All posts in category Health IT Regulation

ASTP’s HTI-2 Proposes Concerning Changes to Insights Measures

By Greg Thole (Oracle), Chair, EHR Association Certification Workgroup

In the previous installment of our blog series dissecting the EHR Association’s raft of concerns with ASTP’s Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) proposed rule, we focused on the overarching issues. In this blog, we take a deep dive into the complex web of proposed changes to Insights measures that present specific challenges for certified health IT developers and indirect impacts for the providers that use their solutions. (Our full comments to ASTP are available on our website.)

Insights is a Condition and Maintenance of Certification requirement introduced via statutory directive in the 21st Century Cures Act, which tasked ASTP with creating an EHR reporting program for certified health IT developers. By its nature, Insights poses a difficult value proposition for developers, as it requires the commitment of development time and resources to efforts that do not directly benefit providers. 

(more…)
2 Comments
by EHR Association on October 7, 2024  •  Permalink
Posted in Health IT Regulation
Tagged , ,

Posted by EHR Association on October 7, 2024

https://ehrablog.org/2024/10/07/astps-hti-2-proposes-concerning-changes-to-insights-measures/

Huge Scope, Not Enough Time: Concerns with ASTP’s HTI-2 Proposed Rule

By Stephanie Jamison (Greenway Health), Chair, and Leigh Burchell (Altera Digital Health), Vice Chair, EHR Association Executive Committee

In the months leading up to ASTP’s July 2024 release of the Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) proposed rule, the EHR Association and other health IT stakeholder organizations braced themselves for what was certain to be a massive policy proposal. Those fears were quickly realized when the overwhelming scope of proposed new and expanded software requirements in the 1067-page HTI-2 NPRM was revealed. 

Following our in-depth analysis of HTI-2 and the process of drafting comments, the Association has identified concerns related to public health, standards, Insights measures, and electronic prior authorization requirements within the proposed rule, all of which will be discussed in greater detail in the subsequent blogs in this HTI-2 series. Additionally, there are several overarching issues we believe need to be addressed – including some previously raised by the EHR Association that have yet to be adequately addressed by ASTP and other regulatory agencies.

(more…)
5 Comments
by EHR Association on October 1, 2024  •  Permalink
Posted in Certification, Health IT Regulation, Health IT Standards, Interoperability
Tagged , ,

Posted by EHR Association on October 1, 2024

https://ehrablog.org/2024/10/01/huge-scope-not-enough-time-concerns-with-astps-hti-2-proposed-rule/

Part Two: Privacy & Consent Management Landscape and Challenges to Scale

By Hans Buitendijk, Chair, EHR Association Privacy & Consent Task Force

In Part One of this two-part blog series, we introduced the challenges in today’s privacy and consent management landscape and discussed different approaches for rules management. In Part Two, we put forth a proposed roadmap for establishing the necessary framework for privacy and consent management. 

A Roadmap for a Complex Infrastructure

Defining the critical components and standards, and establishing the necessary infrastructure is no small undertaking. It is not sufficient to simply have standards on how to communicate any tags, such as HL7 DS4P for documents, FHIR Security Labels for FHIR resources, and the ARV segment for HL7 v2. Not only that, but more is needed when v2, CDA, or FHIR are used to communicate data that must have tags beyond the data itself to enable evaluation of rules by the receiving system. This is especially true when data can be exchanged in many other formats and ways, including proprietary formats, and when sensitivity is based on the context of multiple data elements that, on their own, would not be considered sensitive, as well as when a patient’s data sharing rules may not involve a well-defined set of data values.

The $64,000 question is, how can we make progress? 

