Upgrading the Certified Health IT Product List: Understanding Corrective Action Information
Karson Mahler, J.D. and Alicia Morton, DNP, RN-BC | May 24, 2016
Earlier this year, we completed an extensive upgrade to the Certified Health IT Product List (CHPL) to support 2015 Edition certification as well as several other ongoing initiatives. Now, CHPL visitors can see surveillance results for health IT products and developers that have been found at any time not to comply with any requirements of the ONC Health IT Certification Program. This additional transparency—which is required for 2014 Edition and 2015 Edition products—will help potential health IT purchasers assess how products perform in real-world settings and will alert existing customers and users to potential issues, and plans to resolve them.
What does Surveillance Include?
ONC Authorized Certification Bodies (ONC-ACB) must perform surveillance of health IT products they have certified. The purpose of surveillance is to ensure that certified products and capabilities meet certification requirements, not just in a controlled testing environment, but also when they are used “in the field” (for example, in a clinician’s office or a hospital). Surveillance takes place on both a “randomized” schedule and in response to specific complaints.
Corrective Action Plans for Non-conforming Products
When an ONC-ACB determines that a product does not comply with certification requirements, the product is considered non-conforming. Developers must work with their ONC-ACB on an appropriate corrective action plan to cure the identified non-conformity or deficiency and bring the product back into compliance. All corrective action plans must include certain required elements, including:
- A description of the non-conformities or deficiencies;
- How widespread the problem may be across the developer’s other customers and users;
- How the developer will address the problem for all potentially affected customers and users;
- How the developer will ensure that all potentially affected customers and users are alerted and that their issues are resolved; and
- The timeframe in which all corrective action will be completed.
Under ONC’s 2015 Edition Certification Rule, corrective action plans will be posted on the CHPL weekly. Because many non-conformities or deficiencies are resolved quickly by the developer, the CHPL also will reflect updated information—including the date and a description of how the non-conformity or deficiency was resolved. If the non-conformities or deficiencies are not resolved in accordance with the corrective action plan, an ONC-ACB will follow its procedures to suspend or terminate the product’s certification.
Understanding Corrective Action Information
Visitors to the CHPL should exercise care and consider relevant factors as they evaluate the certified health IT products that have (or have not) been placed under corrective action. A few points to consider:
- Non-conformities can take many forms and differ in their extent and severity. It is important to keep in mind that just because a product has been found non-conforming does not automatically indicate that a product is “defective.”
- Even when a non-conformity or deficiency has been identified, a developer’s proposed corrective action plans, and its efforts to remedy problems and notify affected customers and users, can demonstrate commitment to the quality of technology, the user experience and patient safety. Remember, many non-conformities or deficiencies are resolved quickly.
- The fact that a product has no listed non-conformities does not mean that it is free of non-conformities or other deficiencies. For example, the product may not have been surveilled recently or it may be undergoing surveillance for which a final disposition is still pending. Remember that randomized surveillance is performed on only a subset of products each year. For these reasons, it is important to immediately report any potential issues that may warrant surveillance and to check the CHPL regularly for the latest information about a product’s performance.
Surveillance of certified products and the corrective action plan process is central to ONC’s Health IT Certification Program, as it provides vital transparency and accountability about certified products and capabilities and the certification process itself. We encourage stakeholders to make use of this information as they evaluate and compare products and monitor issues affecting their certified health IT. And we hope this information further motivates developers to continually improve their health products.
Users of certified health IT products should report any concerns they may have about the performance or certification of their product to the appropriate ONC-ACB or the ONC health IT complaint form.
 45 CFR § 170.556(d)(3).