Convert your FHIR JSON -> XML and back here. The CDA Book is sometimes listed for Kindle here and it is also SHIPPING from Amazon! See here for Errata.

Monday, February 24, 2014

MeaningfulUse 2015 Certification Rule

A quick summary of what is new and different in the recently published Voluntary 2015 Edition Electronic Health Record Certification Criteria: Interoperability Updates and Regulatory Improvements.  You can also find the Word version here, and I recommend it to you for making comments.  Kudos to ONC for making that version available, as it helps both them and us review the material and effectively make comments.

This is but a summary of what I ready between 5:30pm Friday afternoon, and finished reviewing sometime Sunday morning.  It's amazing that I've already had three deep discussions about this content with three other people who've also read it through, and it has yet to be officially published in the Federal Register (but will be there by the time most of you are reading this post).  Note that I started reading this document in Virginia returning from "vacation", and finished my first pass Sunday morning around 9:30am before taking off for HIMSS 2015.  I spent around 90 minutes on this Friday, 15 on Saturday, and about two hours Sunday morning.  While I read, I tweeted the highlights using the hashtag #mu2015 as a way to keep notes.

Some tips when reading NPRM's.  I read them through several times.  The first time, to get the gist of it, I start after the boilerplate and history and regulatory authority, and stop as soon as it gets to the financial impact statement.  So, I don't actually read the proposed regulation, just all of the commentary around what they proposed and considered.  That's the essential stuff you need to know for commenting, while all else is useful, the meat is in that chunk.  It cuts about 25 pages from the front half, and another 75 from the back, so I only had to read 150 pages, not all 252.  Normally, I'd go through 150 pages in about 2.5 hours, but remember that I'm also taking notes while doing this, so not bad for four hours.  I know people who've already put 8 hours into this thing.  So what you are getting is just the gist from that first read through.  Note that in the following, all page numbers are in the pre-publication public inspection version of the rule (and the ONC Word Version), not the prettily formatted Federal Register version that will be published Monday.
  • Many criteria have been split to better support modular certification, which is the only form expected to be supported henceforth.  It makes sense because not everyone needs a "Complete EHR" or has one from a single source.
  • The first of these to be split out is CPOE, separately for labs, imaging and medications. (p26-29)
  • The standard to use for transmitting orders to labs will be the S&I Framework LRO Guide balloted through HL7.
  • Additional criteria has been added for labs, and the NPRM strongly hints at future ramifications regarding CLIA requirements for labs interfacing with 2015 Certified EHR technology.  This was my second predicted standard back in December.  I also made some points about possible CLIA ramifications almost a year ago that got some attention, and may be in the works if I read between the lines correctly.
  • I complained quite loudly about how ONC messed up the selection of the standard for language codes by selecting a different standard than was already in CDA.  It appears they are considering how to fix this problem now.  I'm all for using RFC 5646 which is what the Internet understands (and so does CDA).
  • P38 of the rule offers explanation of how AHA recommends BP be taken. Have you ever had you BP done this way?  Me neither.  Lets use LOINC for the vocabulary as suggested in the NPRM.
  • Note, many criteria are unchanged, for example, the need to record current problems, medication allergies and medications.  I skip a lot of this, as well as minor version updates of standards.  The point is that a summary should only address those things that are pertinent and relevant.
  • P39-44 explains rationale for use of #HL7 Health eDecisions and DSS guides.  There's a lot of explaining here, and probably for good reason.  That standard needs quite a bit of work still to harmonize with everything else already in the MeaningfulUse architecture.  Prediction #3 came mostly true.  I'll count this one in full because the key was HeD, and not VMR.  DSS implies VMR in any case.
  • P44 searching across electronic notes added.  This is a pretty significant change.  Dare I say, they want to be able to Google within a patient record?
  • P48 smoking status unchanged.  This is one of the unchanged things that really matters to people.
  • P49 access image results unchanged.  And another one.
  • P49-50 covers changes to family history, and this is going to be a whole blog post.  Family health history to be recorded using HL7 Pedigree standard, as SNOMED CT dropped.  The key challenge here is that the Pedigree standard is a model, not an XML expression.  How do you test conformance to a model?
  • From P25 to page 51 there are at least four references to FAQs which have adopted into regulation thus far.  I see a pattern developing.  Check the FAQs
