ONC-ACB Surveillance

ONC-Authorized Certification Bodies (ONC-ACBs) are required to conduct ongoing surveillance activities to assess whether certified health IT not only meets the requirements of certification in a controlled testing environment, but also continues to do so when implemented and used in a production environment ("in-the-field"). Similarly, ONC-ACBs must conduct surveillance to assess whether Certified Health IT Developers  comply with other requirements (e.g., mandatory disclosure of all known material types of costs, proper use of the ONC Certified Health IT Certification and Design Mark) under the Certification Program. ONC-ACBs must develop annual surveillance plans in accordance with ONC-issued guidance outlining their approach to meeting the Certification Program’s requirements for surveillance.

  • Reactive Surveillance: An ONC-ACB must initiate reactive surveillance—including, as necessary, in-the-field surveillance—of a Certified Health IT Module whenever it becomes aware of facts or circumstances that would cause a reasonable person to question the conformity to the requirements of its certification.
  • Randomized Surveillance: ONC-ACBs are also permitted, at their discretion, to conduct randomized surveillance of certified health IT.

Note that a complaint does not always trigger surveillance activities. ONC-ACBs are required to receive, log, and assess complaints for validity and to determine whether there is cause to investigate.

When an ONC-ACB determines a Certified Health IT Module does not meet a requirement of its certification, the product is considered “non-conforming,” and the ONC-ACB must notify the Certified Health IT Developer of the finding. The developer must then work with the ONC-ACB to develop a corrective action plan (CAP) to resolve the identified deficiency(ies) that led to the finding(s) of non-conformity and bring the product back into compliance. CAPs must contain certain required elements, including:

  • A description of the non-conformity(ies) and related deficiency(ies);
  • How widespread the problem may be across the developer’s other customers and users;
  • How the developer will address the problem for all potentially affected customers and users;
  • How the developer will ensure that all potentially affected customers and users are alerted and that their issues are resolved;
  • The timeframe in which all corrective action must be completed; and
  • An attestation by the developer that it has completed all elements of the approved CAP.

If the non-conformities are not resolved in accordance with the CAP, an ONC-ACB will follow its procedures to suspend and/or withdraw the certification of the Certified Health IT Module.

ONC Surveillance Guidance

ONC periodically issues guidance for ONC-ACBs outlining priority topics and specific elements of surveillance that should be included in ONC-ACB surveillance plans. The following guidance is available: