[I hope you don't mind if I copy this to Hardhats. I think it is a topic of interest to both communities.]
I have mixed feelings here. It seems completely reasonable to want to have an accreditation/certification process for health information systems (though the jurisdiction issue is certainly a tricky one), but I believe you are right that the current model is problematic for open source software. The issue is controversial, but it doesn't seem right that open source software should essentially receive a "by" in this area. After all, such systems are used for the same types of safety critical applications as proprietary software. Sure, there is community review, but is tht really enough? What seems logical for is for some organization (perhaps OSHCA, but more likely an independent entity) to establish criteria for certifying open source systems. How would it all be funded? Good question. I don't think I really have any good answers, but one possibility is that vendors that support open source product suites would pay for accreditation (albeit using a different model and/or provcing criteria). Another possibility is to formalize the review process and make all relevant artifacts publicly available. The problem here, of course, is that there is no real incentive for an official agency to review (or audit) that process and provide accreditation for the software. Tough one. === Gregory Woodhouse <[EMAIL PROTECTED]> "It is foolish to answer a question that you do not understand." --G. Polya ("How to Solve It") Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/openhealth/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/