Who is responsible for health IT certification: CCHIT or The Joint Commission?

The Joint Commission and CCHIT oversee health IT certification now, but the HITECH Act set the stage for some big changes. This FAQ looks at what’s happened -- and what’s next.

Two organizations currently have a hand in health IT certification. The Certification Commission for Healthcare Information Technology, or CCHIT, looks at the software itself, while The Joint Commission examines health IT in the larger context of providing quality health care.

However, the Health Information Technology for Economic and Clinical Health Act, or HITECH Act, part of the stimulus bill passed last year, has made significant changes to the health IT certification process. Once these changes become final, it is possible that several organizations will be recognized as official certification bodies.


What is the Joint Commission?

The Joint Commission is a private, nonprofit organization that provides accreditation for hospitals and other health care facilities, as well as certification for disease-specific care programs. Based in Oakbrook Terrace, Ill., the commission is the oldest health care accreditation and certification body in the United States and is recognized for setting standards for quality and safety. Its health care accreditation program involves an on-site survey conducted by a commission team at least once every three years. Most states require accreditation by The Joint Commission as a prerequisite for licensing and Medicaid reimbursement.

The Joint Commission was founded in 1951 as a collaborative effort of the American College of Surgeons, American College of Physicians, American Hospital Association, American Medical Association and Canadian Medical Association. Originally called the Joint Commission on Accreditation of Hospitals, it was renamed the Joint Commission on Accreditation of Healthcare Organizations in 1987. The name was shortened to The Joint Commission in 2007.

Early on, Congress gave the commission the authority to determine whether a hospital met the conditions required for Medicare reimbursement, but in 2008 it decided to eliminate that automatic authority. After July 15, 2010, The Joint Commission’s health care accreditation program will have to meet requirements set forth by the Centers for Medicare & Medicaid Services or CMS.

Table of Contents

What is CCHIT?

CCHIT is a nonprofit organization whose mission is to accelerate the adoption of health IT, particularly electronic health record (EHR) technology. It was founded in 2004 by the American Health Information Management Association, or AHIMA; the Healthcare Information and Management Systems Society, or HIMSS; and the National Alliance for Health Information Technology, or NAHIT, which was disbanded in 2009.

CCHIT, which has been involved with health IT standards for several years,, is currently issuing comprehensive CCHIT certification for 2011.

Table of Contents

How are the two health care accreditation bodies different?

Although both CCHIT and The Joint Commission are central to health IT certification, they have different missions. The Joint Commission’s certification efforts focus on the quality and safety of an organization’s health care delivery, with IT being just one component of that delivery. Its evaluation of EHR or other health IT systems concentrates on how the technology is used within the broad scope of administering care. In contrast, CCHIT looks solely at health IT certification and whether a technology meets requirements for health-related data.

Table of Contents

What are the two accreditation bodies' enforcement powers?

The Joint Commission’s accreditation and certification programs are voluntary, and the organization has no concrete power to enforce its health care standards. However, many states require hospitals to achieve Joint Commission accreditation to be eligible for licensing and Medicare reimbursement.

Similarly, CCHIT certification is voluntary. However, under the HITECH Act -- which is a component of the American Recovery and Reinvestment Act (ARRA) of 2009 -- hospitals and health care professionals who want to receive incentive payments under the Medicare or Medicaid programs and avoid financial penalties down the road are required to become meaningful users of certified EHR technology.

Table of Contents

How might the role of CCHIT change?

With EHR interoperability a top priority, a 2005 U.S. Department of Health & Human Services contract entrused CCHIT with establishing health IT certification criteria to help promote standards-based products. The following year, the Office of the National Coordinator for Health Information Technology (ONC) issued a Certification Guidance Document, which outlined the factors the government would consider in recognizing health IT certification bodies and explained the process for applying to become one. So far, only CCHIT has been deemed a “recognized health IT certification body” under this guidance document.

Recent health care policy initiatives, however, are driving some changes in the certification environment. Under the HITECH Act, the federal government is pursing two main health IT goals: making EHR data interoperable by establishing standards, and developing a national network for providers to share electronic data. The HITECH Act also made clear that the ONC planned to open the health IT certification process and would draft a formal rule through which CCHIT and other interested parties could apply to become recognized certifying bodies.

The ONC issued proposed health IT certification guidelines in March 2010. Once final rules covering the process of becoming a recognized certification body are released, CCHIT and any other organization that has been recognized under the guidance document will have to reapply. Who is responsible for health IT certification: CCHIT or The Joint Commission? CCHIT is certifying EHR systems in accordance withARRA;  furthermore, CCHIT is moving forward with its health IT certification programs as though it will be one of the EHR certification bodies recognized by the government.

Table of Contents

Who will have the final say about EHR and health IT certification?

The ONC has proposed two separate programs for EHR certification -- a temporary program and a permanent one. Per the HITECH Act, the ONC must consult with the director of the National Institute of Standards for Technology in recognizing the certification programs, because NIST standards will be incorporated into the health IT certification process.

Under the proposed temporary program, the ONC would serve in an accreditation capacity, authorizing the organizations that want to become EHR certification bodies. These organizations would have to perform both testing and certification, with the testing conducted at accredited test labs. Eventually the temporary certification program would be replaced by a permanent one.

Under the proposed permanent program, meanwhile, the responsibilities for testing and certification would be separated. The ONC would approve a private sector accrediting body, and interested organizations would have to meet accreditation requirements. The ONC plans to use NIST’s National Voluntary Laboratory Accreditation Program, or NVLAP, for accrediting test labs. Authorized certification bodies would face requirements related to the surveillance of certified EHR technology, and they potentially would be permitted to certify other kinds of health IT in addition to EHR systems.

The ONC is encouraging organizations proficient with “internationally recognized standardized certification and testing standards and methods” to apply for the certification programs. As stated, under a previous, less formal process, CCHIT was deemed a “recognized health IT certification body”; under the formal program being proposed, it eventually will have to reapply for authorization.

A number of other organizations have expressed interest in applying. One is Drummond Group Inc., a testing laboratory for the health care, pharmaceutical, automotive, energy, financial services, petroleum, retail and other industries. Founded in 1999 by Rik Drummond and based in Austin, Texas, Drummond Group is known for its interoperability testing; but it also conducts conformance tests, Web services tests and custom software tests; and does auditing and software certification.

A final rule for the temporary certification program is expected in the spring. A final rule for the permanent program is expected in early fall.

Table of Contents

Let us know what you think about this FAQ; email [email protected].

Dig Deeper on Electronic health record system (EHR) certification