BLOG: HIMSS Analytics EMRAM criteria changes. What to expect and how to prepare

The HIMSS Analytics’ EMRAM was produced and first released in the US in 2005 and later to Europe in 2010. Since that time, only a relatively small number of changes have been made to the model.


In comparison, technology has changed significantly, as has the reliance that modern day healthcare now has on that technology. As HIMSS we need to reflect that change and the important and critical role that technology now plays in patient safety and the overall provision of effective, high quality care. As well as understanding the role that technology has, HIMSS Analytics is also looking to drive the market and remain as far ahead of the curve as is practically possible. To that end, it is time to reflect the trends we are seeing emerge in our various markets around the world and make the necessary changes to the EMRAM ready for 1 January 2018.

Today, virtually every hospital is using digital medical imaging in its business as usual processes. We also see that clinical documentation is often being captured electronically rather than on paper, not just in one or two of the more advanced hospital departments, but often across the enterprise. As hospitals begin to move from paper-based to electronic patient record systems they become more susceptible to cyber attack, large volume data loss and retrieval / storage events. Hospitals in many countries have had to shut down their electronic systems, run Business Continuity and Disaster Recovery routines and even send patients to other hospitals due to ransomware attacks or other forms of virus, which encrypt or corrupt critical patient data.

As a result, HIMSS Analytics in conjunction with CIOs, industry leaders and academic institutions have made changes to the EMRAM that more accurately reflect our expectations of the modern EMR environment. These changes do not only apply to the most digitally mature hospitals and / or the higher EMRAM Stages, but to all EMRAM Stages from 1 to 7 and to all hospitals anywhere in the world. As such the updated standards impact equally all hospitals across all countries as we strive to maintain that all important single international standard. This is what makes the EMRAM unique but most importantly globally applicable. Hospitals around the world should continue to strive towards more advanced EMR capabilities with higher levels of patient safety and associated quality of care. Using the EMRAM as a guide we at HIMSS Analytics believe this to be eminently possible.

Highlights of the changes

The new criteria focuses more on functions accomplished via technology rather than on the technology itself. The changes are contained with three distinct areas:

  • EMR capabilities will need to be present in more clinical areas than they are currently;
  • Some elements contained within the higher stages have been moved to the lower stages; and
  • Some standards are new.

The most significant changes are within the sphere of IT Security and intruder prevention. As mentioned above, hacks and ransomware are now commonplace and can have quite devastating effects. They are propagated, prevalent and prolific. We know that most organisations understand how vital privacy and security components of technology are, but we thought it important to assess this critical area in a systematic, vendor-neutral and health system independent way. For example, at Stage 2 we expect that hospitals have appropriate IT security policies in place and that compliance is both managed and measured, e.g. Managing physical access to data centres, data destruction, security trainings for users, or the acceptable use of the IT system will all be prominent features. At Stage 3, Role-Based Access to the EMR will be a requirement, Stage 4, will check for measures to detect unauthorised system intrusion and Stages 5 and 6 will have criteria relating to the more appropriate and secure use of mobile devices.

Reflecting on the widespread availability of digital image management in radiology, the updated EMRAM will see the current requirements relating to filmless radiology move from Stage 5 to Stage 1. In addition, we will also expect cardiology images to be managed electronically and to have non-DICOM images accessible through the network.

Another critical update relates to the availability and actual use of clinical systems and processes. While, for example, it was sufficient to demonstrate the use of a closed loop medication administration process in a single department or ward, from 2018 onwards it will be required that 50% or more of all administered medicines go through a closed loop process. At Stage 4, the new standards will require that 90% or more of all nurses in the hospital document their assessments, care planning, task completion and other activities electronically. This requirement will also be extended to other clinical users, such as physiotherapists, speech therapists, and dietitians etc.. 

The best and easiest way to measure your hospital against the new EMRAM requirements, is to complete the online self-assessment survey. As of 1 January 2018 all hospitals worldwide will be evaluated and validated against the new standards. However, if you can’t wait and want to be one of the first adopters of the new EMRAM, we are happy to start working with you in December 2017 to get you right at the front of the queue. Please don’t hesitate to contact us if this is something that you are interested in.

What does this mean for Stage 6 and 7 validations?

If you are already validated at Stage 6 or Stage 7, don't become over concerned about the updated standards. First of all, your current status is valid for a period of three years from the date of your last validation. As such, most hospitals will have time to get to know the new criteria and prepare for an on-site visit. The validation process itself will change only slightly, and generally more for Stage 6 than for Stage 7 validations. Due to the extension of some requirements to additional wards and to additional processes, a Stage 6 on-site validation will require visits to more hospital wards than previously required. At Stage 7 we are likely to schedule the on-site visit for 2 days in order to ensure that we can observe all the elements.

We look forward to working closely with all hospitals who wish to use the EMRAM as a roadmap for digital improvement and especially with those who are looking to be formally recognised as digital exemplars. We are happy to provide more details to anyone who is wanting to obtain an immediate EMRAM score using the 2018 standards.

Contact: Nadia Leiste, Senior Business Development Manager,

HIMSS Analytics

HIMSS Analytics® is a part of HIMSS, a cause-based, global enterprise that produces health IT thought leadership, education, events, market research and media services around the world. Founded in 1961, HIMSS encompasses more than 52,000 members, of which more than two thirds work in healthcare pro-vider, governmental and not-for-profit organisations across the globe, plus over 600 corporations and a network of over one million Health IT key influencers that drive innovation throughout the world.

Read more about EMRAM here

Bertha-Benz-Straße 5
10557 Berlin

Jörg Studzinski

Director of Research and Advisory Services, HIMSS Analytics in Europe

Related News

Hyland is addressing the clinical blind spot

Digitising patient information is a step in the right direction, but siloed repositories of digital information are not the desired outcome

Hospital Italiano de Buenos Aires achieves HIMSS Analytics EMRAM Stage 7

Hospital Italiano de Buenos Aires (Argentina) has been successfully validated at Stage 7 of the international HIMSS Analytics EMRAM standards

King Abdulaziz Medical City in Riyadh becomes first in the world to achieve DIAM Stage 6

HIMSS Analytics® announced today that King Abdulaziz Medical City (KAMC) Riyadh has achieved Stage 6 on the Digital Imaging Adoption Model (DIAM)