ONC-ACBs are required to conduct ongoing surveillance activities to assess whether certified health IT not only meets the requirements of certification in a controlled testing environment, but also continues to do so when implemented and used in a production environment ("in-the-field"). Similarly, ONC-ACBs must conduct surveillance to assess whether developers of certified health IT comply with other requirements (e.g., mandatory disclosure of all known material types of costs, proper use of the ONC Certified Health IT Certification and Design Mark) under the Program. ONC-ACBs must develop surveillance plans in accordance with ONC-issued guidance outlining their approach to meeting the Program’s requirements for surveillance.
- Reactive Surveillance: An ONC-ACB must initiate reactive surveillance—including, as necessary, in-the-field surveillance—of a certified Complete EHR or Health IT Module whenever it becomes aware of facts or circumstances that would cause a reasonable person to question the conformity to the requirements of its certification.
- Randomized Surveillance: ONC-ACBs are also permitted, at their discretion, to conduct randomized surveillance of certified health IT.
Note that a complaint does not always trigger surveillance activities. ONC-ACBs are required to receive, log, and assess complaints for validity and to determine whether there is cause to investigate.
When an ONC-ACB determines a Complete EHR or Health IT Module does not meet a requirement of its certification, the product is considered “non-conforming,” and the ONC-ACB must notify the health IT developer of the finding. The health IT developer must then work with the ONC-ACB to develop a corrective action plan (CAP) to resolve the identified deficiency(ies) that led to the finding(s) of non-conformity and bring the product back into compliance. CAPs must contain certain required elements, including:
- A description of the non-conformity(ies) and related deficiency(ies);
- How widespread the problem may be across the health IT developer’s other customers and users;
- How the health IT developer will address the problem for all potentially affected customers and users;
- How the health IT developer will ensure that all potentially affected customers and users are alerted and that their issues are resolved;
- The timeframe in which all corrective action must be completed; and
- An attestation by the health IT developer that it has completed all elements of the approved CAP.
If the non-conformities are not resolved in accordance with the CAP, an ONC-ACB will follow its procedures to suspend and/or withdraw the certification of the Complete EHR or Health IT Module.
ONC periodically issues guidance for ONC-ACBs outlining priority topics and specific elements of surveillance that should be included in ONC-ACBs’ surveillance plans:
- ONC HIT Certification Program; Program Policy Resource #18-03 – ONC-ACB Surveillance Resource – October 5, 2018
- ONC HIT Certification Program; Program Policy Guidance #15-01a – ONC-ACB Surveillance Guidance Regulatory Guidance - November 5, 2015
- ONC HIT Certification Program; Program Policy Guidance #14-01 – ONC-ACB Surveillance Guidance Regulatory Guidance – July 31, 2014
- ONC HIT Certification Program; Program Policy Guidance #13-01 – ONC-ACB Surveillance Guidance Regulatory Guidance – July 2, 2013
 As of September 21, 2017, ONC is exercising enforcement discretion with regard to the regulatory requirement at 45 CFR 170.556(c)(2) that ONC-ACBs conduct randomized in-the-field surveillance for, at a minimum, two percent of the health IT certifications they have issued. ONC will not, until further notice, audit ONC-ACBs for compliance with randomized surveillance requirements or otherwise take administrative or other action to enforce such requirements against ONC-ACBs, nor will it consider lack of implementation of these requirements by an ONC-ACB to be a violation of its Program compliance requirements under 45 CFR 170.523, the Principles of Proper Conduct for ONC-ACBs, or good standing under 45 CFR 170.560.