About GPO   |   Newsroom/Media   |   Congressional Relations   |   Inspector General   |   Careers   |   Contact   |   askGPO   |   Help  
 
Home   |   Customers   |   Vendors   |   Libraries  

The Electronic Code of Federal Regulations (e-CFR) is a regularly updated, unofficial editorial compilation of CFR material and Federal Register amendments produced by the National Archives and Records Administration's Office of the Federal Register (OFR) and the Government Printing Office.

Parallel Table of Authorities and Rules for the Code of Federal Regulations and the United States Code
Text | PDF

Find, review, and submit comments on Federal rules that are open for comment and published in the Federal Register using Regulations.gov.

Purchase individual CFR titles from the U.S. Government Online Bookstore.

Find issues of the CFR (including issues prior to 1996) at a local Federal depository library.

[2]
 
 

Electronic Code of Federal Regulations

e-CFR Data is current as of April 21, 2014

Title 45: Public Welfare


PART 170—HEALTH INFORMATION TECHNOLOGY STANDARDS, IMPLEMENTATION SPECIFICATIONS, AND CERTIFICATION CRITERIA AND CERTIFICATION PROGRAMS FOR HEALTH INFORMATION TECHNOLOGY


Contents

Subpart A—General Provisions

§170.100   Statutory basis and purpose.
§170.101   Applicability.
§170.102   Definitions.

Subpart B—Standards and Implementation Specifications for Health Information Technology

§170.200   Applicability.
§170.202   Transport standards.
§170.204   Functional standards.
§170.205   Content exchange standards and implementation specifications for exchanging electronic health information.
§170.207   Vocabulary standards for representing electronic health information.
§170.210   Standards for health information technology to protect electronic health information created, maintained, and exchanged.
§170.299   Incorporation by reference.

Subpart C—Certification Criteria for Health Information Technology

§170.300   Applicability.
§170.302   General certification criteria for Complete EHRs or EHR Modules.
§170.304   Specific certification criteria for Complete EHRs or EHR Modules designed for an ambulatory setting.
§170.306   Specific certification criteria for Complete EHRs or EHR Modules designed for an inpatient setting.
§170.314   2014 Edition electronic health record certification criteria.

Subpart D—Temporary Certification Program for HIT

§170.400   Basis and scope.
§170.401   Applicability.
§170.402   Definitions.
§170.405   Correspondence.
§170.410   Types of testing and certification.
§170.415   Application prerequisite.
§170.420   Application.
§170.423   Principles of proper conduct for ONC-ATCBs.
§170.425   Application submission.
§170.430   Review of application.
§170.435   ONC-ATCB application reconsideration.
§170.440   ONC-ATCB status.
§170.445   Complete EHR testing and certification.
§170.450   EHR module testing and certification.
§170.455   Testing and certification to newer versions of certain standards.
§170.457   Authorized testing and certification methods.
§170.460   Good standing as an ONC-ATCB.
§170.465   Revocation of authorized testing and certification body status.
§170.470   Effect of revocation on the certifications issued to complete EHRs and EHR Modules.
§170.490   Sunset of the temporary certification program.
§170.499   Incorporation by reference.

Subpart E—ONC HIT Certification Program

§170.500   Basis and scope.
§170.501   Applicability.
§170.502   Definitions.
§170.503   Requests for ONC-AA status and ONC-AA ongoing responsibilities.
§170.504   Reconsideration process for requests for ONC-AA status.
§170.505   Correspondence.
§170.510   Types of certification.
§170.520   Application.
§170.523   Principles of proper conduct for ONC-ACBs.
§170.525   Application submission.
§170.530   Review of application.
§170.535   ONC-ACB application reconsideration.
§170.540   ONC-ACB status.
§170.545   Complete EHR certification.
§170.550   EHR Module certification.
§170.553   Certification of health information technology other than Complete EHRs and EHR Modules.
§170.555   Certification to newer versions of certain standards.
§170.557   Authorized certification methods.
§170.560   Good standing as an ONC-ACB.
§170.565   Revocation of ONC-ACB status.
§170.570   Effect of revocation on the certifications issued to Complete EHRs and EHR Module(s).
§170.575   Removal of the ONC-AA.
§170.599   Incorporation by reference.

Authority: 42 U.S.C. 300jj-11; 42 U.S.C 300jj-14; 5 U.S.C. 552.

Source: 75 FR 2042, Jan. 13, 2010, unless otherwise noted.

Subpart A—General Provisions

§170.100   Statutory basis and purpose.

The provisions of this subchapter implement sections 3001(c)(5) and 3004 of the Public Health Service Act.

[75 FR 36203, June 24, 2010]

§170.101   Applicability.

The standards, implementation specifications, and certification criteria adopted in this part apply to Complete EHRs and EHR Modules and the testing and certification of such Complete EHRs and EHR Modules.

§170.102   Definitions.

For the purposes of this part:

2011 Edition EHR certification criteria means the certification criteria at §§170.302, 170.304, and 170.306.

2014 Edition EHR certification criteria means the certification criteria at §170.314.

Base EHR means an electronic record of health-related information on an individual that:

(1) Includes patient demographic and clinical health information, such as medical history and problem lists;

(2) Has the capacity:

(i) To provide clinical decision support;

(ii) To support physician order entry;

(iii) To capture and query information relevant to health care quality;

(iv) To exchange electronic health information with, and integrate such information from other sources;

(v) To protect the confidentiality, integrity, and availability of health information stored and exchanged; and

(3) Has been certified to the certification criteria adopted by the Secretary at: §170.314(a)(1), (3), and (5) through (8); (b)(1), (2), and (7); (c)(1) through (3); (d)(1) through (8).

(4) Has been certified to the certification criteria at §170.314(c)(1) and (2):

(i) For no fewer than 9 clinical quality measures covering at least 3 domains from the set selected by CMS for eligible professionals, including at least 6 clinical quality measures from the recommended core set identified by CMS; or

(ii) For no fewer than 16 clinical quality measures covering at least 3 domains from the set selected by CMS for eligible hospitals and critical access hospitals.

Certification criteria means criteria:

(1) To establish that health information technology meets applicable standards and implementation specifications adopted by the Secretary; or

(2) That are used to test and certify that health information technology includes required capabilities.

