Dive Brief:
- Regulators should slow down their plans to remove or revise dozens of health IT certification criteria, including requirements on transparency in artificial intelligence tools, provider groups wrote in comments on a proposed rule.
- The Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology, which released the proposal in December, said the rule would cut regulatory red tape, remove redundant requirements and lower costs for IT developers.
- While provider groups said they appreciate the move to limit regulatory burden, they argued removing some criteria — like “model cards” for AI tools — would add challenges for clinicians. “Eliminating those requirements would weaken trust in clinical AI at the very moment its use is accelerating,” Dr. John Whyte, CEO of the American Medical Association, wrote in a comment Friday.
Dive Insight:
The Health IT Certification Program outlines standards and functionality for health IT. The program is voluntary, but certified tools are encouraged or required in order to participate in some federal and state programs.
The ASTP is currently looking to overhaul the program’s certification criteria, as part of a move by the Trump administration to cut back on regulations to spur economic growth. The proposed rule would remove 34 criteria, revise seven and leave 19 with no changes, according to the ASTP.
The agency estimates the rule would save $1.53 billion, including $650 million over the next five years for IT developers, providers and other stakeholders, Kate Tipping, deputy director of the regulatory and policy affairs division at ASTP, said during a meeting of the Health Information Technology Advisory Committee, which advises regulators on health IT policies, last month.
The proposal would remove criteria that developers of clinical decision support tools must detail information like how their products are maintained and monitored, as well as known risks and inappropriate uses.
Officials say the “model card” requirements for AI tools, finalized by the Biden administration, are creating significant burdens for developers without definitive evidence that the regulation would have the benefits it initially estimated.
Additionally, the requirements are only adding regulatory challenges to certified developers, while those who didn’t participate in the program aren’t encumbered by the criteria, Michael Lipinski, director of the regulatory and policy affairs division at ASTP, said at the HITAC meeting.
But removing a host of certification criteria could shift compliance responsibilities to medical groups, said Anders Gilberg, senior vice president of government affairs of Medical Group Management Association. For example, the changes could increase product variability, especially with new market entrants.
Revising AI transparency requirements could be a particular challenge for providers, the groups said. The requirements are “the only enforceable transparency baseline for AI that are embedded in physician workflows,” the AMA’s Whyte wrote.
Without them, providers will have less information on how AI tools are designed, tested and should be used — critical to fostering trust and ensuring patient safety, Ashley Thompson, senior vice president of public policy analysis and development at the American Hospital Association, said in a Friday comment.
Another area of concern for provider groups is the ASTP’s proposal to remove privacy and security certification criteria. The regulator argued the costs and burdens from these requirements outweighs their benefits, in part because using certified IT doesn’t necessarily mean organizations are fully complying with HIPAA security and privacy rule requirements.
However, the healthcare sector still faces frequent cyberattacks and data breaches, so removing the criteria could pose significant risk to the industry, Thompson wrote. Plus, cutting the criteria could move costs onto providers.
“Developers may impose additional fees for these features since they would be considered ‘add-on’ services,” she wrote. “Instead of saving costs and reducing burden, the costs and burden would shift to end users.”
