History of Health Information Technology in the U.S.
Software Certification and Regulation
This material Comp5_Unit11 was developed by The University of Alabama Birmingham, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number
1U24OC000023
Software Certification and RegulationLearning Objectives
2
• Discuss the history of FDA involvement in the regulation of clinical software
• Describe the origins, focus and activities of CCHIT
• Discuss the changes in the EHR certification process as a result of the HITECH Act
• Discuss the recent efforts to improve the safety of EHRs
Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification and Regulation
Food and Drug Administration (FDA)
Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation3
Certification and Regulation
• Certification– Functionality– Individual EHRs
4Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification and Regulation
• Certification– Functionality– Individual EHRs
• FDA Center for Devices and Radiological Health (CDRH)– Embedded software– Accessory software for regulated device– Stand-alone software
5Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification and Regulation
• Pre-market Review– Design– Manufacturing practices– Testing
• Post-market Review– Problems
6Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification and Regulation
• Challenges– Difficult to test in advance– Interaction with other systems– Problems have multiple causes
7Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification and Regulation
• Challenges– Difficult to test in advance– Interaction with other systems– Problems have multiple causes
• Does not guarantee– Safe implementation– Usability– Outcomes
8Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Early Attempts at Regulation• Principle of ‘competent human intervention’
(learned intermediary)• FDA draft rule – 1989
9Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Source: (Manning, 1996)
Early Attempts at Regulation
FDA Workshop – 1996• Stand-alone software systems
– Clinical decision support– Closed and open loop systems
• Recommendations– Risk Classification– Software Quality Audits
Source: (Manning, 1996)
10Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
1997 Professional Organization Recommendations
• Articles published in two journals– JAMIA for informatics professionals– Annals of Internal Medicine for physicians and
health professionals
Sources: (Miller & Gardner, JAMIA, 1997)(Miller & Gardner, Ann Intern Med, 1997)
11Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
1997 Professional Organization Recommendations
• Articles published in two journals– JAMIA for informatics professionals– Annals of Internal Medicine for physicians and
health professionals• FDA focus should be:
– High risk systems – Systems with limited opportunity for
competent human intervention– Good manufacturing/design practices– Software monitoring at local level
12Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
1999 — Institute of Medicine Report
• To Err is Human• Focus on Patient
Safety• Information
Technology as mechanism to IMPROVE safety
13Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Photo by Nir Menachemi
Growing Interest in Health Information Technology
• Additional Institute of Medicine reports– Crossing the Quality Chasm – 2001– Patient Safety – 2004– Preventing Medication Errors – 2006
Source: (Quality Chasm Series, 2001)
14Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Growing Interest in Health Information Technology
• Additional Institute of Medicine reports– Crossing the Quality Chasm – 2001– Patient Safety – 2004– Preventing Medication Errors – 2006
• Leapfrog Group – 2000– CPOE to reduce medication errors
15Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Growing Interest in HealthInformation Technology
• Additional Institute of Medicine reports– Crossing the Quality Chasm – 2001– Patient Safety – 2004– Preventing Medication Errors – 2006
• Leapfrog Group – 2000– CPOE to reduce medication errors
• Office of the National Coordinator – 2004• Certification Commission for Health
Information Technology (CCHIT) – 2004
16Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification Commission for Health Information Technology
• Non-profit private organization• Formed by three bodies representing the IT
community in 2004– AHIMA, HIMSS, and NAHIT
17Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Certification Commission for Health Information Technology
• Non-profit private organization• Formed by three bodies representing the IT
community in 2004– AHIMA, HIMSS, and NAHIT
• Contract to develop criteria – 2006• EHR certification body – 2006
– Single systems– Inpatient and outpatient
18Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Research, HIT, and Patient Safety• Research directions
– HIT can improve patient safety• CPOE• Clinical Decision Support
19Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Research, HIT, and Patient Safety• Research directions
– HIT can improve patient safety• CPOE• Clinical Decision Support
– HIT can cause unintended consequences• Ash and colleagues
– CPOE and negative reactions– Other problems
• Koppel and colleagues– JAMA – 2005– Safety concerns
