The Office of the National Coordinator for Health IT (ONC) is seeking comments on approaches that will enable providers and other healthcare entities to obtain and manage digital certificates that are cross-certified with the Federal Bridge, according to Arien Malec, coordinator of the ONC’s Standards & Interoperability (S&I) Framework.

Key areas for comments include:

• What burdens will providers face to obtain and manage these digital certificates both at an individual and organizational level? How can these burdens be minimized?
• Is there sufficient competition in the marketplace to ensure that providers will have access to best pricing and service?
• What role can health information exchange (HIE) and health information service providers (HISPs) have in providing and maintaining digital certificates for providers and organizations?
• Among the options listed, what are the costs and time requirements for each?
• What is the incremental cost to become a cross-certified certificate authority compared to the cost to become a WebTrust/European Telecommunications Standards Institute-certified Certificate Authority? What factors contribute to the increased cost?

In collaboration with the Certificate Authority Taskforce, the S&I Framework has conducted an analysis and developed a summary of findings, which have been posted for review and comments along with the Health Information Technology Policy Committee Privacy and Security Tiger Team’s recommendations as an assessment report, Malec stated. The report was posted on the S&I Framework wiki on May 31. 

The assessment report is posted on the S&I Framework wiki. Members can review and comment on the questions, and can reply in the "Comments on Assessment Report" discussion thread by June 5.