The Office of the National Coordinator for Health IT (ONC) and The Centers for Medicare & Medicaid Services (CMS) today released final requirements for Stage 2 Electronic Health Records Incentive programs. The regulations can be found here:
CMS
ONC
A fact sheet on CMS's final rule is available here.
A fact sheet on ONC's standards and certification criteria final rule is available here.
The vocabulary, transport, and content standards in the ONC Final rule align perfectly with previous recommendations from the HIT Standards Committee. A few highlights of interest from my initial reading:
1. SMTP is the required transport standard for all certified EHRs and has been included in the Base EHR definition, meaning that all EHR technology used by EPs, EHs, and CAHs and that meets the CEHRT definition will, at a minimum, be capable of SMTP-based exchange.
There are two optional approaches for the transitions of care certification criteria SMTP/XDR and XDR/SOAP. The specific language reads
"The Secretary adopts the following transport standards:
(a) Standard. ONC Applicability Statement for Secure Health Transport (incorporated by
reference in § 170.299). .
(b) Standard. ONC XDR and XDM for Direct Messaging Specification (incorporated by
reference in § 170.299).
(c) Standard. ONC Transport and Security Specification (incorporated by reference in §
170.299).
EHR technology must be able to electronically receive transition of care/referral summaries in accordance with:
(A) The standard specified in § 170.202(a).
(B) Optional. The standards specified in § 170.202(a) and (b).
(C) Optional. The standards specified in § 170.202(b) and (c).
To permit additional flexibility and options for EHR technology developers to provide their customers with EHR technology that has been certified to support an EP, EH, or CAH’s achievement of the “transitions of care” MU objective and associated measure, we have adopted two optional certification approaches for transport standards. For each option, EHR technology would need to demonstrate its compliance with both of the identified specifications in that option in order to be certified to the option.
• The first option would permit EHR technology to be certified as being in compliance with our original proposal: certification to both the Applicability Statement for Secure Health Transport specification and the XDR and XDM for Direct Messaging specification.
• The second option would permit EHR technology to be certified to: the Simple Object Access Protocol (SOAP)-Based Secure Transport Requirements Traceability Matrix (RTM) version 1.0 standard and the XDR and XDM for Direct Messaging specification."
2. Electronic notes must be searchable
"Enable a user to electronically record, change, access, and search electronic notes."
I look forward to vendor implementations of searching free text - will they use simply keyword indexing or more innovative natural language processing techniques that enables text to be search with context as I wrote in this blog post.
3. EHRs must support display of image results, although this could be accomplished via a single sign on link to a PACS system
"Image results. Electronically indicate to a user the availability of a patient’s images and narrative interpretations (relating to the radiographic or other diagnostic test(s)) and enable electronic access to such images and narrative interpretations."
4. Encryption is required for EHR data stored locally on client devices - this refers to caches and local databases created by the application and not a user saving a file or doing a screen print.
"Record the encryption status (enabled or disabled) of electronic health information locally stored on end-user devices by EHR technology in accordance with the standard specified in § 170.210(e)(3) unless the EHR technology prevents electronic health information from being locally stored on end-user devices (see 170.314(d)(7) of this section)."
Here's a summary of the intent
5. Care Coordination data must be receivable using the Direct protocol and incorporated in structured form.
"(B) Data incorporation. Electronically incorporate the following data expressed according to the specified standard(s):
(1) Medications. At a minimum, the version of the standard specified in § 170.207(d)(2); (2) Problems. At a minimum, the version of the standard specified in § 170.207(a)(3); (3) Medication allergies. At a minimum, the version of the standard specified in § 170.207(d)(2)."
6. Health Information Exchange with Patients is required using the Direct protocol
"EHR technology must provide patients (and their authorized representatives) with an online means to view, download, and transmit to a 3rd party the data specified below.
Transmit to third party. (1) Electronically transmit the ambulatory summary or inpatient summary (as applicable to the EHR technology setting for which certification is requested) created in paragraph (e)(1)(i)(B)(1) of this section in accordance with the standard specified in § 170.202(a).
(2) Inpatient setting only. Electronically transmit transition of care/referral summaries (as a result of a transition of care/referral) selected by the patient (or their authorized representative) in accordance with the standard specified in § 170.202(a)."
I'll write more over the next few days. I look forward to industry reaction as to the difficulty of implementing some of the more novel workflows.