You are right we should not receive a "by" we do need to make concrete
suggestions as to how the same organization can accomplish open source

Here are the suggestions from


   1. Markedly decrease your up-front fees and eliminate the percent
   royalties provisions. In most other certification arenas, the cost is
   usually ranges from about $150-$300 (Verisign-like certificates) to slightly
   over $1000 (Board certification for physicians). The government should pick
   up any shortfall in revenue since they stand to gain through future Medicare
   cost savings.
   2. Eliminate the "all or nothing" certification process. Consider a
   tiered certification process, s.a. "Gold", "Silver" and "Bronze".
   Alternatively, EMRs can be certified as having certain listed features,
   s.a. "150/328" features, allowing the buyer to know exactly what they
   are purchasing. EMRs should be verified that the EMR pricing is truthfully
   represented, eliminating the element of surprise in delivery of purchased
   goods and services.
   3. The certification features should be pared down to a dozen of the
   most important features, especially those features that deal with
   interoperability and the making of the CCR universal. All other
   features would be suggested, but optional.
   4. Self-testing should be reassessed. The EMR products should be
   independently tested for the items that are advertised. Consideration
   should be made for running speed and reliability. Does the software even
   work outside of the laboratory?
   5. Certify financial responsibility and exit strategy to make sure
   that no user will ever be at risk of losing his medical data due to lack of
   6. Vendors should not in any capacity be involved in the certification
   process as evaluators.
   7. This initiative introduces us to a slippery slope of arbitrary item
   inclusion, all of which should be removed or made optional. Today, that
   decision to include peds-specific content effectively removes those EMR's
   going after internal medicine, geriatric, adult endo, gastro, uro, and other
   specialty markets.
   8. CCHIT should define criteria for a lab interface so that every EMR
   did not need a separate interface for every lab vendor. We need to define a
   set a lab names/codes so that a CBC is a CBC on both coasts and in between.


If you agree with these then you should sign there letter.

So here is what I would propose regarding FOSS software.

1. Reduce by 90% the costs associated for certifying any product that is
published under an Open Source (as defined by OSI) or Free Software License
(As defined by the Free Software Foundation). Software released under these
licenses contribute directly to the public good, unlike proprietary
software. Since there is no "profiting party" like a proprietary software
company, there is no source of funds from which to pay the standard fees.

2. Instead of certifying software alone, vendors-software pairs should be
certified. So "B-Mas supporting FreeMED" would be a "Open Source CCHIT
certified" instead of just FreeMED. That encourages B-Mas to pay the fees,
and gives them specific benifits once those fees are payed. Also it means
that the same software can be certfied by different vendors several times.
This benifits projects with multiple vendors, like VistA and
MirrorMed/ClearHealth. It gives us a way to pool resources as a community to
get multiple certifications that benifit individual vendors but does not
break the bank for each vendor. This also serves to supply the cash needed
for the CCHIT process (which is very person intensive).

Does this sound like a reasonable proposal? If it does then I will write a
formal version and then request "signatures"


On 3/24/06, Greg Woodhouse <[EMAIL PROTECTED]> wrote:
> [I hope you don't mind if I copy this to Hardhats. I think it is a
> topic of interest to both communities.]
> I have mixed feelings here. It seems completely reasonable to want to
> have an accreditation/certification process for health information
> systems (though the jurisdiction issue is certainly a tricky one), but
> I believe you are right that the current model is problematic for open
> source software. The issue is controversial, but it doesn't seem right
> that open source software should essentially receive a "by" in this
> area. After all, such systems are used for the same types of safety
> critical applications as proprietary software. Sure, there is community
> review, but is tht really enough?
> What seems logical for is for some organization (perhaps OSHCA, but
> more likely an independent entity) to establish criteria for certifying
> open source systems. How would it all be funded? Good question. I don't
> think I really have any good answers, but one possibility is that
> vendors that support open source product suites would pay for
> accreditation (albeit using a different model and/or provcing
> criteria). Another possibility is to formalize the review process and
> make all relevant artifacts publicly available. The problem here, of
> course, is that there is no real incentive for an official agency to
> review (or audit) that process and provide accreditation for the
> software.
> Tough one.
> ===
> Gregory Woodhouse  <[EMAIL PROTECTED]>
> "It is foolish to answer a question that
> you do not understand."
> --G. Polya ("How to Solve It")
> Yahoo! Groups Links

Fred Trotter
SynSeer, Consultant
phone: (480)290-8109

[Non-text portions of this message have been removed]

Yahoo! Groups Links

<*> To visit your group on the web, go to:

<*> To unsubscribe from this group, send an email to:

<*> Your use of Yahoo! Groups is subject to:

Reply via email to