Nuesoft Website  |  Blog Home  |  Contact Information

The announcement earlier this month by the Office of the National Coordinator for Healthcare IT (ONC) about its notice of proposed rulemaking for EHR certification may have overshadowed some other significant news recently coming from the U.S. Department of Health and Human Services (HHS). With the anticipated increase of electronic health record adoption over the next few years, it appears that in addition to rolling out a new voluntary EHR certification program, HHS – via its daughter agency FDA – is considering regulation of health information technology systems.

Dr. Jeffery Shuren, director of FDA’s Center for Devices and Radiological Health (CDRH), gave testimony for a hearing late last month of the Health Information Technology (HIT) Policy Committee, Adoption/Certification Workgroup. The purpose of the hearing was to discuss potential HIT safety concerns and how to address them.

According to Shuren: “The FDA recognizes the tremendous importance of HIT and its potential to improve patient care. However, in light of the safety issues that have been reported to us, we believe that a framework of federal oversight of HIT needs to assure patient safety.”

Shuren and the FDA are considering regulation under the premise that EHRs are medical device data systems (MDDS), and thus fall under the FDA’s regulatory jurisdiction. He presented a continuum of regulatory options – ranging from pre-market review to post-market surveillance.

Some in the HIT blogging community have written about the public health and safety benefits of increased oversight. But the challenge at hand for the government is to find a way to foster the development of safer systems, while not hampering innovation at a time when government, patients and industry are all finally recognizing HIT’s tremendous potential to control costs and improve patient care.

What are your thoughts? Is a voluntary, structured certification program like the one that will be rolled out this year under the Health Information Technology for Economic and Clinical Health (HITECH) Act enough to ensure that EHR systems will be safe? Or, do we need to take things a step further through a mandatory regulatory program?