AMIA OKs New Direct Review Authority for ONC

Share Article

Nation’s biomedical and health informatics professionals say federal officials should focus efforts on health IT involving medical errors or contribution to patient safety harms

The American Medical Informatics Association (AMIA) responded to a notice of proposed rulemaking (NPRM) issued by the Office of the National Coordinator for Health IT (ONC) with qualified support for officials to conduct direct review of certified products and take action when necessary, including suspending and terminating certifications issued to Complete EHRs and Health IT Modules. The organization of health informatics professionals cited a need for systemic oversight of health IT for purposes of safety and effectiveness, and urged ONC to focus proposed powers on issues related to medical errors or issues that contribute to patient safety harms.

“We are greatly concerned by the absence of a national system to oversee the safe use and safety of health IT. Insofar as this rule would create processes to identify and address potential or demonstrated harm to patient safety due to health IT, we support this effort,” AMIA said in comments submitted April 27. However, AMIA qualified this support by recommending ONC narrow the circumstances under which it would initiate direct review of certified health IT to non-conformities that increase medical errors or contribute to patient safety harms, and focus on certification criteria developed through the existing statutory and regulatory processes. “By using established processes for incorporating new and updating existing certification criteria, ONC has the opportunity to make evidence-based improvements that both developers and providers can understand.”

The ONC said there are certain instances when review of health IT is necessary to ensure continued compliance with certification requirements, but such review is beyond the scope of an ONC-Authorization Certification Bodies’ responsibilities, expertise (i.e., accreditation), or resources. The NPRM outlined a series of actions ONC could take if it found certified health IT to be non-conformant to certification criteria, including suspension and termination of Complete EHRs or EHR Modules. The ONC cited section 3001(b) of the Public Health Services Act (PHSA) as justification for direct review, which includes a wide array of general goals laid out by Congress. AMIA voiced concern: “We believe the goals enumerated by this section of the PHSA give ONC its broad authority to establish any number of programs to achieve said goals, but find it difficult to understand how ONC could justify a suspension or termination of a certified Health IT Module because it failed to ‘reduce health disparities,’ for example. Additionally, we are concerned that actions taken for non-conformities against unpublished or generalized certification criteria could be a source of confusion for developers, and capricious application by regulators.”

While the NPRM noted concerns related to public health and safety as warranting direct review, AMIA recommended ONC be explicit in a narrowed focus on non-conformities these concerns and utilize its established regulatory processes to implement and improve its Certification Program.

“We know that health IT can be a boon to patient safety,” said AMIA Board Chair and Medical Director of IT Services at the University of Washington’s UW Medicine, Thomas H. Payne, MD. “But we also know that health IT, like all software, is susceptible to glitches, bugs and misuse. We must have more visibility into how health IT is impacting patient safety, and when problems are identified we must have policy tools to address those issues.”

AMIA cites recent literature from the Joint Commission, and a pair of studies that demonstrate the need for more breadth and rigor in how the federal government addresses known gaps in health IT safety.

“At this point, there is no federal oversight of health IT systems not considered a medical device,” said AMIA President and CEO Douglas H. Fridsma, MD, PhD. “If ONC finalizes its proposals as we recommend, patients and providers can be better assured that health IT safety issues will be identified, investigated and corrected.”


AMIA, the leading professional association for informatics professionals, is the center of action for 5,000 informatics professionals from more than 65 countries. As the voice of the nation’s top biomedical and health informatics professionals, AMIA and its members play a leading role in assessing the effect of health innovations on health policy, and advancing the field of informatics. AMIA actively supports five domains in informatics: translational bioinformatics, clinical research informatics, clinical informatics, consumer health informatics, and public health informatics.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lisa Gibson
American Medical Informatics Association
+1 (301) 657-5909
Email >

Krista Martin
American Medical Informatics Association
(703) 731-6737
Email >
Visit website