AHA Recommends Changes to EHR Standards, Implementation

On EHR certification criteria modifications

The AHA recommends the ONC do the following:

• Take all necessary regulatory steps (e.g., publishing a final rule or even a second interim final rule) as soon as possible because EHR vendors and stakeholders require lead time to bring certifiable products to the market.


• For measures included in the meaningful use final rule requiring a number or percentage as a response, include certification criteria for the generation of the health IT functionality measures. In addition, certification of EHR products should require only generation of the associated measure.
• Include certification criteria for any new objectives in CMS' EHR incentive program final rule.


• Remove the electronic claims submission and electronic verification of insurance eligibility certification criteria

On certification criteria and standards

The AHA recommends:

• Changing the medication reconciliation certification criteria to avoid potential safety concerns. AHA suggests that the criteria should state, "Display simultaneously two or more medication lists and provide tools for the clinician to perform medication reconciliation that will result in a single list."


• Adopting Health Level Seven Clinical Document Architecture Release 2 Level 2 Continuity of Care Document (HL7 CDA CCD) as the sole standard for patient summary records.


• Certifying vendors based on their systems' ability "to accurately and reliably collect and report" on quality measures once they are ready for automated reporting.


• Delaying quality reporting until at least 2012 because of the lack of "appropriate e-specifications for hospital quality measures"


• Deferring adoption of the public agency reporting standard until there is one viable national standard

On privacy and security

The AHA recommended that:

• The rule specify that for EHRs seeking certification, privacy and security certification criteria are "addressable" the same way that certain HIPAA security rule specifications are "addressable."


• There be a delay in the accounting of disclosures criteria and standards until the HHS Secretary issues an updated rule. This will help ensure that the technical specifications match the obligations that the forthcoming rule puts in place.


• Revisions should be made to ensure that EHR technology is capable of providing electronic access and copies of health information for patients.


• The ONC should clarify that the interim final rule's standards for encryption and hashing do not involve any additional requirements for HIPAA covered entities beyond those that the security rule already requires.


• The audit alerting criterion be eliminated because it "goes beyond" HIPAA and HITECH requirements and exceeds the current capabilities of products on the market.