ONC: Ancillary EHR Vendors Should Get MU-Certified

The Office of the National Coordinator for Health Information Technology has issued electronic health records certification guidance for EHR vendors serving providers ineligible for the meaningful use program and encourages certification of some MU criteria.


The Office of the National Coordinator for Health Information Technology has issued electronic health records certification guidance for EHR vendors serving providers ineligible for the meaningful use program and encourages certification of some MU criteria.

The goal is to aid vendors as they work with non-eligible providers to achieve interoperability by walking through a subset of EHR certification criteria for electronic data exchange under the 2014 Edition of meaningful use. This is important because accountable care organizations and other efforts to better coordinate care rely on appropriate information exchange among a variety of providers who may or may not be EHR meaningful users. “While these certification criteria were specifically adopted to support health care providers seeking to achieve meaningful use, we believe that they are generally applicable to many health care settings,” according to the guidance.

Consequently, ONC strongly advises vendors serving ineligible providers to seek certification to meaningful use criteria that support health information exchange. This includes transitions of care, clinical information reconciliation, clinical decision support, patient-specific education resources, electronic prescribing, incorporating and transmitting laboratory tests, values and results; data portability, clinical quality measures, consumer view/download/transmit of their data, clinical summaries, and transmission to immunization registries, public health agencies, and cancer registries.

ONC further encourages technology vendors serving providers not eligible for the meaningful use program to become certified with 2014 Edition privacy and security criteria. This includes meeting specific functionality to support authentication, access control and authorization; auditable events and tamper-resistance, audit reports, amendments, automatic log-off, emergency access, end-user device encryption, integrity and accounting of disclosures.

The guidance is available here.