Today, CCHIT released the next round for public comment of the proposed PHR Certification Requirements, (the PHR docs are at the bottom of the page).  Comments for the Second Round are due by January 21, 2009.

Took a quick glance, here’s what we found so far:

CCHIT has added some new fields and edited others in response to HHS’s release of the Privacy & Security Framework.

CCHIT continues to have a myopic focus on the CCD standard. Can not figure out why this is the only messaging standard they are considering.  Another standard that should definitely be in the requirements is CCR, a standard which actually is much better suited to PHRs (lighter weight, easier to structure, proven in countless deployments, etc.).  CCD is a standard you find in big enterprises e.g., hospitals, payers, etc.  CCR is what you’ll often find at small practices and retail clinics.  To exclude CCR is to potentially exclude data from where 80% of care occurs.

Still see too much reliance on legacy approaches, maybe better to say legacy players e.g., HL7, as they are all over the proposed requirements.  In fact, with all the references to HL7, CCD, HITSP, etc., you would think that these certification requirements were written by the trade organization, HIMSS.

Hopefully in this second round, CCHIT will be more expansive/inclusive of comments than they have demonstrated in the first round.   And it’s not like anyone has failed to comment on those proposed requirements.  During a conference call last week, we learned that CCHIT received over 500 comments in the first round, a new record.  Clearly there is interest, may that be matched by inclusivenness.