Certified EHR Technology means:

(1) For any Federal fiscal year (FY) or calendar year (CY) up to and including 2013:

(i) A Complete EHR that meets the requirements included in the definition of a Qualified EHR and has been tested and certified in accordance with the certification program established by the National Coordinator as having met all applicable certification criteria adopted by the Secretary for the 2011 Edition EHR certification criteria or the equivalent 2014 Edition EHR certification criteria; or

(ii) A combination of EHR Modules in which each constituent EHR Module of the combination has been tested and certified in accordance with the certification program established by the National Coordinator as having met all applicable certification criteria adopted by the Secretary for the 2011 Edition EHR certification criteria or the equivalent 2014 Edition EHR certification criteria, and the resultant combination also meets the requirements included in the definition of a Qualified EHR; or

(iii) EHR technology that satisfies the definition for FY and CY 2014 and subsequent years specified in paragraph (2);

(2) For FY and CY 2014 and subsequent years, the following: EHR technology certified under the ONC HIT Certification Program to the 2014 Edition EHR certification criteria that has:

(i) The capabilities required to meet the Base EHR definition; and

(ii) All other capabilities that are necessary to meet the objectives and associated measures under 42 CFR 495.6 and successfully report the clinical quality measures selected by CMS in the form and manner specified by CMS (or the States, as applicable) for the stage of meaningful use that an eligible professional, eligible hospital, or critical access hospital seeks to achieve.

Common MU Data Set means the following data expressed, where indicated, according to the specified standard(s):

(1) Patient name.

(2) Sex.

(3) Date of birth.

(4) Race—the standard specified in §170.207(f).

(5) Ethnicity—the standard specified in §170.207(f).

(6) Preferred language—the standard specified in §170.207(g).

(7) Smoking status—the standard specified in §170.207(h).

(8) Problems—at a minimum, the version of the standard specified in §170.207(a)(3).

(9) Medications—at a minimum, the version of the standard specified in §170.207(d)(2).

(10) Medication allergies—at a minimum, the version of the standard specified in §170.207(d)(2).

(11) Laboratory test(s)—at a minimum, the version of the standard specified in §170.207(c)(2).

(12) Laboratory value(s)/result(s).

(13) Vital signs—height, weight, blood pressure, BMI.

(14) Care plan field(s), including goals and instructions.

(15) Procedures—

(i)(A) At a minimum, the version of the standard specified in §170.207(a)(3) or §170.207(b)(2); or

(B) For EHR technology primarily developed to record dental procedures, the standard specified in §170.207(b)(3).

(ii) Optional. The standard specified at §170.207(b)(4).

(16) Care team member(s).

Complete EHR, 2011 Edition means EHR technology that has been developed to meet, at a minimum, all mandatory 2011 Edition EHR certification criteria for either an ambulatory setting or inpatient setting.

Complete EHR, 2014 Edition means EHR technology that meets the Base EHR definition and has been developed to meet, at a minimum, all mandatory 2014 Edition EHR certification criteria for either an ambulatory setting or inpatient setting.

Disclosure is defined as it is in 45 CFR 160.103.

EHR Module means any service, component, or combination thereof that can meet the requirements of at least one certification criterion adopted by the Secretary.

Human readable format means a format that enables a human to read and easily comprehend the information presented to him or her regardless of the method of presentation.

Implementation specification means specific requirements or instructions for implementing a standard.

Qualified EHR means an electronic record of health-related information on an individual that:

(1) Includes patient demographic and clinical health information, such as medical history and problem lists; and

(2) Has the capacity:

(i) To provide clinical decision support;

(ii) To support physician order entry;

(iii) To capture and query information relevant to health care quality; and

(iv) To exchange electronic health information with, and integrate such information from other sources.

Standard means a technical, functional, or performance-based rule, condition, requirement, or specification that stipulates instructions, fields, codes, data, materials, characteristics, or actions.

[75 FR 2042, Jan. 13, 2010, as amended at 75 FR 36203, June 24, 2010; 75 FR 44649, July 28, 2010; 77 FR 54283, Sept. 4, 2012; 78 FR 65887, Nov. 4, 2013]

Subpart B—Standards and Implementation Specifications for Health Information Technology

Source: 75 FR 44649, July 28, 2010, unless otherwise noted.

§170.200   Applicability.

The standards and implementation specifications adopted in this part apply with respect to Complete EHRs and EHR Modules.

§170.202   Transport standards.

The Secretary adopts the following transport standards:

(a) Standard. ONC Applicability Statement for Secure Health Transport (incorporated by reference in §170.299).

(b) Standard. ONC XDR and XDM for Direct Messaging Specification (incorporated by reference in §170.299).

(c) Standard. ONC Transport and Security Specification (incorporated by reference in §170.299).

[77 FR 54284, Sept. 4, 2012]

§170.204   Functional standards.

The Secretary adopts the following functional standards:

(a) Accessibility. Standard. Web Content Accessibility Guidelines (WCAG) 2.0, Level A Conformance (incorporated by reference in §170.299).

(b) Reference source. Standard. HL7 Version 3 Standard: Context-Aware Retrieval Application (Infobutton) (incorporated by reference in §170.299). (1) Implementation specifications. HL7 Version 3 Implementation Guide: URL-Based Implementations of the Context-Aware Information Retrieval (Infobutton) Domain, (incorporated by reference in §170.299).

(2) Implementation specifications. HL7 Version 3 Implementation Guide: Context-Aware Knowledge Retrieval (Infobutton) Service-Oriented Architecture Implementation Guide, (incorporated by reference in §170.299).

(c) Clinical quality measure-by-measure data. Data Element Catalog, (incorporated by reference in §170.299).

[77 FR 54284, Sept. 4, 2012]

§170.205   Content exchange standards and implementation specifications for exchanging electronic health information.

The Secretary adopts the following content exchange standards and associated implementation specifications:

(a) Patient summary record—(1) Standard. Health Level Seven Clinical Document Architecture (CDA) Release 2, Continuity of Care Document (CCD) (incorporated by reference in §170.299). Implementation specifications. The Healthcare Information Technology Standards Panel (HITSP) Summary Documents Using HL7 CCD Component HITSP/C32 (incorporated by reference in §170.299).

(2) Standard. ASTM E2369 Standard Specification for Continuity of Care Record and Adjunct to ASTM E2369 (incorporated by reference in §170.299).

(3) Standard. HL7 Implementation Guide for CDA® Release 2: IHE Health Story Consolidation, (incorporated by reference in §170.299). The use of the “unstructured document” document-level template is prohibited.

