by Brian Eastwood

ICSA Labs Ready to Take EHR Certification, Interoperability Reins

News Analysis
Mar 06, 20145 mins
Healthcare IndustryMobile SecurityRegulation

ICSA Labs, an independent division of Verizon, is now one of the largest government-approved EHR testing and certification body. The organization has aspirations beyond meaningful use, though, and hopes to drive healthcare IT vendors toward interoperability and innovation.

When the Certification Commission for Health Information Technology announced its exit from the EHR certification business, it cited an inability to make “a sustainable business” in an uncertain EHR market that many vendors (i.e., potential customers of CCHIT) may be leaving.

CCHIT’s announcement, which sees the organization shifting its focus toward providing policy guidance to healthcare providers and vendors, hit healthcare hard. After all, CCHIT was both the first and the largest organization authorized in the Office of the National Coordinator’s Health IT Certification Program, which establishes which EHR systems meet the guidelines of the meaningful use incentive program.

Electronic Health Records

To help ease concerns about the void it was leaving, CCHIT encourages its customers to work with ICSA Labs for both testing and certification purposes. ICSA Labs, an independent division of Verizon, is well-positioned as a “good place for customers to get a soft landing,” according to Managing Director George P. Japak.

‘Proficiency’ in Product Certification Serves ICSA Labs Well

Started in 1989, ICSA Labs got its start testing IT security products, says Japak, who spoke with at the Health Information and Management Systems Society’s HIMSS 2014 conference. These initial offerings included traditional network and endpoint products such as firewalls and VPNs, as well as network attached peripherals such as copy machines and video equipment. Over time, this focus grew to encompass mobile device and mobile application testing — the latter of which Japak describes as “an area fraught with problems and with growing implications in healthcare.”

Following CCHIT’s exit, ICSA Labs serves as one of five EHR testing laboratories and three EHR certification bodies. (Systems must be tested, and approved, before they can be certified.) In addition, ICSA Labs has partnered with the Integrating the Healthcare Enterprise (IHE) organization to create the IHE USA Certification Program for products that meet healthcare IT interoperability standards.

ICSA Labs has issued certifications in accordance with ISO standards since 2004, Japak says. Its experience with interoperability, meanwhile, dates back to late 1990s, when it helped the Automotive Industry Action Group connect 40,000 trading partners that met industry standards, but nonetheless couldn’t share information.

[ Feature: 12 Healthcare IT Predictions for 2014 ]

When it comes to meeting the needs of EHR certification, Japak says, “We were accustomed to the rigor and necessary focus on executing these tests, and having that type of proficiency has served us well.”

EHR Interoperability Key Challenge for Healthcare

Interoperability plays an important role in the later stages of meaningful use as well as in the recently released voluntary 2015 EHR certification criteria, which are not tied to meaningful use.

Here, ICSA Labs sees its work with IHE as playing a pivotal role. The 2015 certification criteria, for example, propose a requirement that EHR systems first receive continuity of care document (CCD) messages from other EHRs at a 95 percent success rate and then present the XML in human-readable format, says Michelle Knighton, ICSA Lab’s program manager for healthcare. The IHE’s work, including its annual Connectathon interoperability testing events, focuses on solving such problems.

[ Analysis: Is Healthcare IT Interoperability (Almost) Here? ]

That expertise will likely extend beyond EHR systems, Knighton says. As mobile devices continue to permeate healthcare organizations, security, privacy and interoperability testing — largely absent from meaningful use — will take on added importance. After all, devices that can’t communicate with one another won’t improve outcomes or patient safety, Knighton says.

This will pertain to patient engagement as well, she adds. As patients grow up with technology, they will expect more from physicians. Specifically, they will want data collected from their personal health devices to be exported to the clinical systems their physicians use, Knighton says, and they’ll want to communicate with their doctors on a regular basis. An inability to do this puts pressure on healthcare providers, which in turn puts pressure on vendors, she says.

ICSA Labs Hopes to ‘Be Transformational’

Beyond interoperability and meaningful use, Knighton says ICSA Labs is keeping tabs on the technology behind the accountable care organization (ACO) model. As of yet, there’s no specific certification program for ACO technology — which requires a level of interoperability and health information exchange beyond even the third stage meaningful use — but Knighton says ICSA Labs wants to remain in a position where it can drive healthcare IT innovation.

[ Related: For ACO Model to Succeed, Healthcare Needs Data Analytics ]

That, in part, explains why ICSA Labs entered healthcare in the first place. It’s hard to ignore a marketplace growing so quickly and experiencing “a manifestation of technology explosion,” Japak says. For the organization to stay around another 25 years, he adds, it was a matter of asking, “What can we do to be transformational?”

Brian Eastwood is a senior editor for He primarily covers healthcare IT. You can reach him on Twitter @Brian_Eastwood or via email. Follow everything from on Twitter @CIOonline, Facebook, Google + and LinkedIn.