Electronic Health Records (EHR), Increased FDA Regulation and the Benefits of ensuring Patient Data remains Secure, Accurate & always available…

Per the FDA – Health Information Technology (HIT) presents tremendous benefits to the American public, including greater prevention of medical errors, improved efficiency and health care quality, reduced costs, and increased consumer engagement. Particularly with regards to electronic health records.

However, if HIT is not designed, developed, implemented, maintained, or used properly, it can pose risks to patients. Additionally, the clinicians who interface with EHR systems, are either aided tremendously or impeded dangerously – depending upon the compliant implementation of the EHR system. User input is crucial to successful EHR projects.

Desire for Mandated EHR Certification

When you consider EHR, and all the potential pitfalls of misuse, at first blush most folks would not suggest that patient safety is at risk. But that’s exactly what the FDA is asking us to consider.  Jeffrey Shuren – head of FDA’s medical devices division – linked six deaths and more than 200 injuries to health IT problems, based primarily on voluntary reports to the FDA.

Because there doesn’t yet exist a mandatory reporting policy for new medical software and devices, Shuren outlined possible regulatory steps for EHRs, including:

  • Mandatory reporting of adverse events; and
  • Required approval of EHR devices before they can be marketed

Push for EHRs

On the flip side, the Office of National Coordinator for Health IT is pushing for greater adoption of EHRs by health care providers. The ONC has dismissed Shuren’s findings as “anecdotal and fragmentary” – so where does that leave us?

On the one hand, EHR proponents contend that excessive regulation could stifle EHR innovation and inhibit EHR adoption. Additionally, proponents also state that (despite possible errors) EHRs are generally safer than paper records.

Advocates for more regulation say more needs to be done to ensure that EHR systems do not contain design flaws and to make them more user friendly (Schulte/Schwartz, Huffington Post Investigative Fund, 8/3).

To add more background to this debate, Federal law passed by the U.S. Congress in 2012 requires that FDA, in consultation with the ONC, and the FCC, develop and post on their respective web sites “a report that contains a proposed strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health information technology, including mobile medical applications, that promotes innovation, protects patient safety, and avoids regulatory duplication.”  This FDASIA Health IT Report fulfills that requirement.

Per the FDA, all three agencies sought and collected public comment on whether the focus areas identified in the report are the appropriate ones, and whether the proposed next steps will lead to an environment where patient safety is protected, innovation is promoted, and regulatory duplication is avoided. This information is reflected in the draft framework.

Additionally, per the FDA, there are some areas of health IT oversight that will benefit from continued engagement, including clinical decision support for IT and electronic health records. For that reason, the FDA is opening a docket to accept comments on the report.

Here’s where it gets interesting.

Per the FDA, “in order to streamline EHR use, the FDA encourages use of the EHR technology certified under the Office of the National Coordinator for Health Information Technology’s (ONC) Health IT Certification Program.”

They list a number of obvious, clearly defined, invaluable benefits to utilizing the ONC’s Health IT Certification Program – but here’s the rub; it’s still a voluntary certification program.

Yes, the benefits are clear, unambiguous and would greatly enhance patient safety, and protection of Electronic Health Records. But it’s not mandatory to do so.


We at Advantu believe Health IT Certification should be Mandatory, and the reasons should be obvious, as stated by the FDA:

“The use of such certified technology would give FDA confidence during inspections that the EHR data is reliable and that privacy and security protection considerations have been met. For non-ONC-certified EHRs, sponsors should consider whether the systems in place ensure preservation of confidentiality, integrity, and reliability of data, including consideration of whether (i) system access is limited to authorized users, (ii) authors are identifiable, (iii) audit trails are available to track data changes, and (iv) records are maintained for FDA inspection as required by applicable regulations.”

For those organizations who provide EHR systems, and their clients, I’m sure the end users would appreciate knowing the EHR system was designed, reviewed, approved, installed, implemented and properly vetted for compliance and intended use – in order to confirm clinical user needs and patient safety are 100% protected.

Because we value our loyal (and new) readers opinions, thoughts and inputs – we plan to publish results of this brief survey:

Should ONC’s Health IT Certification Program be Mandatory? 

  1. Yes
  2. No

Please send an email to support@advantu.com Subject: EHR with your Yes or No vote.


You may also like...