• No results found

Interim Final Rule on Standards, Implementation Specifications, and Certification Criteria

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Interim Final Rule on Standards, Implementation Specifications, and Certification Criteria"

Copied!
16
0
0

Loading.... (view fulltext now)

Download now ( 16 Page )

Full text

(1)

Interim Final Rule on Standards,

Implementation Specifications,

and Certification Criteria

NIST/OCR Conference

Safeguarding Health Information:

Building Assurance through HIPAA Security

(2)

How Does All This Work?

“Meaningful User of Certified EHR Technology” Certified Complete EHR Combination of Certified EHR Modules

=

Objectives & Measures

ONC-ATCB / ONC-ACB Certification Criteria Standards EHR Modules Complete EHRs Correlated Meaningful Use Regulations Meaningful Use Regulations

HIT Certification Programs Regulations

HIT Certification Programs Regulations

HIT Standards & Certification Criteria Regulations

HIT Standards & Certification Criteria Regulations

(3)

ONC Interim Final Rule

Initial Set of Standards, Implementation

Specifications, and Certification

Criteria

Definitions

Standards and Certification Criteria

Relationship to Meaningful Use

Proposed Rule

(4)

Acronym Check

CFR: Code of Federal Regulations

EHR: Electronic Health Record

FACA: Federal Advisory Committee

Act

IFR: Interim Final Rule

ONC: Office of the National

Coordinator for Health IT

(5)

IFR – The Basics

Statutory Authority

– American Recovery and Reinvestment Act of 2009 (Pub. L. 111–5)

– Title XIII of Division A and Title IV of Division B

• Health Information Technology for Economic and Clinical Health Act (HITECH Act)

– The HITECH Act amended the Public Health Service Act (PHSA) and created “Title XXX – Health Information Technology and Quality”

• Section 3004(b) – required the Secretary to adopt an initial set of standards, implementation specifications, and certification criteria by 12/31/2009

(6)

Principles that Guide Certification

Criteria and Standards

Certification Criteria

– Assure providers that Certified EHR

Technology can support achievement of Meaningful Use

– Key capabilities that can be tested objectively

– Minimal set – supports innovation

Standards

– Incrementally build capacity

– Establish the foundation for greater

(7)

IFR – Definitions (1)

Certified EHR Technology (Statutory)

– [A] qualified electronic health record that is

certified pursuant to section 3001(c)(5) as meeting standards adopted under section

3004 that are applicable to the type of record involved (as determined by the Secretary,

such as an ambulatory electronic health record for office-based physicians or an

inpatient hospital electronic health record for hospitals)

(8)

IFR – Definitions (2)

Certified EHR Technology (Regulatory)

– Complete EHR or a combination of EHR

Modules, each of which:

• (1) Meets the requirements included in the

definition of a Qualified EHR; and

• (2) Has been tested and certified in

accordance with the certification program established by the National Coordinator as having met all applicable certification

(9)

IFR – Definitions (3)

Complete EHR (Regulatory)

EHR technology that has been developed

to meet all applicable certification criteria

adopted by the Secretary.

EHR Module (Regulatory)

any service, component, or combination

thereof that can meet the requirements of at

least one certification criterion adopted by

the Secretary.

(10)

IFR – Standards

Organized into four categories:

Content Exchange Standards

Vocabulary Standards

Transport Standards

(11)

IFR – Certification Criteria

Certification criteria are aligned

with the meaningful use objectives

for eligible professionals and

(12)

IFR – Certification Criteria Deatils

General Certification Criteria

– applicable to all Complete EHRs or EHR

Modules

– Includes privacy and security certification criteria

Ambulatory Certification Criteria

– applicable to Complete EHRs or EHR Modules

designed for ambulatory settings

Inpatient Certification Criteria

– applicable to Complete EHRs or EHR Modules

(13)

IFR – Relationship to Meaningful Use

Illustrative Crosswalk

Meaningful  Use Objectives Meaningful  Use Objectives E‐Rx E‐Rx Certification  Criteria Certification  Criteria Capability to  E‐Rx must be  included Capability to  E‐Rx must be  included Standards Standards NCPDP  SCRIPT 8.1/10.6  must be used NCPDP  SCRIPT 8.1/10.6  must be used

(14)

HIPAA Security Rule & Certification Criteria

HIPAA Security Rule

– Focuses on: administrative, physical, and

technical safeguards

– Sets standards for all e-PHI created, received,

maintained, or transmitted by HIPAA Covered Entities

Certification Criteria

– Focus on technical safeguards

– Establish requirements for capabilities

(15)

HIPAA Security Rule & Certification Criteria

45 CFR 164.312

• (a)(1) – Access control

• (a)(2)(i) – User identification (r) • (a)(2)(ii) – Emergency access (r) • (a)(2)(iii) – Automatic logoff (a) • (a)(2)(iv) – Encryption/decryption

(Data at Rest) (a) • (b) – Audit Controls

• (c)(1) – Integrity

• (c)(2) – Authenticate ePHI (a)

• (d) Person or entity authentication • (e)(1) – Transmission security

• (e)(2)(i) – Integrity controls (a)

• (e)(2)(ii) – Encryption (transmission) (a)

45 CFR 170.302

• (o) – Access control

• (p) – Emergency access • (q) – Automatic logoff • (u) – Encryption • (r) – Audit log • (s) – Integrity • (t) – Authentication • (s) – Integrity • (u) – Encryption

(16)

What’s next?

IFR Comment Period Closed

March 15, 2010

Working with CMS to align Standards

and Certification Criteria Final Rule

with Meaningful Use Final Rule

To view comments go to:

http://www.regulations.gov

References

Download now ( PDF - 16 Page - 223.75 KB )

Related documents

Modification of bacterial cell membrane to accelerate decolorization of textile wastewater effluent using microbial fuel cells: role of gamma radiation

Abd El Kareem, Kyle Bowman, Mark Brehney, Godfrey Kyazze, Tajalli Keshavarz & Ola Gomaa (2020) Modification of bacterial cell membrane to accelerate decolorization of

Certifications. 5 Star Usability Rating

This seal designates Nortec EHR 7.0 as a ONC-ATCB 2011-2012 Certified Complete EHR in accordance with the applicable certification criteria adopted by the Secretary of Health

Drummond Certified Health IT Certificate and Marks Usage Requirements

“This Health IT Module is 2015 Edition compliant and has been certified by an ONC- ACB in accordance with the applicable certification criteria adopted by the Secretary of Health

Marketing Policy. ONC-ATCB 2011/2012 Certification Program

“The ONC-ATCB 2011/2012 EHR certification program, provided by the Certification Commission for Health Information Technology (CCHIT®)” as an Office of the National Coordinator

Establishment of a Temporary and Permanent Testing Program

Under the temporary certification program, any organization deemed an Authorized Testing and Certification Body (ONC-ATCB) must be able to both test and certify Complete EHRs

SHORT TERM RISKS AND LIABILITIES BY-LAW

out the assets held by that department, the risks requiring to be insured and any other information deemed necessary to the Chief Financial Officer, which shall in accordance with

Monthly SNAP benefit duration and its association with food security, hunger-coping, and physiological hunger symptoms among low-income families

The purpose of this study was to examine relationships between monthly SNAP benefit duration and 5 primary outcome variables: food security, three hunger-coping behavior

Advanced Videographic Recorder

Used to navigate pop-up menus and review data in historical review mode Menu Key Displays a pop-up menu for operator selections View Key Selects between enabled views for the