  • In the HL7 InfoButton standard, there's no real way to do a patient education or CDS based information request based on a lab result value, only the lab result code.  Thus, I can request information on A1C, but not on a value of 7% in an A1C result.
  • If the patient has a device that has a GUDID, then it appears in their record.  I missed that in my predictions, and it should have been obvious in retrospect given the big splash back in the September HL7 meeting that the FDA and others were trying to make.  I don't know that missed predictions count against me though ;-)
  • P62 begins the discussion of splitting the create and transmit to be separate criteria.  I know a few interface engine vendors who cobbled together a CCDA just to get certified to support create and transmit because you couldn't separate them in order to meet their customer's needs to be able to use that engine to support transmit.  You needn't show create to certify for transmit & versa visa! +1 for @johnmoehrke
  • P65 "would no longer require testing and certification to the primary Direct Project specification" supports more flexible approach, which simply involves demonstrating that you can get your message to a Direct address.
  • In my tweet I said OMG, but I really wanted to say something much stronger when I realized they actually named CCDA Release 2.0.  As that standard presently stands during reconciliation in HL7, the template identifiers are completely different and it will be largely incompatible with MU 2014 certified systems.  So only 2015 certified systems will understand it, and that will cause a HEAP of hurt because 2015 is an optional criteria, which now means we are back to two standards, CCDA 1.1 and CCDA 2.0, and the two at present don't have a backwards compatible path for 2014 Certified EHR products.  Another prediction right (although I later withdrew it thinking, or perhaps hoping they wouldn't make that mistake.  Then again, it's still correctable because 2.0 is still in surgery right now (ballot reconciliation).
  • ONC added a performance measure that "EHR technology would need to be able to receive no less than 95% of all" valid CCDA documents.  This is pretty significant, especially since ONC never really defines what "receive" means.  To me, that means successfully import. This is where I hoped they would name the TOC Guide instead of CCDA 2.0, and they didn't.  So, I think between CCDA and TOC, I get a half a point.
  • P74-75 discusses name matching criteria that includes first, middle, last, dob, place of birth, maiden name, sex, and current & historical address.  For name matching purposes, some of these are good confirmatory elements, and others are good elements to confirm or reject a match, but the criteria doesn't say how to use which ones.
  • Note that the above criteria, and the addition of GUDID means that the Common MU Data Set will likely be changing to support those additional data elements.
  • P78 In one place, two requirements were merged: The requirements for reconciliation and incorporation requirements were combined.  I keep telling people that the IHE Reconciliation profile is a good profile to adopt for these requirements.  IHE is going to be updating it this year to simplify the requirements and make it easier for systems to declare conformance.  Maybe ONC could adopt it?  They did ask.
  • P83-86 discusses #HL7's #HQMF release 2 standard, proposed for EHRs to interpret Clinical Quality Measures.  Another prediction right.
  • P88 CEHRT must be able to filter populations by several criteria before producing measures.  This one seems kind of silly, since a measure already has a population criteria which filters the population to which the measure applies.  It may well be that some don't understand how measures or HQMF really work.
  • P90 They asked for feedback on support for two factor authentication for ePrescribing of controlled substances and remote EHR access.
  • P97 Contains a spoiler alert "given our proposal to discontiinue the Complete EHR concept ..."
  • P101 WCAG level AA proposed instead of level A for View capability
  • P103 Imaging is back into play for patients. This was proposed for 2014 but later dropped.  Shouldn't patients be able to get diagnostic quality images?
  • P109-113 Both CDA and QRDA standards were proposed for syndromic surveillance in ambulatory space.  Both might work.  The former would be used as specified and the surveillance would occur by simple inspection of that appeared without a lot of net new exchange requirements.  However, we'd be utilizing QRDA instead of using it for this purpose.
  • P129 ONC provides a 2014 to 2015 equivalency table that will save many of us a lot of work understanding the rule.  Thanks!
  • P149 Finally Meaningful Use gets meaningful brand identification with introduction of a certification mark 
  • Questions about 2017 criteria start at p154, and so I stopped reading there, since my review was strictly to address 2015 criteria.
Of significant note, BlueButtonPlus didn't make it into the proposed criteria, and was barely discussed in such as way as it could be included.  However, there's a way forward.  But first some discussion about regulations.