Sources: (Ash, et al., 2009)(Koppel, et al., 2005)
20Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
HITECH Act
• 2009• Incentives for meaningful use of EHRs• Anticipate increase in EHR adoption• Certifying bodies for EHRs
21Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
HITECH Act
• 2009• Incentives for meaningful use of EHRs• Anticipate increase in EHR adoption• Certifying bodies for EHRs• Increased concern about safety and
need for regulation– Congressional hearings– FDA reviewing policies
22Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
ONC Authorized Testing and Certification Bodies
• Organizations apply to ONC to become certification bodies– 2010—ATCBs– 2012—ATLs and ACBs
• Separate testing and certification
23Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Institute of Medicine Consensus Study
• Plan to study risks of health IT and make recommendations on risk management
• Greater transparency
Source: (Institute of Medicine, 2011)
Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification
and Regulation24
Courtesy National Academies Press
Institute of Medicine Consensus Study
• Plan to study risks of health IT and make recommendations on risk management
• Greater transparency• Criteria to assess and monitor safe use of
health IT• Public reporting of adverse events• Agency to investigate serious problems• If insufficient progress, FDA may regulate• More research on better designsHealth IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification
and Regulation25
Usability and Certification• NIST
– Usability guidelines• 2014 certification criteria
– Safety-enhanced design• User-centered design
– CPOE, CDSS, e-prescribing– Drug-drug, drug-allergy checks– Medication and medication allergy lists– Electronic medication administration record– Clinical information reconciliation
• Attention to quality management principles
Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation26
Pros and Cons of Regulation• Pro: Protect patient and purchaser• Con: Stifle innovation
27Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Courtesy US Army. Photographer: Sgt. Jon Soles, MND-B PAO
Software Certification and RegulationSummary
• History of FDA involvement• EHR certification• Changes with HITECH Act• IOM report on health IT and patient safety
28Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Software Certification and RegulationReferences
References• Ash JS, Sittig DF, Dykstra R, Campbell E, Guappone K. The unintended consequences of computerized provider
order entry: findings from a mixed methods exploration. Int J Med Inform. 2009 Apr;78 Suppl 1:S69-76.• Institute of Medicine. Health IT and Patient Safety: Building Safer Systems for Better Care. Washington (DC): The
National Academies Press, 2011.• Koppel R, Metlay JP, Cohen A, Abaluck B, Localio AR, Kimmel SE, Strom BL. Role of computerized physician
order entry systems in facilitating medication errors. JAMA. 2005 Mar 9;293(10):1197-203.• Manning W. Summary of Food and Drug Administration & National Library of Medicine Software Policy Workshop,
Sept. 3-4, 1996. The Health Law Resource. Available from: http://www.netreach.net/~wmanning/fdaswsem.htm• Miller RA, Gardner RM. Recommendations for responsible monitoring and regulation of clinical software systems.
American Medical Informatics Association, Computer-based Patient Record Institute, Medical Library Association, Association of Academic Health Science Libraries, American Health Information Management Association, American Nurses Association. J Am Med Inform Assoc. 1997;4(6):442-57.
• Miller RA, Gardner RM. Summary recommendations for responsible monitoring and regulation of clinical software systems. American Medical Informatics Association, The Computer-based Patient Record Institute, The Medical Library Association, The Association of Academic Health Science Libraries, The American Health Information Management Association, and The American Nurses Association. Ann Intern Med. 1997;127(9):842-5.
• Quality Chasm Series: Health Care Quality Reports from the Institute of Medicine. Washington DC: The National Academies Press. 2001. Available from: http://www.nap.edu/catalog.php?record_id=12610
29Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation
Software Certification and RegulationReferences
ImagesSlide 9: Microsoft clip art; Used with permission from Microsoft.Slide 13: Nir Menachemi. Kohn LT, Corrigan JM and Donaldson MS, (eds). To Err Is Human: Building a Safer Health
System Committee on Quality of Health Care in America, Institute of Medicine, Washington DC: National Academies Press, 1999. Image used with permission from National Academies Press.
Slide 24: Nir Menachemi. Committee on Patient Safety and Health Information Technology. Board on Health Care Services. Health IT and Patient Safety: Building Safer Systems for Better Care, Washington, DC: National Academies Press, 2011. Image used with permission from National Academies Press.
Slide 27: Sgt. Jon Soles, MND-B PAO. Available from: http://www.army.mil/media/73855. Photo courtesy of U.S. Army.
30Health IT Workforce Curriculum Version 3.0/Spring 2012
History of Health Information Technology in the U.S. Software Certification and
Regulation