ONC's authority needs to be clarified

Just how much power does the Office of the National Coordinator for Health IT have, and over what? Its clout seems to be ambiguous, at best.

For instance, ONC recently announced that it has created a new tool to enable people to report complaints about their EHRs directly to the agency. The new complaint form is intended to streamline and centralize customer service.

"The new complaint tool will help us ensure your complaint or concern finds its way to the appropriate person at ONC or elsewhere in the federal government," Deputy National Coordinator Jon White said in a post. The issues the agency expects to hear about include EHRs and patient safety, interoperability, usability, certification capabilities that aren't performing as expected and information blocking.

It's a great idea for people to have a government forum to air complaints. But how much help will this resource provide? Yes, ONC says that it will review every complaint, but readily admits that it may not be able to resolve problems. In those situations, ONC suggests that it may help "open a dialogue" with the vendor or ask Congress to help. Great.

Most agencies appear to have some enforcement clout. Look at the Department of Health and Human Services Office for Civil Rights and HIPAA complaints, or the Federal Trade Commission. In comparison, what can ONC really do? What sticks can it wield?    

And how much does it really want to get into the fray? One of Its attempts to help providers was to issue guidance explaining contract terms in vendor contracts. Nice, but not exactly policing vendor behavior.

And speaking of vendor behavior, there's the issue of vendor gag clauses, a recurring problem most recently revisited by Politico, which reviewed 11 contracts between vendors and hospitals or health systems and found all but one containing such a provision. The offenders included Siemens (now Cerner), Allscripts, Epic, eClinicalWorks and Meditech.

But the article points out that while ONC says it opposes gag clauses, the agency can't police them since it doesn't have investigatory or police powers. Instead, ONC hopes to "go around" gag clauses by requiring more transparency, according to Politico.

I'm not sure that such a strategy would be effective. The truth is that currently, the clauses are lawful, even though they're problematic.

And, of course, there's the irony of gag clauses vs. ONC's new complaint tool. While the tool sounds nice in theory, if a provider files a complaint against its EHR vendor, and ONC steps in to help "open a dialogue," ONC has put the vendor on notice that the provider has violated the gag clause and hence violated their contract.

Wouldn't that have a chilling effect on complaining?

And take a look at the recent decertification of two SkyCare EHR products.

Here, we know that ONC has the authority to decertify noncompliant EHRs. But it's only used this authority on one other occasion, and so far only in very egregious cases against small products. ONC may use this tool more in the future, especially since there's evidence that more certified vendors don't deserve certification and Congress has asked ONC to step up its oversight.     

But how much of its resources can it expend to enforce the certification requirements when it has its other duties? What should its priorities be? And if it decertifies a lot of products, does that help or hurt the Meaningful Use program as a whole?

A large part of the problem is that stakeholders may not have a real understanding of what ONC can and cannot do. What power does it have? Is ONC being asked to do more than it can handle? Is ONC exerting more authority than it has? Are people asking it to use authority it doesn't possess?

And if ONC doesn't have sufficient policing power, who's guarding the hen house?

I'm not advocating that ONC have more authority or less, or telling ONC where and how to use it. But we do need to know what it is. - Marla (@MarlaHirsch and @FierceHealthIT)