ONC-supplied Test Data orders for medications, laboratory, and radiology/imaging
  • The Tester verifies that the orders are recorded in the EHR
Change - evaluates the capability for a user to electronically change entered orders for medications, laboratory, and radiology/imaging in the EHR
  • The Tester displays the entered orders for medications, laboratory, and radiology/imaging
  • Tester changes the medications, laboratory, and radiology/imaging orders
  • The Tester verifies that the changed orders are accurate and complete
Access - evaluates the capability to access and display the orders that have been previously entered into the EHR
  • The Tester displays the orders for medications, laboratory, and radiology/ imaging entered during the test
  • The Tester verifies that the displayed order data are accurate and complete
This is all yet again just about "functionality" in the "capability" sense. If it takes the tester 8 seconds or 80 minutes is irrelevant to certification here (that pesky "usability" thing). After reviewing all 10 pages of this draft cert procedure, I find nothing about grading "ease of use."

I also have to chuckle that they "give you the answers in advance," too (the supplied "test data") for each criterion. Gives me that recurrent Clinic Monkey Moment.
Public Review and Comment Process

The draft Test Procedures and applicable test data files are posted on the ONC website and made available for public review and comment. (If there is no test data link, test data are either not required or supplied by the vendor.) The first wave is posted below; additional waves will be added to this website on a weekly or bi-weekly basis until all have been posted. A two-week comment period will follow
each wave [emphasis mine] throughout September and October 2012.

Comments and suggestions should be submitted to All submissions should include "Test Procedure" in the subject line.

After draft Test Procedures have been through the public comment and review process, ONC will revise and finalize them. The final set of Test Procedures is expected to be available for use in testing and certification in early 2013.
That's a pretty small review and comment window. I would exhort everyone working in this area to review the drafts and make your opinions known. 


This is curious. Came my way via Twitter.

A "crowdsourcing" venture capital initiative.
Fuel $10,000 or more:
Any contribution of $10,000 receives: a featured listing on our Web site as a MedKaz Strategic Partner. This tells the world that you support our unique approach to making sure people control their “damn records!” Pick your support level: Silver - $10,000, Gold - $20,000, Platinum - $50,000. Open to corporations, other business organizations, non-profits and individuals.


Should HIE vendors follow HIPAA rules?
Patrick Ouellette,  September 10, 2012

After posting a health information exchange (HIE) security best practices article last week, a reader posed an interesting question: Where do HIE vendors fit into the equation?...

...Bobby Gladd, senior meaningful use adoption support project coordinator and HIPAA staff resource for HealtHIE Nevada, thinks that the requirements need to be in line with what HIEs and healthcare providers have to deal with. He believes that the language in Sec. 13401 of the HITECH Act applies to vendors and they should obey security rules without HIEs requiring them to do so:

“(a) Application of Security Provisions. — Sections 164.308, 164.310, 164.312, and 164.316 of title 45, Code of Federal Regulations, shall apply to a business associate of a covered entity in the same manner that such sections apply to the covered entity. The additional requirements of this title that relate to security and that are made applicable with respect to covered entities shall also be applicable to such a business associate and shall be incorporated into the business associate agreement between the business associate and the covered entity.”

The wording in this section of the act certainly looks like it should apply to both vendors and HIEs. Gladd, as an HIE and EHR consultant, works with vendors all the time that don’t need to follow HIPAA rules by the book. He said that vendors have access to ePHI and should adhere to the same standards as HIEs, which don’t even store data. What if a vendor’s employee is unhappy with his job or wants to steal information? He said that while vendors aren’t the sole reason for data breaches, there should be HIPAA audits for these companies as well to reduce risk...
Thanks, Patrick. I would just add that a close read of my prior post shows that I support making all EHR vendors submit to 45 CFR 164.3, not simply HIE vendors.


I just signed up with this site. Ran across it via a tweet. Maybe nothing will ever come of it. But, one the other hand, perhaps there will be some good EHR "usability" nuggets here and there.
Boxes and Arrows is devoted to the practice, innovation, and discussion of design; including graphic design, interaction design, information architecture and the design of business. Since 2001, it’s been a peer-written journal promoting contributors who want to provoke thinking, push limits, and teach a few things along the way.

If you’re interested in improving the way information architecture is done, if you find yourself sparking provocative conversation on interaction design topics in your spare time, and if you go out of your way to help everyone in your office think differently about everything from the design process to software, we want to work with you.
See their latest post "Designing Screens Using Cores and Paths. Designing from the inside out." It just might be that HIT interfaces are simply too necessarily cognitive-load heavy to lend themsleves wholly to principles appropriated from other business spaces. Dunno.




I'd have liked to have been in DC this week. Lots of cool events going on. Hope I can get to catch a few of the online events. Our REC is not doing any local stuff in support of it. We dropped the ball on that, IMO.

Mostashari calls for vendors to add Blue Button quickly
September 11, 2012 | Mary Mosquera, Government Health IT

Farzad Mostashari, MD, the national health IT coordinator, has challenged vendors to make it easy for consumers by early 2013 to view, download and transmit to another party their health information in the form of a Blue Button feature.
The Office of the National Coordinator for Health IT has established a Twitter hashtag of #VDTnow for companies and organizations to post their commitment to establishing the feature.

Implementing the functionality for view, download and transmit (VDT) to a third party, “I think, is underappreciated for how significant that’s going to be to the concept of consumer-mediated health information exchange,” Mostashari said at a Sept. 10 ONC summit on consumer health IT...

More to come...

No comments:

Post a Comment