(b) Electronic prescribing—(1) Standard. The National Council for the Prescription Drug Programs (NCPDP) Prescriber/Pharmacist Interface SCRIPT standard, Implementation Guide, Version 8, Release 1 (Version 8.1) October 2005 (incorporated by reference in §170.299)

(2) Standard. NCPDP SCRIPT Standard, Implementation Guide, Version 10.6 (incorporated by reference in §170.299).

(c) Electronic submission of lab results to public health agencies. Standard. HL7 2.5.1 (incorporated by reference in §170.299). Implementation specifications. HL7 Version 2.5.1 Implementation Guide: Electronic Laboratory Reporting to Public Health, Release 1 (US Realm) (incorporated by reference in §170.299).

(d) Electronic submission to public health agencies for surveillance or reporting. (1) Standard. HL7 2.3.1 (incorporated by reference in §170.299).

(2) Standard. HL7 2.5.1 (incorporated by reference in §170.299).

(3) Standard. HL7 2.5.1 (incorporated by reference in §170.299). Implementation specifications. PHIN Messaging Guide for Syndromic Surveillance (incorporated by reference in §170.299) and Conformance Clarification for EHR Certification of Electronic Syndromic Surveillance, Addendum to PHIN Messaging Guide for Syndromic Surveillance (incorporated by reference in §170.299).

(e) Electronic submission to immunization registries—(1) Standard. HL7 2.3.1 (incorporated by reference in §170.299). Implementation specifications. Implementation Guide for Immunization Data Transactions using Version 2.3.1 of the Health Level Seven (HL7) Standard Protocol Implementation Guide Version 2.2 (incorporated by reference in §170.299).

(2) Standard. HL7 2.5.1 (incorporated by reference in §170.299). Implementation specifications. HL7 2.5.1 Implementation Guide for Immunization Messaging Release 1.0 (incorporated by reference in §170.299).

(3) Standard. HL7 2.5.1 (incorporated by reference in §170.299). Implementation specifications. HL7 2.5.1 Implementation Guide for Immunization Messaging, Release 1.4, (incorporated by reference in §170.299).

(f) Quality reporting. Standard. The CMS Physician Quality Reporting Initiative (PQRI) 2009 Registry XML Specification (incorporated by reference in §170.299). Implementation specifications. Physician Quality Reporting Initiative Measure Specifications Manual for Claims and Registry (incorporated by reference in §170.299).

(g) Electronic transmission of lab results to public health agencies. Standard. HL7 2.5.1 (incorporated by reference in §170.299). Implementation specifications. HL7 Version 2.5.1 Implementation Guide: Electronic Laboratory Reporting to Public Health, Release 1 (US Realm) (incorporated by reference in §170.299) with Errata and Clarifications, (incorporated by reference in §170.299) and ELR 2.5.1 Clarification Document for EHR Technology Certification, (incorporated by reference in §170.299).

(h) Clinical quality measure data import, export, and electronic submission. Standard. HL7 Implementation Guide for CDA® Release 2: Quality Reporting Document Architecture, (incorporated by reference in §170.299).

(i) Cancer information. Standard. HL7 Clinical Document Architecture (CDA), Release 2.0, Normative Edition (incorporated by reference in §170.299). Implementation specifications. Implementation Guide for Ambulatory Healthcare Provider Reporting to Central Cancer Registries, HL7 Clinical Document Architecture (CDA), (incorporated by reference in §170.299).

(j) Electronic incorporation and transmission of lab results. Standard. HL7 Version 2.5.1 Implementation Guide: S&I Framework Lab Results Interface, (incorporated by reference in §170.299).

(k) Clinical quality measure aggregate electronic submission. Standard. Quality Reporting Document Architecture Category III, Implementation Guide for CDA Release 2 (incorporated by reference in §170.299).

[75 FR 44649, July 28, 2010, as amended at 75 FR 62690, Oct. 13, 2010; 77 FR 54284, Sept. 4, 2012]

§170.207   Vocabulary standards for representing electronic health information.

The Secretary adopts the following code sets, terminology, and nomenclature as the vocabulary standards for the purpose of representing electronic health information:

(a) Problems—(1) Standard. The code set specified at 45 CFR 162.1002(a)(1) for the indicated conditions.

(2) Standard. International Health Terminology Standards Development Organization (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®) July 2009 version (incorporated by reference in §170.299).

(3) Standard. IHTSDO SNOMED CT® International Release July 2012 (incorporated by reference in §170.299) and US Extension to SNOMED CT® March 2012 Release (incorporated by reference in §170.299).

(b) Procedures—(1) Standard. The code set specified at 45 CFR 162.1002(a)(2).

(2) Standard. The code set specified at 45 CFR 162.1002(a)(5).

(3) Standard. The code set specified at 45 CFR 162.1002(a)(4).

(4) Standard. The code set specified at 45 CFR 162.1002(c)(3) for the indicated procedures or other actions taken.

(c) Laboratory tests—(1) Standard. Logical Observation Identifiers Names and Codes (LOINC®) version 2.27, when such codes were received within an electronic transaction from a laboratory (incorporated by reference in §170.299).

(2) Standard. Logical Observation Identifiers Names and Codes (LOINC®) Database version 2.40, a universal code system for identifying laboratory and clinical observations produced by the Regenstrief Institute, Inc. (incorporated by reference in §170.299).

(d) Medications—(1) Standard. Any source vocabulary that is included in RxNorm, a standardized nomenclature for clinical drugs produced by the United States National Library of Medicine.

(2) Standard. RxNorm, a standardized nomenclature for clinical drugs produced by the United States National Library of Medicine, August 6, 2012 Release (incorporated by reference in §170.299).

(e) Immunizations—(1) Standard. HL7 Standard Code Set CVX—Vaccines Administered, July 30, 2009 version (incorporated by reference in §170.299).

(2) Standard. HL7 Standard Code Set CVX—Vaccines Administered, updates through July 11, 2012 (incorporated by reference in §170.299).

(f) Race and Ethnicity. Standard. The Office of Management and Budget Standards for Maintaining, Collecting, and Presenting Federal Data on Race and Ethnicity, Statistical Policy Directive No. 15, as revised, October 30, 1997 (see “Revisions to the Standards for the Classification of Federal Data on Race and Ethnicity,” available at http://www.whitehouse.gov/omb/fedreg_1997standards).

(g) Preferred language. Standard. As specified by the Library of Congress, ISO 639-2 alpha-3 codes limited to those that also have a corresponding alpha-2 code in ISO 639-1. (incorporated by reference in §170.299).

