Home  |   Subscribe  |   Resources  |   Reprints  |   Writers' Guidelines

April 2, 2007

CCHIT Certification: Is It for Everyone?
By Selena Chavis
For The Record
Vol. 19 No. 7 P. 14

The commission touts its effectiveness, while others question its mechanisms. Meanwhile, a new coalition has been born to offer frustrated vendors an option.

In May 2006, the Certification Commission for Health Information Technology (CCHIT) finalized the first national certification standard for ambulatory electronic health record (EHR) products and officially began accepting applications from software vendors.

Since that time, the organization has certified 55 products and is moving forward with steps to implement the next phase of certification standards that will cover inpatient EHRs. “We estimate that’s about 25% of the vendor market that has successfully come through,” says CCHIT Executive Director Alisa Ray regarding ambulatory products that have received certification.

Launched via the cooperative efforts of three leading HIT industry associations—the AHIMA, HIMSS, and the National Alliance for Health Information Technology—the organization was awarded a three-year contract in 2005 to develop and evaluate certification criteria and create an HIT inspection process.

According to Andy Ury, MD, CEO of Seattle-based Practice Partner and vendor representative on the CCHIT Board of Commissioners, the goal of the certification process is to encourage the adoption of EHRs by ensuring interoperability of HIT products, reducing the risk of investment by physicians and other providers, and better enabling the process of providing incentives.

“Certification came about partly based on the urging of national associations and insurance carriers who wanted to pass down benefits to their customers for EHR adoption,” he recalls, adding that payers and purchasers providing incentives for EHR adoption wanted to be assured that the return on investment would be improved quality. “A lot of different players also saw certification as a vehicle enabling interoperability by everyone agreeing to the same standards.”

Now, nearly one year into the certification process, opinions vary widely as to the program’s effectiveness and fairness. While many stakeholders believe the process is beginning to achieve its goals, others are crying foul, criticizing that the criteria are too extensive and the costs are stifling competition.

“We’ve had quite a bit of stir about it,” says Robert Gleeman, medical journalist with EMRupdate.com, an online forum providing EMR (electronic medical record)-related news and opinions to more than 5,000 member doctors. “It immediately wipes out hundreds of vendors.”

“It’s not to be minimized,” emphasizes Don Schoen, CEO of Iowa-based MediNotes and current chairman of the Electronic Health Record Vendors Association (EHRVA), an organization operating under the umbrella of HIMSS. “It’s a huge burden for a company to pass through all those criteria.”

According to Jon Bertman, MD, the certification process is geared for vendors serving large practices, and the costs are burdensome for vendors trying to market cost-effective products to small physician offices. Founder of Amazing Charts, one of the larger providers of EHR technology addressing practices with one to five providers, Bertman believes the price tag of the certification process will drive costs up for this sector.

“First, I was excited [about certification] because everyone and their brother can say they have an EHR product,” he recalls. “The problem is the ludicrous price. That price decreases the ability of new companies to compete, and ultimately, it’s the physicians who get hurt.”

Laura Nasipak, product manager with Massachusetts-based eClinicalWorks, a larger company with roughly 350 employees representing 2,200 clients, says management at her company was also shocked with the initial cost for certification, but in the end, it was something manageable for the company.

“It depends on who you ask—[the cost and criteria] are nothing for a company that makes $40 million a year,” Gleeman emphasizes. “A one- or two-person office isn’t going to need a lot of the criteria.”

Evolution of the Certification Process

Understanding that many stakeholders had a vested interest in the finalization of a standard for certification, Ray notes that CCHIT made the process as public as possible from the beginning. “Everything we do is very transparent to the public—everything is open to public comment,” she emphasizes, adding that members of the organization’s voluntary board of commissioners come from various backgrounds representing academia, the private sector, nonprofit organizations, and government agencies. “Volunteers reach out to us. There’s been a lot of discussion between groups.”

Following the formation of initial workgroups in late 2004, the CCHIT invited public comment to the established criteria in April 2005, adopting the final criteria one year later. Currently, vendors must pass more than 200 criteria to achieve certification encompassing the areas of functionality, reliability, security, and interoperability. And the criteria are expected to expand in the coming years.

According to Ury, the EHRVA was formed simultaneously to the adoption of certification standards to ensure the interests of the vendor community were addressed. “The vendor community has been heavily involved and supportive of certification from the beginning,” he adds, stressing that while vendors have a vested interest, they “do not control certification.”

Each volunteer of the 19-member board of commissioners serves one- and two-year staggered terms and is responsible for appointing 12 to 14 members and two cochairs for each of the five work groups. The commission is comprised of at least two representatives each from the provider, payer, and vendor stakeholder groups, and at least one from seven other stakeholder groups, including safety net providers, healthcare consumers, public health agencies, quality improvement organizations, clinical researchers, standards development and informatics experts, and government agencies. Of the 19 members, three are currently vendors.

Schoen concurs with Ury regarding the establishment of the EHRVA, noting that vendors didn’t want to get legislated into a process that wasn’t meaningful. “There were 1,500 test script aspects that were being considered,” he recalls. “We were able to get that number down to something more reasonable.”

Following the public comment period that ended in March 2006 and the close of a pilot test, a number of revisions were made to the originally submitted standards. According to the CCHIT, 245 of the 264 original functionality criteria were fully validated, 12 were revised with minor wording changes, six were made provisional, and one was deleted. Under interoperability, there was a roadmap adjustment to two criteria and minor wording changes. Changes were also made to the security area, where 11 of the criteria were reassigned as provisional and one was deleted as duplicative.

“They have done a lot of due diligence,” notes Nasipak. “The criteria are definitely defining the core needs of what a typical practice would need.”