(more…)
Leave a comment
by EHR Association on September 10, 2024  •  Permalink
Posted in Health IT Regulation, Health IT Standards, Interoperability, Privacy and Consent, Sensitive Data
Tagged , , ,

Posted by EHR Association on September 10, 2024

https://ehrablog.org/2024/09/10/part-two-privacy-consent-management-landscape-and-challenges-to-scale/

CISA Proposes Practical Guidelines For Reporting Cyber Incidents

EHR Association Privacy & Security Workgroup

The Cybersecurity and Infrastructure Security Agency (CISA), responsible for coordinating cybersecurity programs within the U.S. and improving the government’s cybersecurity protections, proposed new reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act, or CIRCIA. The proposed rule lays out what incidents must be reported, by whom, and what the reports must contain. While the EHR Association provided comments of support for most areas, suggestions for potential refinement were also offered. 

(more…)
Leave a comment
by EHR Association on August 21, 2024  •  Permalink
Posted in Health IT Regulation, Privacy and Security
Tagged ,

Posted by EHR Association on August 21, 2024

https://ehrablog.org/2024/08/21/cisa-proposes-practical-guidelines-for-reporting-cyber-incidents/

HHS Establishes ASTP/ONC

On July 25, 2024, HHS announced it had reorganized its technology, cybersecurity, data, and AI strategy and policy functions to “streamline and bolster technology, cybersecurity, data, and artificial intelligence (AI) strategy and policy functions.” Historically, responsibility for policy and operations has been distributed across the ONC, ASA, and ASPR. Now those responsibilities have been consolidated into the Assistant Secretary for Technology Policy and Office of the National Coordinator for Health Information Technology, or ASTP/ONC.

In response to this announcement, the EHR Association issued the following statement:

“In establishing ASTP/ONC, HHS is acknowledging the increasingly important role of health IT in the care delivery system since the inception of ONC 20 years ago, as well as the critical role electronic patient data plays in the provision of and access to quality care. ONC has collaborated with the health IT industry as we have expanded patient access to their data, the exchange of health information between numerous stakeholders, and now the rapidly growing influence of AI.

“Along with great potential, these changes bring heightened privacy and security risks and the need for a fresh approach to policy, standards, and strategy to address the complex nature of health information technology. The EHR Association believes the new ASTP/ONC can add great value in expanding even further the work they do to coordinate health IT-related policy across the Federal government.

“We look forward to collaborating with ASTP/ONC as we work toward our shared goals of continually improving the quality and efficiency of care through safe, innovative interoperable health IT adoption and use.”

Leave a comment
by EHR Association on July 25, 2024  •  Permalink
Posted in EHRA News, Health IT Regulation
Tagged ,

Posted by EHR Association on July 25, 2024

https://ehrablog.org/2024/07/25/hhs-establishes-astp-onc/

Success of ONC’s Health IT Strategic Plan Rests on Realistic Expectations, Regulatory Timelines

By Stephanie Jamison (Greenway Health), Chair, and William Hayes, M.D. (Trubridge), Vice Chair, EHR Association

With its Draft 2024-2030 Federal Health IT Strategic Plan, ONC seeks to enhance individual and community health through improved healthcare experiences, advanced research and innovation, and integrated health data systems – important goals the EHR Association finds commendable provided the path taken to achieve them is paved with realistic expectations and timelines for regulations targeting them.

In many ways, the mission and vision laid out by ONC in its strategic plan echoes the objectives of our member companies; namely, advancing the quality and efficiency of care through innovative, interoperable health IT adoption and use. However, our enthusiastic support is tempered by concerns over the potential for too-aggressive compliance timelines and expectations that are beyond the reach of EHR and other health IT developers and the provider organizations utilizing these tools – concerns we shared in our response to ONC’s call for feedback on the Draft Federal Health IT Strategic Plan. 

(more…)
Leave a comment
by EHR Association on May 30, 2024  •  Permalink
Posted in Health IT Regulation, Health IT Standards
Tagged , , ,

Posted by EHR Association on May 30, 2024

https://ehrablog.org/2024/05/30/success-of-oncs-health-it-strategic-plan-rests-on-realistic-expectations-regulatory-timelines/

« Older Posts
Newer Posts »

  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 198 other subscribers

  • Contact Us

    Kasey Nicholoff
    staff @ ehra.org

    Amanda Patanow
    Communications and Media
    ehracomms @ npccs.com