(h) Smoking status. Standard. Smoking status must be coded in one of the following SNOMED CT® codes:

(1) Current every day smoker. 449868002

(2) Current some day smoker. 428041000124106

(3) Former smoker. 8517006

(4) Never smoker. 266919005

(5) Smoker, current status unknown. 77176002

(6) Unknown if ever smoked. 266927001

(7) Heavy tobacco smoker. 428071000124103

(8) Light tobacco smoker. 428061000124105

(i) Encounter diagnoses. Standard. The code set specified at 45 CFR 162.1002(c)(2) for the indicated conditions.

(j) Family health history. HL7 Version 3 Standard: Clinical Genomics; Pedigree, (incorporated by reference in §170.299).

[75 FR 44649, July 28, 2010, as amended at 77 FR 54284, Sept. 4, 2012]

§170.210   Standards for health information technology to protect electronic health information created, maintained, and exchanged.

The Secretary adopts the following standards to protect electronic health information created, maintained, and exchanged:

(a) Encryption and decryption of electronic health information—(1) General. Any encryption algorithm identified by the National Institute of Standards and Technology (NIST) as an approved security function in Annex A of the Federal Information Processing Standards (FIPS) Publication 140-2, (January 27, 2010) (incorporated by reference in §170.299).

(2) Exchange. Any encrypted and integrity protected link.

(b) Record actions related to electronic health information. The date, time, patient identification, and user identification must be recorded when electronic health information is created, modified, accessed, or deleted; and an indication of which action(s) occurred and by whom must also be recorded.

(c) Verification that electronic health information has not been altered in transit. Standard. A hashing algorithm with a security strength equal to or greater than SHA-1 (Secure Hash Algorithm (SHA-1) as specified by the National Institute of Standards and Technology (NIST) in FIPS PUB 180-4 (March 2012)) must be used to verify that electronic health information has not been altered.

(d) Record treatment, payment, and health care operations disclosures. The date, time, patient identification, user identification, and a description of the disclosure must be recorded for disclosures for treatment, payment, and health care operations, as these terms are defined at 45 CFR 164.501.

(e) Record actions related to electronic health information, audit log status, and encryption of end-user devices. (1)(i) The audit log must record the information specified in sections 7.2 through 7.4, 7.6, and 7.7 of the standard specified at §170.210(h) when EHR technology is in use.

(ii) The date and time must be recorded in accordance with the standard specified at §170.210(g).

(2)(i) The audit log must record the information specified in sections 7.2 and 7.4 of the standard specified at §170.210(h) when the audit log status is changed.

(ii) The date and time each action occurs in accordance with the standard specified at §170.210(g).

(3) The audit log must record the information specified in sections 7.2 and 7.4 of the standard specified at §170.210(h) when the encryption status of electronic health information locally stored by EHR technology on end-user devices is changed. The date and time each action occurs in accordance with the standard specified at §170.210(g).

(f) Encryption and hashing of electronic health information. Any encryption and hashing algorithm identified by the National Institute of Standards and Technology (NIST) as an approved security function in Annex A of the FIPS Publication 140-2 (incorporated by reference in §170.299).

(g) Synchronized clocks. The date and time recorded utilize a system clock that has been synchronized following (RFC 1305) Network Time Protocol, (incorporated by reference in §170.299) or (RFC 5905) Network Time Protocol Version 4, (incorporated by reference in §170.299).

(h) Audit log content. ASTM E2147-01(Reapproved 2009), (incorporated by reference in §170.299)

[75 FR 44649, July 28, 2010, as amended at 77 FR 54285, Sept. 4, 2012]

§170.299   Incorporation by reference.

(a) Certain material is incorporated by reference into this subpart with the approval of the Director of the Federal Register under 5 U.S.C. 552(a) and 1 CFR part 51. To enforce any edition other than that specified in this section, the Department of Health and Human Services must publish notice of change in the Federal Register and the material must be available to the public. All approved material is available for inspection at the National Archives and Records Administration (NARA). For information on the availability of this material at NARA, call 202-741-6030 or go to http://www.archives.gov/federal_register/code_of_federal_regulations/ibr_locations.html. Also, it is available for inspection at U.S. Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, Hubert H. Humphrey Building, Suite 729D, 200 Independence Ave., SW., Washington, DC 20201, call ahead to arrange for inspection at 202-690-7151, and is available from the sources listed below.

(b) American National Standards Institute, Health Information Technology Standards Panel (HITSP) Secretariat, 25 West 43rd Street—Fourth Floor, New York, NY 10036, http://www.hitsp.org.

(1) HITSP Summary Documents Using HL7 Continuity of Care Document (CCD) Component, HITSP/C32, July 8, 2009, Version 2.5, IBR approved for §170.205.

(2) [Reserved]

(c) ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA, 19428-2959 USA; Telephone (610) 832-9585 or http://www.astm.org/.

(1) ASTM E2147-01 (Reapproved 2009) Standard Specification for Audit and Disclosure Logs for Use in Health Information Systems, approved September 1, 2009, IBR approved for §170.210.

(2) ASTM E2369-05: Standard Specification for Continuity of Care Record (CCR), year of adoption 2005, ASTM approved July 17, 2006, IBR approved for §170.205.

(3) ASTM E2369-05 (Adjunct to E2369): Standard Specification Continuity of Care Record,—Final Version 1.0 (V1.0), November 7, 2005, IBR approved for §170.205.

(d) Centers for Disease Control and Prevention, 2500 Century Parkway, Mailstop E-78, Atlanta, GA 30333, USA (800-232-4636); http://www.cdc.gov/ehrmeaningfuluse/.

(1) HL7 Standard Code Set CVX—Vaccines Administered, July 30, 2009, IBR approved for §170.207.

(2) IIS: HL7 Standard Code Set CVX—Vaccines Administered, updates through July 11, 2012, IBR approved for §170.207.

(3) Implementation Guide for Immunization Data Transactions using Version 2.3.1 of the Health Level Seven (HL7)Standard Protocol Implementation Guide Version 2.2, June 2006, IBR approved for §170.205.

(4) HL7 2.5.1 Implementation Guide for Immunization Messaging Release 1.0, May 1, 2010, IBR approved for §170.205.

(5) PHIN Messaging Guide for Syndromic Surveillance: Emergency Department and Urgent Care Data, ADT Messages A01, A03, A04, and A08, HL7 Version 2.5.1 (Version 2.3.1 Compatible), Release 1.1, August 2012, IBR approved for §170.205.

