HHS picks three for health IT effort

The Department of Health and Human Services announced the award of three contracts for reducing privacy, security and interoperability barriers that have hindered the widespread use of health information technology.

All three contractors are nonprofit organizations. “These partners…are not the traditional kinds of federal contractors,” said Dr. David Brailer, the national health IT coordinator whose office issued the contracts. “We’re not procuring a result from them” but rather a process, he said.

The largest of the three contracts, worth $11.5 million, went to Research Triangle Institute International, based in Durham, N.C. The organization will gather state officials to harmonize health information privacy and security rules across state lines. The institute will work with the National Governors Association and privacy experts to smooth out variations in privacy laws.

The American National Standards Institute (ANSI), the United States’ umbrella standards organization, won a $3.3 million contract to convene a health IT standards panel that would figure out how to select a set of standards for electronic health records (EHRs). The standards must ensure that authorized individuals and organizations can exchange them among one another.

The Certification Commission for Health IT (CCHIT), a private organization, will get $2.7 million to continue developing criteria and processes for certifying EHRs’ functionality, security and interoperability. The purpose is to increase buyers’ confidence that health IT products will work the way the vendor says they will.

“I think the real legitimacy of all these organizations is not just the federal tap,” Brailer said. Each of them will establish public/private partnerships, he said.

HHS will announce the winners of the fourth health IT procurement, for National Health Information Network architectures and prototypes, by early November, Brailer said.

By year’s end, CCHIT will release initial criteria for certifying EHRs for use in outpatient health care, and it will begin testing the criteria early next year, Brailer said. By summer, some products could carry a certification sticker.

Today, customers “can’t really tell what they’re buying,” said Dr. Mark Leavitt, chairman of CCHIT. “They are not sure, and they are not confident.”

Only certified products will be eligible for donation by hospitals or other organizations to physicians, in accordance with the proposal HHS officials announced yesterday to create exceptions to Stark and anti-kickback rules.

As for the ANSI-led standards harmonization effort, “we have asked them to find what [existing standards] they can and pull them together quickly,” Brailer said. The organization will also encourage leaders of the medical and standards communities to talk to one another about how to best resolve the standards issues that arise in health IT implementation.

The privacy and security contract is the most ambitious. “We want the states to take a very serious look at” the problems that arise when they enact different health information privacy laws, Brailer said, adding that “we want the states to really lead this effort.”

The contractor is expected to involve officials from at least 40 states, HHS officials said.

Each of the contracts depends on the others to some extent. For example, CCHIT will develop certification criteria for health IT networks only after the best architectures emerge from the forthcoming prototypes and demonstrations sponsored by Brailer’s office.