How the Process Works
Most vendors agree that the process of becoming certified in itself is efficient. The test is completed by Webcast, so there is no travel or site visits involved.

According to CCHIT Executive Director Alisa Ray, the process can be compared to an open-book test as all the criteria are posted on the CCHIT Web site. “Vendors can practice,” she notes.

By and large, the bulk of the test is completed by jury observation involving a vendor walking through a clinical scenario. The jury comprises three clinical jurors—one of whom must be a physician—and an IT security evaluator. The team assesses each product’s compliance to the certification criteria, and the vendor either passes all or fails.
Ray acknowledges that there have been some failures, but the majority has passed. “What we hope is that this vendor [who fails] will learn and come back to test again. It’s a positive approach,” she says.

The inspection involves critiquing a product’s performance during execution of a series of tests and reviewing documentation supplied by the vendor. Testing typically takes one day. “The functionality testing on average takes about four hours,” Ray says. “Security is more black and white and doesn’t necessarily take as long.”

The CCHIT opens periodic three-month windows for the certification, and the initial cost runs $28,000, which provides a three-year certification. According to Ray, vendors also pay $4,800 in the second and third years to cover some marketing and licensing fees.

If a product is significantly reengineered before the end of the three-year period, Ray says it must be recertified. “If [a vendor] significantly rearchitects the product, it’s in everyone’s best interest that they recertify,” she says.

Schoen notes that a gray area exists for many vendors when it comes to understanding exactly when recertification is needed. To stay competitive in the marketplace, software vendors must consistently enhance and update their products. “We come out with updates two to three times a year, but it’s not an overhaul,” he says. “We don’t have to recertify [in those instances].”

Effects on the Marketplace
According to Ray, the CCHIT data suggest that there is at least anecdotal evidence to support the assertion that certification is becoming the differentiator in the marketplace. Regarding expectations for quality and interoperability, she says, “Competitive market pressures are telling [vendors] that they need to be at this level.”

Ury concurs, noting that he has seen evidence that it’s beginning to achieve the goal of attracting insurance carrier benefits.

For Bertman, evidence supporting these trends may not be good news for vendors targeting smaller ambulatory practices. Bertman believes the costs of the certification process will stifle competition.

“My concern is that CCHIT has become a defacto standard and may become a requirement by third-party insurance in the future,” he says. “If that happens, we’ll have to become certified, and our prices will go up.”

Pricing for Amazing Charts’ EHR technology currently averages $995 plus $500 per year. According to Bertman, larger EHR vendors charge anywhere from $10,000 to $25,000 for initial license fees. Amazing Charts’ technology is currently used in more than 1,300 practices and is growing by approximately 50 per month.

Schoen acknowledges that the certification process is time-consuming and costly for smaller companies, and there are many criteria required that “small physician offices will never use. You have to have a level playing field,” he says, adding that he does not believe the process will drive costs up to unreasonable levels. “I think cost-affordable solutions are out there under CCHIT.”

Offering an example, Schoen says the Medical Group Management Association has data revealing that typical EHR product costs for a single practitioner range from $32,000 to $37,000. “There are CCHIT products out there that are a third of that price,” he notes.

Ray acknowledges there has been ample debate over the cost of certification but suggests that in the end, it is the amount required to cover the costs of the independent, not-for-profit organization. “If you think about our model, it’s very efficient when compared to other types of private validation,” she says. “There are a lot of small companies that have achieved certification successfully.”

Ury agrees, adding that he believes there is a wide spectrum of vendors represented by those currently certified. “Given that so many vendors have been certified, it’s an indication that it has been widely accepted,” he says, adding that nearly all vendors representing “major” market share have been certified. “It’s certainly expensive, but it’s not out of reach for the majority of vendors.”

According to Gleeman, Amazing Charts is not alone in its frustrations. In fact, dissension from smaller companies has resulted in discussions about the formation of the Vendor EMR Coalition for HIT—a group that could potentially provide an alternative to CCHIT certification. “It’s a good idea,” Gleeman asserts, adding that the group is considering certification costs of $3,000 as opposed to the CCHIT’s $30,000.

According to Gleeman, the group seeks to focus the criteria of certification more on the repute of the company being certified and on the product’s effectiveness. “They [those at the CCHIT] are not saying ‘these EMRs work better.’ They are not saying that ‘these companies are more stable,’” he notes. “That’s the idea for the vendor coalition certification.”

— Selena Chavis is a Florida-based freelance journalist whose writing appears regularly in various trade and consumer publications covering everything from corporate and managerial topics to healthcare and travel.


CCHIT’S Roadmap for the Future

Following the launch of its ambulatory electronic health record (EHR) certification in 2006, the Certification Commission for Health Information Technology (CCHIT) is moving forward with the process of certification for inpatient EHR products with expectations that the first certified products will be available in 2007.

According to Ray, the new criteria will take effect May 1 and include new requirements for electronically sending prescriptions as well as receiving laboratory test results. These are the first CCHIT interoperability criteria which require common standards for sending and receiving patient care information, allowing EHRs to exchange data and making them compatible with emerging health information networks.

Also high on the organization’s priority list is the process to expand the core certification components to specialty areas, including emergency departments, long-term care, and home health. “This has been very market driven,” says CCHIT Communications Director Sue Reber, noting that many interested groups had approached the commission directly.

The CCHIT recently announced that Health and Human Services had authorized and funded the commission to expand its certification scope of work for ambulatory EHR products to begin addressing some medical specialties and specialized care settings.

Ray says the CCHIT is initiating the process by establishing a fair and objective approach of prioritizing which specialties should be addressed first. Factors in this prioritization will include the amount of criteria development work required, the readiness of the specialty to participate in development, and the potential positive impact certification could have on EHR adoption in that specialty.

— SC