(6) Conformance Clarification for EHR Certification of Electronic Syndromic Surveillance, ADT MESSAGES A01, A03, A04, and A08, HL7 Version 2.5.1, Addendum to PHIN Messaging Guide for Syndromic Surveillance: Emergency Department and Urgent Care Data (Release 1.1), August 2012, IBR approved for §170.205.

(7) HL7 2.5.1 Implementation Guide for Immunization Messaging, Release 1.4, August 1, 2012, IBR approved for §170.205.

(8) Implementation Guide for Ambulatory Healthcare Provider Reporting to Central Cancer Registries, HL7 Clinical Document Architecture (CDA), Release 1.0, August 2012, IBR approved for §170.205.

(9) ELR 2.5.1 Clarification Document for EHR Technology Certification, July 16, 2012, IBR approved for §170.205.

(e) Centers for Medicare & Medicaid Services, Office of Clinical Standards and Quality, 7500 Security Boulevard, Baltimore, Maryland 21244; Telephone (410) 786-3000

(1) CMS PQRI 2009 Registry XML Specifications, IBR approved for §170.205.

(2) 2009 Physician Quality Reporting Initiative Measure Specifications Manual for Claims and Registry, Version 3.0, December 8, 2008 IBR approved for §170.205.

(f) Health Level Seven, 3300 Washtenaw Avenue, Suite 227, Ann Arbor, MI 48104; Telephone (734) 677-7777 or http://www.hl7.org/

(1) Health Level Seven Standard Version 2.3.1 (HL7 2.3.1), An Application Protocol for Electronic Data Exchange in Healthcare Environments, April 14, 1999, IBR approved for §170.205.

(2) Health Level Seven Messaging Standard Version 2.5.1 (HL7 2.5.1), An Application Protocol for Electronic Data Exchange in Healthcare Environments, February 21, 2007, IBR approved for §170.205.

(3) Health Level Seven Implementation Guide: Clinical Document Architecture (CDA) Release 2—Continuity of Care Document (CCD), April 01, 2007, IBR approved for §170.205.

(4) HL7 Version 2.5.1 Implementation Guide: Electronic Laboratory Reporting to Public Health, Release 1 (US Realm) HL7 Version 2.5.1: ORU^R01, HL7 Informative Document, February, 2010, IBR approved for §170.205.

(5) HL7 Version 3 Standard: Context-Aware Retrieval Application (Infobutton); Release 1, July 2010, IBR approved for §170.204.

(6) HL7 Version 3 Implementation Guide: URL-Based Implementations of the Context-Aware Information Retrieval (Infobutton) Domain, Release 3, December 2010, IBR approved for §170.204.

(7) HL7 Version 3 Implementation Guide: Context-Aware Knowledge Retrieval (Infobutton) Service-Oriented Architecture Implementation Guide, Release 1, HL7 Draft Standard for Trial Use, March 2011, IBR approved for §170.204.

(8) HL7 Implementation Guide for CDA® Release 2: IHE Health Story Consolidation, DSTU Release 1.1 (US Realm) Draft Standard for Trial Use July 2012, IBR approved for §170.205.

(9) HL7 Clinical Document Architecture, Release 2.0, Normative Edition, May 2005, IBR approved for §170.205.

(10) HL7 Version 2.5.1 Implementation Guide: S&I Framework Lab Results Interface, Release 1—US Realm [HL7 Version 2.5.1: ORU−R01] Draft Standard for Trial Use, July 2012, IBR approved for §170.205.

(11) HL7 Version 3 Standard: Clinical Genomics; Pedigree, Release 1, Edition 2011, March 2012, IBR approved for §170.207.

(12) HL7 Implementation Guide for CDA® Release 2: Quality Reporting Document Architecture, DTSU Release 2 (Universal Realm), Draft Standard for Trial Use, July 2012, IBR approved for §170.205.

(13) HL7 v2.5.1 IG: Electronic Laboratory Reporting to Public Health (US Realm), Release 1 Errata and Clarifications, September, 29, 2011, IBR approved for §170.205.

(14) HL7 Implementation Guide for CDA® Release 2: Quality Reporting Document Architecture—Category III, DSTU Release 1 (US Realm) Draft Standard for Trial Use, November 2012, IBR approved for §170.205.

(g) Internet Engineering Task Force (IETF), University of Delaware, Newark, DE 19716, Telephone (302) 831-8247, http://www.ietf.org/rfc.html.

(1) Network Time Protocol (Version 3) Specification, Implementation and Analysis, March 1992, IBR approved for §170.210.

(2) Network Time Protocol Version 4: Protocol and Algorithms Specification, June 2010, IBR approved for §170.210.

(h) Library of Congress, Network Development and MARC Standards Office, Washington, DC 20540-4402, Tel: (202) 707-6237 or http://www.loc.gov/standards/iso639-2/.

(1) ISO 639-2. Codes for the Representation of Names of Languages Part 2: Alpha-3 Code, April 8, 2011, IBR approved for §170.207.

(2) [Reserved]

(i) National Council for Prescription Drug Programs, Incorporated, 9240 E. Raintree Drive, Scottsdale, AZ 85260- 7518; Telephone (480) 477-1000; and Facsimile (480) 767-1042 or http://www.ncpdp.org.

(1) National Council for Prescription Drug Programs Prescriber/Pharmacist Interface SCRIPT Standard, Implementation Guide, Version 8, Release 1, October 2005, IBR approved for §170.205.

(2) SCRIPT Standard, Implementation Guide, Version 10.6, October, 2008, (Approval date for ANSI: November 12, 2008), IBR approved for §170.205.

(j) National Institute of Standards and Technology, Information Technology Laboratory, National Institute of Standards and Technology, 100 Bureau Drive, Gaithersburg, MD 20899-8930, http://csrc.nist.gov/groups/STM/cmvp/standards.html.

(1) Annex A: Approved Security Functions for FIPS PUB 140-2, Security Requirements for Cryptographic Modules, Draft, January 27, 2010, IBR approved for §170.210.

(2) Annex A: Approved Security Functions for FIPS PUB 140-2, Security Requirements for Cryptographic Modules, Draft, May 30, 2012, IBR approved for §170.210.

(k) Office of the National Coordinator for Health Information Technology (ONC), 200 Independence Avenue SW., Suite 729-D, Washington, DC 20201, http://healthit.hhs.gov.

(1) Applicability Statement for Secure Health Transport, Version 1.1, July 10, 2012, IBR approved for §170.202; available at http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov__direct_project/3338.

