By MARGALIT GUR-ARIE

Can you buy an ONC Certified EHR, or EHR module, and discover to your chagrin that no matter how hard you try, Meaningful Use is not within reach?

While the spotlights were shining brightly on CMS and ONC as the final definitions of Meaningful Use (MU) and EHR certification criteria were being released, NIST quietly posted its (almost) final definition of EHR testing procedures for certification. The procedures still need ONC’s stamp of final approval, but it seems that this is just a formality. In the past I expressed misgivings regarding the “lightness” of the draft version of the NIST testing procedures, so naturally I was curious to see the final documents. Although some problematic procedures were simply removed from the final version, others still remain.

Thus the answer to the opening question above is a resounding Yes.

In an attempt to part ways with the heavy handed CCHIT certification model, NIST adopted a simplistic, narrowly defined set of testing procedures. Vendors, particularly small ones who never underwent CCHIT certification, will likely be happy with the latitude afforded by NIST. However, the lack of specificity may very well place unsuspecting physician buyers in a bad situation, and here is how.

• §170.302(h) – Incorporate laboratory test results: The final ONC certification rule does not require a particular standard to be used by the EHR for receiving structured lab results. All comments submitted to ONC requesting standard specification have been rejected in the interest of flexibility. Adhering to the ONC ruling, NIST allows the EHR vendor to select any format they desire for certification purposes. A comma or pipe delimited text file will do.National reference labs, like Quest and LabCorp, as well as smaller regional labs and hospital labs, are all standardized on some minor version of the HL7 2.X standard for transmission of lab results. An EHR, or EHR module, passing ONC certification with anything but the industry accepted HL7 standards will be unable to connect to any laboratories. The “older” EHRs, which have submitted to CCHIT certification in the past, all have working HL7 lab interfaces. The concern is with brand new products, certifying for the first time.

  Assuming the EHR, or EHR module, has HL7 capabilities for lab results, there is still a major hurdle to overcome. National reference labs have long implementation queues and stringent testing and certification processes of their own. It may take 6 months or so, for a new EHR vendor to establish the first live interface with a reference lab. Any subsequent interfaces must also undergo testing and could also take months to create, depending on both vendor and lab availability of resources.

  For a physician contemplating the purchase of a particular EHR this translates into a need to obtain documented proof from both the EHR vendor and the Lab(s) that operational interfaces exist for the Laboratories used by the practice. It also requires that you factor in the additional time it will take to create your particular interface(s).

• §170.304(b) – Electronically exchange prescription information: NIST has decided that for certification purposes, only the ability to send out a new prescription will be tested. The entire test procedure consists of generating NEWRX messages according to the SCRIPT standard and sending them to a vendor identified external system. Successful testing is decided based on the correctness of the generated message. An EHR, or EHR module, conforming to this particular test is not guaranteed to be able to satisfy the MU criterion. Not by a long shot.EHRs need to connect to the Surescripts network in order to send prescriptions electronically to pharmacies. Surescripts requires the EHR vendor to go through an arduous testing process prior to being allowed to use the network. The ability to send out new scripts is only a small part of Surescripts testing. The vendor must have the ability to also receive error response messages from Surescripts and the pharmacy, receive and respond to refill requests from the pharmacy and send renewal messages to pharmacies. Surescripts must also be satisfied that the EHR’s user interface conforms to Surescripts standards. Surescripts certification is a lengthy process and it is not unusual for it to extend well beyond eight months.

  In a nutshell, a physician aiming to become a meaningful user and collect Government incentives must ensure that the ONC certified EHR about to be purchased is also Surescripts certified. ONC certification for this core MU requirement is meaningless.

• §170.302(d) – Maintain active medication list: The minimalistic NIST test procedure for this criterion will not affect Meaningful Use or stimulus incentives. It may, however, adversely affect patient care. This test procedure actually presumes that each time a prescription is modified, such as changing dosage or frequency, any and all previous history of said prescription is erased. For example, if a few weeks ago you prescribed Celexa 20mg and today you and the patient decide to increase the dose to 40mg, the medical record will show that the patient was started on Celexa today, and the dose is 40mg. There will be no visible trace of the 20mg regimen in the EHR.Again, “older” EHRs, having gone through CCHIT certification at some point, will probably retain correct medication histories. New EHRs and EHR modules, written to the NIST testing specifications, may not. Unlike lab interfaces and electronic prescriptions, there is no obvious third party verification to look for when shopping for an EHR. This type of problem will not be discovered by a prospective buyer until the EHR has been purchased, installed and used for some time. At that point, with histories lost, the only recourse would be to request the vendor to provide an enhancement to certified functionality.

These are just the most obvious problems. Generally speaking, the test procedures are so narrowly defined that recording such things as who modifies allergies, vital signs, medications or problem lists, or when these were modified, or why, are not a requirement for passing the tests. Presumably, these are all recorded in the audit logs, but there is no specific inspection of the logs and anyway clinicians are not going to consult audit logs on a routine basis. Many other test procedures are of similarly superficial nature, suggesting that NIST is not attempting to certify a product as much as it is trying to certify a technology framework which could be ultimately used to build a meaningful product.

Bottom Line: Physicians need to understand, and ONC needs to clarify, that although required by CMS, ONC EHR certification does not guarantee availability of all EHR features and functionalities required to achieve Meaningful Use.

Margalit Gur-Arie blogs frequently at her website, On Healthcare Technology. She was COO at GenesysMD (Purkinje), an HIT company focusing on web based EHR/PMS and billing services for physicians. Prior to GenesysMD, Margalit was Director of Product Management at Essence/Purkinje and HIT Consultant for SSM Healthcare, a large non-profit hospital organization.