[Federal Register Volume 81, Number 40 (Tuesday, March 1, 2016)]
[Notices]
[Pages 10635-10636]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2016-04238]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Office of the Secretary


Health IT Policy Committee and Health IT Standards Committee: 
Schedule and Recommendations

AGENCY: Office of the National Coordinator for Health Information 
Technology, Department of Health and Human Services.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: This notice fulfills obligations under the Health Information 
Technology for Economic and Clinical Health (HITECH) Act, Title XIII of 
Division A and Title IV of Division B of the American Recovery and 
Reinvestment Act of 2009 (Pub. L.

[[Page 10636]]

111-5), which amended the Public Health Service Act (PHSA). Section 
3003(b)(3) of the PHSA mandates that the Health IT Standards Committee 
(HITSC) develop an annual schedule for the assessment of policy 
recommendations developed by the Health IT Policy Committee (HITPC) and 
publish the schedule in the Federal Register. This notice fulfills the 
requirements of section 3003(b)(3) and updates the HITSC schedule 
posted in the Federal Register on August 10, 2015. This notice also 
meets the requirements under sections 3002(e) and 3003(e) for 
publication in the Federal Register of recommendations made by the 
HITPC and HITSC, respectively. Further, this notice serves to meet the 
requirements of section 3004(a)(3) for publication in the Federal 
Register of determinations by the Secretary of Health and Human 
Services regarding HITSC-recommended certification criteria endorsed by 
the National Coordinator for Health Information Technology.

FOR FURTHER INFORMATION CONTACT: Michael Lipinski, Office of Policy, 
Office of the National Coordinator for Health Information Technology, 
202-690-7151.

SUPPLEMENTARY INFORMATION: This notice fulfills obligations under the 
Health Information Technology for Economic and Clinical Health (HITECH) 
Act, Title XIII of Division A and Title IV of Division B of the 
American Recovery and Reinvestment Act of 2009 (Pub. L. 111-5), which 
amended the Public Health Service Act (PHSA).

Health IT Standards Committee Schedule

    Section 3003(b)(3) of the PHSA mandates that the Health IT 
Standards Committee (HITSC) develop an annual schedule for the 
assessment of policy recommendations developed by the Health IT Policy 
Committee (HITPC) and publish it in the Federal Register. The HITSC's 
schedule for the assessment of HITPC recommendations updates the HITSC 
schedule published on August 10, 2015, and is as follows:
    The National Coordinator for Health Information Technology 
(National Coordinator) will establish priority areas based in part on 
recommendations received from the HITPC regarding health IT standards, 
implementation specifications, and/or certification criteria. Once the 
HITSC is informed of those priority areas, it will:
    (A) Identify the best mechanism by which to organize itself in 
order to respond to the National Coordinator within 90 days with, at a 
minimum, the following:
    (1) An assessment of what standards, implementation specifications, 
and certification criteria are currently available to meet the priority 
area;
    (2) An assessment of where gaps exist (i.e., no standard is 
available or harmonization is required because more than one standard 
exists) and identify potential organizations that have the capability 
to address those gaps; and
    (3) A timeline, which may also account for the National Institute 
of Standards and Technology (NIST) testing, where appropriate, and 
include dates when the HITSC is expected to issue recommendations to 
the National Coordinator.
    (B) In responding to the National Coordinator:
    (1) Approve a timeline by which it will deliver recommendations to 
the National Coordinator; and
    (2) Determine whether to establish a task force to conduct research 
and solicit testimony, where appropriate, and issue recommendations to 
the full committee in a timely manner.
    (C) Advise the National Coordinator, consistent with the accepted 
timeline in (B)(1) and after NIST testing, where appropriate, on 
standards, implementation specifications, and/or certification 
criteria, for the National Coordinator's review and determination 
whether or not to endorse the recommendations, and possible adoption of 
the proposed recommendations by the Secretary of the Department of 
Health and Human Services (Secretary).
    The standards and related topics which the HITSC is expected to 
address in 2016 include, but may not be limited to: Quality 
measurement; precision medicine; security; consumer-mediated 
information exchange; public health; technical interoperability 
experience in the field; and updates to the Office of the National 
Coordinator for Health Information Technology (ONC)'s Interoperability 
Standards Advisory(ies).

HITPC and HITSC Recommendations

    Sections 3002(e) and 3003(e) of the PHSA provides for publication 
of HITPC and HITSC recommendations in the Federal Register. ONC will 
post all recommendations received from the HITPC on its Web site at: 
https://www.healthit.gov/facas/health-it-policy-committee/health-it-policy-committee-recommendations-national-coordinator-health-it. ONC 
will post all recommendations received from the HITSC on its Web site 
at: https://www.healthit.gov/facas/health-it-standards-committee/health-it-standards-committee-recommendations-national-coordinator. All 
prior recommendations received from the HITPC and HITSC can be found at 
these respective Web site addresses.

HITSC Privacy and Security Recommendations

    Section 3004(a)(3) of the PHSA provides for publication in the 
Federal Register of determinations by the Secretary regarding HITSC-
recommended certification criteria endorsed by the National 
Coordinator.
    On March 30, 2015, ONC issued a notice of proposed rulemaking with 
comment period for the 2015 Edition health IT certification criteria 
(80 FR 16804). Subsequently, on June 5, 2015, the HITSC submitted a 
transmittal letter to the National Coordinator which contained the 
HITSC recommendations for the adoption of two new certification 
criteria for the ONC Health IT Certification Program. The two 
certification criteria are:
    1. A criterion for encrypting authentication credentials; and
    2. A multi-factor authentication criterion for user access to 
health information.
    The National Coordinator endorsed these recommendations for 
consideration by the Secretary and the Secretary has determined that it 
is appropriate to propose adoption of these two new certification 
criteria through rulemaking. Therefore, the Secretary, within a 
reasonable period of time, will propose adoption of the certification 
criteria noted above in an available and appropriate notice of proposed 
rulemaking.

    Authority: 42 U.S.C. 300jj-11-14; Office of the National 
Coordinator for Health Information Technology; Delegation of 
Authority (74 FR 64086, Dec. 7, 2009).

    Dated: February 23, 2016.
Karen DeSalvo,
National Coordinator for Health Information Technology.
[FR Doc. 2016-04238 Filed 2-26-16; 4:15 pm]
 BILLING CODE 4150-45-P