[I hope you don't mind if I copy this to Hardhats. I think it is a
topic of interest to both communities.]
I have mixed feelings here. It seems completely reasonable to want to
have an accreditation/certification process for health information
systems (though the jurisdiction issue is certainly a tricky one), but
I believe you are right that the current model is problematic for open
source software. The issue is controversial, but it doesn't seem right
that open source software should essentially receive a "by" in this
area. After all, such systems are used for the same types of safety
critical applications as proprietary software. Sure, there is community
review, but is tht really enough?
What seems logical for is for some organization (perhaps OSHCA, but
more likely an independent entity) to establish criteria for certifying
open source systems. How would it all be funded? Good question. I don't
think I really have any good answers, but one possibility is that
vendors that support open source product suites would pay for
accreditation (albeit using a different model and/or provcing
criteria). Another possibility is to formalize the review process and
make all relevant artifacts publicly available. The problem here, of
course, is that there is no real incentive for an official agency to
review (or audit) that process and provide accreditation for the
software.
Tough one.
===
Gregory Woodhouse <[EMAIL PROTECTED]>
"It is foolish to answer a question that
you do not understand."
--G. Polya ("How to Solve It")
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/openhealth/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
