What is certified software, and why should you care?

By Dava Stewart

Shopping for an electronic health records (EHR) system is often fraught with frustration and worry. There are so many factors to consider: your own — and your staff’s — level of comfort with technology, changing the workflow of the practice, financial consequences, how the system will integrate with your existing equipment, and, of course, the legalities.

Remaining in compliance with the regulations of the Health Information Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) is critical for practitioners.

But how can you be absolutely certain that any system you are considering will help you stay compliant? There are plenty of rules in place for healthcare providers, but what rules exist for software companies? How can you be sure that the systems they are trying to sell you will help you meet the guidelines and requirements of HIPAA and HITECH?

When exploring EHR systems, make sure they are certified by the Office of the National Coordinator (ONC), which oversees and coordinates the implementation of EHR systems across the country. The ONC is a resource for the entire healthcare system and has created the Health Information Technology (HIT) certification program, which is system for software manufacturers that provides the assurance practitioners need before purchasing and EHR. Both the ONC and the position of National Coordinator were created as part of HITECH.

Healthcare information software must get through the three HIT steps before being officially certified:

1. Testing — Software developers and vendors must first test their products with an ONC Accredited Testing Laboratory (ATL). After testing activities are completed successfully, the product goes to step two.

2. Certification — Authorized Certification Bodies are tasked with helping developers and vendors get their products certified. Once that process is done, the product can move on to the third step.

3. Submission — Once a product has been tested and certified, it is submitted to the ONC to be added to the Certified Health IT Product List (CHPL).

When a product is added to the CHPL, you have assurances that it has the capability, functionality, and security to help you stay HIPAA and HITECH compliant. Practitioners can search the CHPL for certified EHR systems to make sure that any system under consideration meets all of the requirements of the law, as well.