FHIR Compliance and ONC Certification Updates

Blog
Written By Nebojsa Lazic

In today’s rapidly advancing healthcare landscape, achieving interoperability and seamless data exchange is crucial. FHIR has emerged as a powerful standard for healthcare data exchange. FHIR testing plays a pivotal role in ensuring compliance with this standard. By conducting thorough FHIR tests, medical organizations can demonstrate their adherence to interoperability requirements, earning them the prestigious ONC certification. But what does FHIR compliance mean in a practical sense?

 

What Is FHIR Compliance?

FHIR compliance refers to the adherence of healthcare systems, applications, and organizations to the standards and guidelines outlined by the Fast Healthcare Interoperability Resources (FHIR) standard. Achieving compliance ensures that data can be exchanged, shared, and interpreted accurately and securely across different healthcare systems. It involves implementing the necessary technical specifications, data structures, and protocols that align with FHIR’s interoperability framework.

Key Features of the FHIR Standard

FHIR features exist to facilitate interoperability and health data exchange among disparate healthcare systems. Some of the key features are:

FHIR Resources

With FHIR healthcare data is represented as discrete resources. These resources include patient information, medications, observations, etc. Each resource has a standardized structure and defined attributes, making it easier to exchange health data.

RESTful API

FHIR protocol leverages a RESTful API, enabling seamless and web-based data exchange. This API allows developers to access, search, and manipulate FHIR resources using standard HTTP operations, such as GET, POST, PUT, and DELETE.

Interoperability Paradigms

FHIR supports various interoperability paradigms, allowing for the integration of FHIR with existing healthcare systems, including electronic health records (EHRs), clinical decision support systems, and health information exchanges (HIEs).

Modularity

FHIR protocol is designed with a modular approach, allowing for incremental implementation and adoption. It offers a vast range of resources and data elements that can be selectively implemented based on the specific needs of healthcare organizations.

Security and Privacy

FHIR incorporates robust security and privacy features, including authentication, authorization, encryption, and consent management. These measures help safeguard patient data and ensure compliance with privacy regulations, such as HIPAA.

Why Is FHIR compliance important?

Compliance with the FHIR standard ensures seamless communication between disparate healthcare providers. It means better quality of care and faster healthcare data exchange, resulting in improved clinical outcomes. Outside of the obvious patient-centered benefits, compliance with the FHIR interoperability standard is a regulatory requirement in some regions.

Recently the Office of the National Coordinator for Health Information Technology (ONC) and the Department of Health and Human Services (HHS) proposed a rule which would “implement the Electronic Health Record (EHR) Reporting Program provision of the 21st Century Cures Act by establishing new Conditions and Maintenance of Certification requirements for health information technology (health IT) developers under the ONC Health IT Certification Program (Program).”

The rule would establish a Single Set of Certification Criteria for Health IT, as opposed to having different editions. Additionally, the following rule would:

  • Emphasize broader adoption of Standardized APIs

  • Propose that Health IT developers compile documentation regarding their intervention risk management practices

  • Introduce provisions related to the Insights Condition and Maintenance of Certification

  • Require Health IT developers to update their existing EHR software

  • Support Information Sharing under the information-blocking regulations

FHIR Compliance Statistics

The Department of Health and Human Services conducted an analysis in which they assessed the current compliance of the software available on the market and the fines related to noncompliance with the updated rules and regulations. Based on their assessment, certified API products that did not support FHIR and must do so to meet regulatory requirements may face up to $1.9 million in development and other labor and maintenance costs to develop this technology for the first time.

Still, having an FHIR protocol is necessary, especially if we look at the following statistics:

  1. The number of health IT developers certifying products decreased by 22.1% between the 2011 and 2014 editions of EHR certification criteria.

  2. The number of products also decreased by 23.2%.

  3. Between the 2014 and 2015 editions, the number of developers decreased by 38.3%.

  4. The number of products also decreased by 33.9%.

  5. 60% of certified API developers did not support FHIR as part of their certified API technology.

  6. 414 health IT developers certified 569 products with active certificates for the 2015 Edition or 2015 Edition Cures Update at the end of 2021.

  7. This is a 15% decrease in the number of health IT developers and a 20% decrease in 2015 Edition certified products, overall.

  8. 368 health IT developers will certify 502 health IT products impacted by this HHS proposal. However, only some of these developers and products certify USCDI applicable criteria and need to meet the USCDI update requirements.

Benefits of FHIR Compliance and Electronic Case Reporting (eCR)

The primary benefit of adopting standards-based requirements for the eCR certification criterion is to improve consistency and promote interoperability over time. eCR aims to support effective healthcare data interoperability, which ensures that electronic health information is shared appropriately between healthcare organizations and public health agencies (PHAs) in the right format, through the right channel at the right time.

Aside from the improvement of data-sharing and healthcare interoperability, implementation of a centralized eCR approach would also provide “$2.5 million in increased efficiency per jurisdiction over 15 years” compared to manual reporting and “$310,000 of net benefits over 15 years” compared to localized eCR solutions.

This solution would therefore offer “automatic, complete, accurate data reported in real-time (faster and more complete than manual entry) facilitates evidence-based decision-making for public health.”

Updated FHIR compliance would also directly benefit the public health response efforts in the following ways:

  • Improve public health efficiency for evaluation and follow-up by providing PHAs with higher-quality patient and clinical data promptly.

  • Reduce the reporting burden for health care providers without disrupting clinical workflow.

  • Fulfill legal reporting requirements as well as CMS PI Program requirements for eCR, meaning benefits to public health would not come at an additional cost to health care providers who are already required to report.

  • FHIR compliance streamlines reporting to multiple jurisdictions.

 
Nebojsa Lazic
Previous

Telehealth and Medication Adherence
Next

Hospital Information System: Challenges and Benefits