(2) XDR and XDM for Direct Messaging Specification, Version 1, March 9, 2011, IBR approved for §170.202; available at http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov__direct_project/3338.

(3) Transport and Security Specification, Version 1.0, June 19, 2012, IBR approved for §170.202.

(l) Regenstrief Institute, Inc., LOINC® c/o Medical Informatics The Regenstrief Institute, Inc 410 West 10th Street, Suite 2000 Indianapolis, IN 46202-3012; Telephone (317) 423-5983 or http://loinc.org/.

(1) Logical Observation Identifiers Names and Codes (LOINC®) version 2.27, June 15, 2009, IBR approved for §170.207.

(2) Logical Observation Identifiers Names and Codes (LOINC®) Database version 2.40, Released June 2012, IBR approved for §170.207.

(m) U.S. National Library of Medicine, 8600 Rockville Pike, Bethesda, MD 20894; Telephone (301) 594-5983 or http://www.nlm.nih.gov/.

(1) International Health Terminology Standards Development Organization Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®), International Release, July 2009, IBR approved for §170.207.

(2) International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®) International Release July 31, 2012, IBR approved for §170.207.

(3) US Extension to SNOMED CT® March 2012 Release, IBR approved for §170.207.

(4) RxNorm, August 6, 2012 Full Release Update, IBR approved for §170.207.

(5) Data Element Catalog, Version 1.1, October 2012, IBR approved for §170.204.

(n) World Wide Web Consortium (W3C)/MIT, 32 Vassar Street, Room 32-G515, Cambridge, MA 02139 USA, http://www.w3.org/standards/

(1) Web Content Accessibility Guidelines (WCAG) 2.0, December 11, 2008, IBR approved for §170.204.

(2) [Reserved]

[75 FR 44649, July 28, 2010, as amended at 75 FR 62690, Oct. 13, 2010; 77 FR 54285, Sept. 4, 2012; 77 FR 72991, Dec. 7, 2012]

Subpart C—Certification Criteria for Health Information Technology

Source: 75 FR 44651, July 28, 2010, unless otherwise noted.

§170.300   Applicability.

(a) The certification criteria adopted in this subpart apply to the testing and certification of Complete EHRs and EHR Modules.

(b) When a certification criterion refers to two or more standards as alternatives, use of at least one of the alternative standards will be considered compliant.

(c) Complete EHRs and EHR Modules are not required to be compliant with certification criteria or capabilities specified within a certification criterion that are designated as optional.

(d) In §170.314, all certification criteria and all capabilities specified within a certification criterion have general applicability (i.e., apply to both ambulatory and inpatient settings) unless designated as “inpatient setting only” or “ambulatory setting only.”

(1) “Inpatient setting only” means that the criterion or capability within the criterion is only required for certification of EHR technology designed for use in an inpatient setting.

(2) “Ambulatory setting only” means that the criterion or capability within the criterion is only required for certification of EHR technology designed for use in an ambulatory setting.

[75 FR 44649, July 28, 2010, as amended at 77 FR 54286, Sept. 4, 2012]

§170.302   General certification criteria for Complete EHRs or EHR Modules.

The Secretary adopts the following general certification criteria for Complete EHRs or EHR Modules. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically, unless designated as optional, and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Drug-drug, drug-allergy interaction checks—(1) Notifications. Automatically and electronically generate and indicate in real-time, notifications at the point of care for drug-drug and drug-allergy contraindications based on medication list, medication allergy list, and computerized provider order entry (CPOE).

(2) Adjustments. Provide certain users with the ability to adjust notifications provided for drug-drug and drug-allergy interaction checks.

(b) Drug-formulary checks. Enable a user to electronically check if drugs are in a formulary or preferred drug list.

(c) Maintain up-to-date problem list. Enable a user to electronically record, modify, and retrieve a patient's problem list for longitudinal care in accordance with:

(1) The standard specified in §170.207(a)(1); or

(2) At a minimum, the version of the standard specified in §170.207(a)(2).

(d) Maintain active medication list. Enable a user to electronically record, modify, and retrieve a patient's active medication list as well as medication history for longitudinal care.

(e) Maintain active medication allergy list. Enable a user to electronically record, modify, and retrieve a patient's active medication allergy list as well as medication allergy history for longitudinal care.

(f) Record and chart vital signs—(1) Vital signs. Enable a user to electronically record, modify, and retrieve a patient's vital signs including, at a minimum, height, weight, and blood pressure.

(2) Calculate body mass index. Automatically calculate and display body mass index (BMI) based on a patient's height and weight.

(3) Plot and display growth charts. Plot and electronically display, upon request, growth charts for patients 2-20 years old.

(g) Smoking status. Enable a user to electronically record, modify, and retrieve the smoking status of a patient. Smoking status types must include: current every day smoker; current some day smoker; former smoker; never smoker; smoker, current status unknown; and unknown if ever smoked.

(h) Incorporate laboratory test results—(1) Receive results. Electronically receive clinical laboratory test results in a structured format and display such results in human readable format.

(2) Display test report information. Electronically display all the information for a test report specified at 42 CFR 493.1291(c)(1) through (7).

(3) Incorporate results. Electronically attribute, associate, or link a laboratory test result to a laboratory order or patient record.

(i) Generate patient lists. Enable a user to electronically select, sort, retrieve, and generate lists of patients according to, at a minimum, the data elements included in:

(1) Problem list;

(2) Medication list;

(3) Demographics; and

(4) Laboratory test results.

(j) Medication reconciliation. Enable a user to electronically compare two or more medication lists.

(k) Submission to immunization registries. Electronically record, modify, retrieve, and submit immunization information in accordance with:

(1) The standard (and applicable implementation specifications) specified in §170.205(e)(1) or §170.205(e)(2); and

(2) At a minimum, the version of the standard specified in §170.207(e).

(l) Public health surveillance. Electronically record, modify, retrieve, and submit syndrome-based public health surveillance information in accordance with the standard specified in §170.205(d)(1) or §170.205(d)(2).

(m) Patient-specific education resources. Enable a user to electronically identify and provide patient-specific education resources according to, at a minimum, the data elements included in the patient's: problem list; medication list; and laboratory test results; as well as provide such resources to the patient.

(n) Automated measure calculation. For each meaningful use objective with a percentage-based measure, electronically record the numerator and denominator and generate a report including the numerator, denominator, and resulting percentage associated with each applicable meaningful use measure.

(o) Access control. Assign a unique name and/or number for identifying and tracking user identity and establish controls that permit only authorized users to access electronic health information.

