Having too many compliance professionals on payroll is not a common problem for Health IT companies these days. It seems the opposite is often true – as many organizations struggle to justify even one full-time professional dedicated to their compliance and certification needs. Yet they must ensure compliance and keep up with evolving changes from the Office of National Coordinator (ONC) and Centers for Medicare & Medicaid Services (CMS). Compliance and rule changes deeply impact product roadmaps, development activities, and customer experience. When it comes to staying ahead of required mandates the choice can be difficult—should you attempt to build and maintain this expertise in-house, or engage specialized expert consultants?
Outside expertise is increasingly the winning choice. A recent study by Vantage Market Research shows demand for healthcare IT outsourcing continues to rise. The research shows global demand will reach $96 M by 2028. Organizations who look externally for this compliance expertise find that benefits fall predominantly into these areas:
- Specialized Expertise, with access to deep and broad healthcare compliance knowledge and insights from a team of experts.
- Improved Collaboration, supported by refined compliance processes that are developed from years of working in the field.
Keeping Up with Certified Health IT
Even when organizations have internal resources dedicated to ensuring they stay current with regulation requirements, they run the risk of losing vital institutional knowledge should their employees leave or change roles. Replacing valued and experienced staff can be difficult and time-consuming. For many, there simply is no Human Resource (HR) budget to employ the full-time dedicated team, or individual, needed to guide the organization on current or future compliance requirements—putting them at risk of falling behind.
In 2023 alone, ONC requirements can include a dozen or more activities and deadlines for certified Health IT providers, including significant development, testing and reporting responsibilities that may apply to multiple product versions. New proposed rulemaking and evolving guidance can add further planning requirements. When compliance resources are limited, and the entire organization is impacted by compliance requirements (e.g., product development, product support, sales and marketing), external health IT compliance specialists can bring cost-effective knowledge that streamlines work efforts and helps organizations meet deadlines.
ONC certification and compliance require an understanding of often highly complex mandates coupled with fast-approaching deadlines unique to the EHR industry. The scope of ONC compliance ranges from maintenance of certification requirements such as attestations and standards adoption to detailed development and testing requirements.
These complex requirements extend to the development process. Typically, development teams are not compliance experts skilled in interpretation of regulatory requirements, nor in understanding how related issues will impact their product roadmaps or release schedules. Translating regulatory requirements into development plans can be challenging, often requiring hands-on engagement between compliance experts and developer teams, down to the level of collaborative and iterative testing that combines compliance requirements with all the other QA elements necessary to assure a good product release.
To meet this challenge, many organizations augment their teams with specialized expertise in ONC compliance and certifications so their organization can efficiently and successfully plan and develop compliant capabilities.
Successful compliance efforts require cross-organization collaboration—and many teams have a stake, with differing responsibilities. The left hand must know what the right hand is working on—everyone from product management, development and testing to customer support as well as sales and marketing need to be plugged in. Compliance mandates affect them in different ways:
- Product Management – Compliance has a direct impact on development and product roadmaps.
- Quality Assurance – Developing to compliance requirements in addition to client needs can alter, increase and complicate testing requirements.
- Product Development – Evolving requirements and options [new interoperability requirements or adoption of the Standards Version Advancement Process (SVAP), for instance] impact development plans and can cause delays and reprioritization when not planned effectively.
- Executives – Attestations require executive-level sponsorship and signatories who must have confidence that developed solutions are fully compliant.
- Customer Support – Certified capabilities must ultimately be implemented by healthcare providers for them to receive the benefits associated with this functionality—improvements for their patients and incentive payments from CMS. Effective documentation and support are essential, especially where certified capabilities drive new processes, workflows and policies like those surrounding EHI data export.
- Sales and Marketing – Certification is often seen as a differentiator, the sales and marketing teams can utilize to retain existing and attract new customers. Sometimes it is simply table stakes, a minimum requirement of doing business especially when their customers get incentives for using certified products. In either case, the availability of certified EHR capabilities affects customer buying decisions.
When multiple internal groups are impacted by compliance, you need people and processes to ensure an efficient collaborative approach. Without it, your teams may face project delays and challenging customer interactions.
Compliance Is a Moving Target.
Partner with Drummond to meet ONC Health IT Compliance
Maintaining certified platforms is a year-round compliance initiative that requires attestations, testing, and ongoing monitoring of industry regulatory changes and updates. The compliance experts at Drummond are ready to help you and your organization benefit from:
- Immediate access to healthcare compliance experts
- Improved cross-team collaboration supported by an objective external advisor
- Reduced risks while meeting compliance and business objectives.
With more than a decade of expertise in Health IT Compliance, the Drummond Advisory Services team of experts works closely with our customers—we dive deep into the compliance requirements that impact your products and solutions and make recommendations that fit your needs.
Our team is ready to help you understand ONC Compliance requirements by providing the consultation and support your organization needs so you can focus on the business objectives. We have proven methodologies to ensure certification and compliance requirements are met in 2023. Speak with a member of the Drummond Advisory Services team and learn how we can help you improve and accelerate your compliance processes.
The opinions, statements, and services offered by Drummond Advisory Services are separate and distinct from the Drummond Group Test Lab and Certification Body. The purpose of Drummond Advisory Services is to provide expert support and guidance for planning, analysis, and execution of certification activities, but does not negate the steps or required actions of the certification process. Use of Drummond Advisory Services will not make ONC Health IT certification by Drummond Group simpler, easier, faster or less expensive.