The HHS Office of the National Coordinator for Health Information Technology (ONC) has adopted a final rule to enable the ONC to directly review certified health information technology (IT) to determine whether it conforms to the requirements of the ONC Health IT Certification Program (‘‘Program’’). Such ONC review would be independent of, and may be in addition to, ONC-Authorized Certification Body (ONC–ACB) surveillance. This direct review authority will apply (1) when ONC has reason to believe that the certified health IT is causing or contributing to serious risks to public health or safety, or (2) in cases where practical challenges prevent an ONC–ACB from effectively investigating the suspected non-conformity or providing an appropriate response (e.g., because of the need to access confidential information or if overlapping reviews by multiple ONC-ACBs would be required). In addition, the rule sets forth ONC’s enforcement authorities when certified health IT does not conform to certification requirements, including correction of non-conformities, certification suspension or termination, and a ban on the future certification of any of a health IT developer’s health IT. The rule also authorizes ONC to conduct direct oversight of testing laboratories under the ONC Health IT Certification Program. Finally, the rule requires ONC-ACBs to make identifiable surveillance results publicly available to promote transparency and accountability. The rule is effective December 19, 2016.