(p) Emergency access. Permit authorized users (who are authorized for emergency situations) to access electronic health information during an emergency.

(q) Automatic log-off. Terminate an electronic session after a predetermined time of inactivity.

(r) Audit log—(1) Record actions. Record actions related to electronic health information in accordance with the standard specified in §170.210(b).

(2) Generate audit log. Enable a user to generate an audit log for a specific time period and to sort entries in the audit log according to any of the elements specified in the standard at §170.210(b).

(s) Integrity. (1) Create a message digest in accordance with the standard specified in §170.210(c).

(2) Verify in accordance with the standard specified in §170.210(c) upon receipt of electronically exchanged health information that such information has not been altered.

(3) Detection. Detect the alteration of audit logs.

(t) Authentication. Verify that a person or entity seeking access to electronic health information is the one claimed and is authorized to access such information.

(u) General encryption. Encrypt and decrypt electronic health information in accordance with the standard specified in §170.210(a)(1), unless the Secretary determines that the use of such algorithm would pose a significant security risk for Certified EHR Technology.

(v) Encryption when exchanging electronic health information. Encrypt and decrypt electronic health information when exchanged in accordance with the standard specified in §170.210(a)(2).

(w) Optional. Accounting of disclosures. Record disclosures made for treatment, payment, and health care operations in accordance with the standard specified in §170.210(d).

[75 FR 44651, July 28, 2010, as amended at 75 FR 62690, Oct. 13, 2010]

§170.304   Specific certification criteria for Complete EHRs or EHR Modules designed for an ambulatory setting.

The Secretary adopts the following certification criteria for Complete EHRs or EHR Modules designed to be used in an ambulatory setting. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Computerized provider order entry. Enable a user to electronically record, store, retrieve, and modify, at a minimum, the following order types:

(1) Medications;

(2) Laboratory; and

(3) Radiology/imaging.

(b) Electronic prescribing. Enable a user to electronically generate and transmit prescriptions and prescription-related information in accordance with:

(1) The standard specified in §170.205(b)(1) or §170.205(b)(2); and

(2) The standard specified in §170.207(d).

(c) Record demographics. Enable a user to electronically record, modify, and retrieve patient demographic data including preferred language, gender, race, ethnicity, and date of birth. Enable race and ethnicity to be recorded in accordance with the standard specified at §170.207(f).

(d) Patient reminders. Enable a user to electronically generate a patient reminder list for preventive or follow-up care according to patient preferences based on, at a minimum, the data elements included in:

(1) Problem list;

(2) Medication list;

(3) Medication allergy list;

(4) Demographics; and

(5) Laboratory test results.

(e) Clinical decision support—(1) Implement rules. Implement automated, electronic clinical decision support rules (in addition to drug-drug and drug-allergy contraindication checking) based on the data elements included in: problem list; medication list; demographics; and laboratory test results.

(2) Notifications. Automatically and electronically generate and indicate in real-time, notifications and care suggestions based upon clinical decision support rules.

(f) Electronic copy of health information. Enable a user to create an electronic copy of a patient's clinical information, including, at a minimum, diagnostic test results, problem list, medication list, and medication allergy list in:

(1) Human readable format; and

(2) On electronic media or through some other electronic means in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and

(ii) For the following data elements the applicable standard must be used:

(A) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);

(B) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and

(C) Medications. The standard specified in §170.207(d).

(g) Timely access. Enable a user to provide patients with online access to their clinical information, including, at a minimum, lab test results, problem list, medication list, and medication allergy list.

(h) Clinical summaries. Enable a user to provide clinical summaries to patients for each office visit that include, at a minimum, diagnostic test results, problem list, medication list, and medication allergy list. If the clinical summary is provided electronically it must be:

(1) Provided in human readable format; and

(2) Provided on electronic media or through some other electronic means in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and

(ii) For the following data elements the applicable standard must be used:

(A) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);

(B) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and

(C) Medications. The standard specified in §170.207(d).

(i) Exchange clinical information and patient summary record—(1) Electronically receive and display. Electronically receive and display a patient's summary record, from other providers and organizations including, at a minimum, diagnostic tests results, problem list, medication list, and medication allergy list in accordance with the standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2). Upon receipt of a patient summary record formatted according to the alternative standard, display it in human readable format.

(2) Electronically transmit. Enable a user to electronically transmit a patient summary record to other providers and organizations including, at a minimum, diagnostic test results, problem list, medication list, and medication allergy list in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and

(ii) For the following data elements the applicable standard must be used:

(A) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);

(B) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and

(C) Medications. The standard specified in §170.207(d).

(j) Calculate and submit clinical quality measures—(1) Calculate (i) Electronically calculate all of the core clinical measures specified by CMS for eligible professionals.

(ii) Electronically calculate, at a minimum, three clinical quality measures specified by CMS for eligible professionals, in addition to those clinical quality measures specified in paragraph (1)(i).

(2) Submission. Enable a user to electronically submit calculated clinical quality measures in accordance with the standard and implementation specifications specified in §170.205(f).

§170.306   Specific certification criteria for Complete EHRs or EHR Modules designed for an inpatient setting.

The Secretary adopts the following certification criteria for Complete EHRs or EHR Modules designed to be used in an inpatient setting. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Computerized provider order entry. Enable a user to electronically record, store, retrieve, and modify, at a minimum, the following order types:

(1) Medications;

(2) Laboratory; and

(3) Radiology/imaging.

(b) Record demographics. Enable a user to electronically record, modify, and retrieve patient demographic data including preferred language, gender, race, ethnicity, date of birth, and date and preliminary cause of death in the event of mortality. Enable race and ethnicity to be recorded in accordance with the standard specified at §170.207(f).

(c) Clinical decision support—(1) Implement rules. Implement automated, electronic clinical decision support rules (in addition to drug-drug and drug-allergy contraindication checking) based on the data elements included in: problem list; medication list; demographics; and laboratory test results.

(2) Notifications. Automatically and electronically generate and indicate in real-time, notifications and care suggestions based upon clinical decision support rules.

(d) Electronic copy of health information. (1) Enable a user to create an electronic copy of a patient's clinical information, including, at a minimum, diagnostic test results, problem list, medication list, medication allergy list, and procedures:

(i) In human readable format; and

(ii) On electronic media or through some other electronic means in accordance with:

(A) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and

(B) For the following data elements the applicable standard must be used:

(1) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);

(2) Procedures. The standard specified in §170.207(b)(1) or §170.207(b)(2);

(3) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and

(4) Medications. The standard specified in §170.207(d).