There's rules about regulations, not surprising.  One of those rules is that if it wasn't discussed or asked in the proposed regulation, it cannot be done in the final rule.  So if there is no discussion about Blue Button + in the regulation, it couldn't be in the final rule, right?  Except there is a big hole in the second paragraph of Page 100 which says: "We seek comment on whether we should require another transmission method as part of this certification criterion in addition to the one just discussed."

There's the opening for Blue Button +, which is after all, a transmission protocol.  So, if you want Blue Button + to be part of the 2015 criteria, that appears to be your opening.  It is such a close thing to what is already required in VDT, couldn't we just go there?

As a summary, this is pretty long.  Let me make a long story short.  My grade on predicting appears to be 3.5 right out of 5, with one major missed prediction (GUDID).  I can live with that score, especially since I don't know many others who were willing to go out on such a limb.


P.S.  I proposed in my Project Management class to take on planning a project to do an assessment of the 2015 criteria.  Now that we have half a clue what it is, my team can proceed to the next step.


  1. Keith,

    Thanks for the excellent summary! Were you surprised that there wasn't any reference to closed loop referrals or a major expansion of ToC receive?


  2. Keith,

    Thanks for this, very helpful. You touch on this in some of the discussion above, but probably worth noting clearly for those who have not yet been exposed to this "2015 Edition" that it is essentially an "interim, voluntary edition".

    Unlike the previous 2011 and 2014 editions there is no requirement to re-certify anything, Once this edition is "final" vendors can choose to certify either to the 2014 edition or the 2015 edition. The next edition (2017) will be similar to 2011 and 2014 in that it will be mandatory to meet its criteria for certification for MU3 (and, presumably, as the 2014 edition did for stage one, it will re-define go-forward criteria for stages one and two).

    Which begs the question, how many vendors will certify to this edition? In some cases, there are advantages to certifying to this newer edition since, as you noted, it decouples things in the "create vs. transmit" area and would otherwise potentially be a "better fit" in some areas. Product not yet certified would be better served using the newer criteria to be better positioned for the 2017 edition.

    But, as you noted in the context of C-CDA 1.1 vs. 2, the reality will be that until the 2017 edition kicks in (and anything that far in the future has some uncertainty around it) it's likely that the dominant edition in play will remain the current 2014 edition - with some challenges around handling both "flavors" of certified products co-existing.

    I don't know if there's anything as significant as the co-existence of C-CDA 1.1. and 2.0, that's the area I'm most focused on right now and it's definitely going to be challenging having to caveat a lot of stuff (like the knowledge base I am currently working on at to handle the differences and guide to what you are supposed to do in each case... especially since C-CDA receivers will have to fully handle both flavor in parallel. Arguably that's not so different from what happened in the change-over from HITSP C32 CCD to C-CDA MU2.

    Still, this is a new wrinkle in the MU process, and I suspect we'll probably only full understand its implications in hind-sight...

  3. A final note on Blue Button +: Since it wasn't mentioned as a possibility in the rule, it's likely not a possibility based on feedback from Steve Posnack at HIMSS.