ONC (Office of the National Coordinator for Health Information Technology)

The Office of the National Coordinator for Health Information Technology, abbreviated ONC, is an entity within the U.S. Department of Health and Human Services (HHS). President George W. Bush created the position by executive order in 2004, and Congress mandated associated legislation in the HITECH Act of 2009. The purpose of ONC is to promote a national health information technology (HIT) infrastructure and oversee its development. 


For healthcare providers, ONC is associated with nationwide efforts to provide electronic health records (EHR) to patients as a way to better curb medical errors and eliminate paper records.

The mission of ONC

The mission of the ONC involves many aspects of HIT, including policy coordination, strategic planning for the adoption of health IT and health information exchanges (HIE), establishing governance for the eHealth Exchange (formerly known as the Nationwide Health Information Network) and, above all, promoting a national health IT infrastructure.

According to ONC, this last mission aims, among other things, to:

  • improve the quality of healthcare while reducing costs;
  • improve the coordination of care and information among hospitals, labs, physicians and other healthcare organizations;
  • ensure that personal health records (PHR) remain secure; and
  • promote the early detection, prevention and management of chronic illness.

The history of ONC

In his 2004 State of the Union address, President Bush said computerized health records could reduce costs, improve care and help avoid dangerous medical mistakes. To that end, he announced a plan for most Americans to have EHRs within 10 years.

Part of the president's plan was to create a sub-cabinet-level position of National Coordinator for Health Information Technology, which would fall under HHS. The goal of the new post was to work toward health information standards and to coordinate partnerships that would help speed the adoption of health IT.

Certification program

ONC issued its Standards and Certification Criteria Final Rule on July 13, 2010. The criteria establish the required standards and capabilities that certified EHR technology must have to achieve meaningful use stage 1. The Centers for Medicare and Medicaid Services (CMS) issued a companion rule on July 28, 2010, which established the minimum requirements healthcare providers must meet to qualify for payments under the center's EHR Incentive Program. 

ONC official on EHR safety

The ONC's chief medical informatics officer discusses EHRs

ONC also established a voluntary Health IT Certification Program that provides for the certification of health IT standards. The agency does not test or issue certifications itself; ONC collaborates with organizations that it has authorized to act on its behalf. One such collaborator is ICSA Labs, which the ONC has authorized to certify Complete and Modular EHR technology for ambulatory and inpatient organizations.

The agency issued an Enhanced Oversight and Accountability Final Rule in 2016 that updated the program to provide increased oversight and accountability for health IT developers.


In 2014, the ONC released a 10-year roadmap outlining three-, six- and 10-year milestones for achieving interoperability. The roadmap is as follows:

  • By 2017 -- Find, receive, send and use priority data domains, such as names, dates of birth, ethnicities and addresses, to improve the quality of health and healthcare.
  • By 2020 -- Expand data sources and users in the interoperable health IT system to lower costs and improve health.
  • By 2024 -- Enable a learning health system by achieving nationwide interoperability that places the patient at the center.

21st Century Cures Act

The bipartisan 21st Century Cures Acts charges the ONC with implementing activities that will advance interoperability by building HIEs and discouraging information blocking. The ONC will discourage information blocking by continuing to implement its Certification Program rules and by creating channels to report cases of information blocking. The ONC will also enforce information blocking provisions that are required under the Cures Act.

Privacy and security policies

The ONC's chief privacy officer (CPO) enforces the agency's privacy and security policies. The CPO's role is to inform the industry about HIPAA and other privacy rules and why they are important to secure health information that is exchanged electronically.

The CPO also ensures that privacy and security standards for health IT are addressed in a way that is consistent with protecting personal health information

This was last updated in October 2017

Continue Reading About ONC (Office of the National Coordinator for Health Information Technology)

Dig Deeper on Heathcare policy and regulation

Cloud Computing
Mobile Computing