(2) Enable a user to create an electronic copy of a patient's discharge summary in human readable format and on electronic media or through some other electronic means.

(e) Electronic copy of discharge instructions. Enable a user to create an electronic copy of the discharge instructions for a patient, in human readable format, at the time of discharge on electronic media or through some other electronic means.

(f) Exchange clinical information and patient summary record—(1) Electronically receive and display. Electronically receive and display a patient's summary record from other providers and organizations including, at a minimum, diagnostic test results, problem list, medication list, medication allergy list, and procedures in accordance with the standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2). Upon receipt of a patient summary record formatted according to the alternative standard, display it in human readable format.

(2) Electronically transmit. Enable a user to electronically transmit a patient's summary record to other providers and organizations including, at a minimum, diagnostic results, problem list, medication list, medication allergy list, and procedures in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and

(ii) For the following data elements the applicable standard must be used:

(A) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);

(B) Procedures. The standard specified in §170.207(b)(1) or §170.207(b)(2);

(C) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and

(D) Medications. The standard specified in §170.207(d).

(g) Reportable lab results. Electronically record, modify, retrieve, and submit reportable clinical lab results in accordance with the standard (and applicable implementation specifications) specified in §170.205(c) and, at a minimum, the version of the standard specified in §170.207(c).

(h) Advance directives. Enable a user to electronically record whether a patient has an advance directive.

(i) Calculate and submit clinical quality measures—(1) Calculate. Electronically calculate all of the clinical quality measures specified by CMS for eligible hospitals and critical access hospitals.

(2) Submission. Enable a user to electronically submit calculated clinical quality measures in accordance with the standard and implementation specifications specified in §170.205(f).

§170.314   2014 Edition electronic health record certification criteria.

The Secretary adopts the following certification criteria for Complete EHRs or EHR Modules. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically, unless designated as optional, and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Clinical. (1) Computerized provider order entry. Enable a user to electronically record, change, and access the following order types, at a minimum:

(i) Medications;

(ii) Laboratory; and

(iii) Radiology/imaging.

(2) Drug-drug, drug-allergy interaction checks. (i) Interventions. Before a medication order is completed and acted upon during computerized provider order entry (CPOE), interventions must automatically and electronically indicate to a user drug-drug and drug-allergy contraindications based on a patient's medication list and medication allergy list.

(ii) Adjustments. (A) Enable the severity level of interventions provided for drug-drug interaction checks to be adjusted.

(B) Limit the ability to adjust severity levels to an identified set of users or available as a system administrative function.

(3) Demographics. (i) Enable a user to electronically record, change, and access patient demographic data including preferred language, sex, race, ethnicity, and date of birth.

(A) Enable race and ethnicity to be recorded in accordance with the standard specified in §170.207(f) and whether a patient declines to specify race and/or ethnicity.

(B) Enable preferred language to be recorded in accordance with the standard specified in §170.207(g) and whether a patient declines to specify a preferred language.

(ii) Inpatient setting only. Enable a user to electronically record, change, and access preliminary cause of death in the event of a mortality.

(4) Vital signs, body mass index, and growth charts. (i) Vital signs. Enable a user to electronically record, change, and access, at a minimum, a patient's height/length, weight, and blood pressure. Height/length, weight, and blood pressure must be recorded in numerical values only.

(ii) Calculate body mass index. Automatically calculate and electronically display body mass index based on a patient's height and weight.

(iii) Optional—Plot and display growth charts. Plot and electronically display, upon request, growth charts for patients.

(5) Problem list. Enable a user to electronically record, change, and access a patient's active problem list:

(i) Ambulatory setting. Over multiple encounters in accordance with, at a minimum, the version of the standard specified in §170.207(a)(3); or

(ii) Inpatient setting. For the duration of an entire hospitalization in accordance with, at a minimum, the version of the standard specified in §170.207(a)(3).

(6) Medication list. Enable a user to electronically record, change, and access a patient's active medication list as well as medication history:

(i) Ambulatory setting. Over multiple encounters; or

(ii) Inpatient setting. For the duration of an entire hospitalization.

(7) Medication allergy list. Enable a user to electronically record, change, and access a patient's active medication allergy list as well as medication allergy history:

(i) Ambulatory setting. Over multiple encounters; or

(ii) Inpatient setting. For the duration of an entire hospitalization.

(8) Clinical decision support. (i) Evidence-based decision support interventions. Enable a limited set of identified users to select (i.e., activate) one or more electronic clinical decision support interventions (in addition to drug-drug and drug-allergy contraindication checking) based on each one and at least one combination of the following data:

(A) Problem list;

(B) Medication list;

(C) Medication allergy list;

(D) Demographics;

(E) Laboratory tests and values/results; and

(F) Vital signs.

(ii) Linked referential clinical decision support. (A) EHR technology must be able to:

(1) Electronically identify for a user diagnostic and therapeutic reference information; or

(2) Electronically identify for a user diagnostic and therapeutic reference information in accordance with the standard specified at §170.204(b) and the implementation specifications at §170.204 (b)(1) or (2).

(B) For paragraph (a)(8)(ii)(A) of this section, EHR technology must be able to electronically identify for a user diagnostic or therapeutic reference information based on each one and at least one combination of the data referenced in paragraphs (a)(8)(i)(A) through (F) of this section.

(iii) Clinical decision support configuration. (A) Enable interventions and reference resources specified in paragraphs (a)(8)(i) and (ii) of this section to be configured by a limited set of identified users (e.g., system administrator) based on a user's role.

(B) EHR technology must enable interventions to be electronically triggered:

(1) Based on the data referenced in paragraphs (a)(8)(i)(A) through (F) of this section.

(2) When a patient's medications, medication allergies, and problems are incorporated from a transition of care/referral summary received pursuant to paragraph (b)(1)(iii) of this section.

(3) Ambulatory setting only. When a patient's laboratory tests and values/results are incorporated pursuant to paragraph (b)(5)(i)(A)(1) of this section.

(iv) Automatically and electronically interact. Interventions triggered in accordance with paragraphs (a)(8)(i) through (iii) of this section must automatically and electronically occur when a user is interacting with EHR technology.

(v) Source attributes. Enable a user to review the attributes as indicated for all clinical decision support resources:

(A) For evidence-based decision support interventions under paragraph (a)(8)(i) of this section:

(1) Bibliographic citation of the intervention (clinical research/guideline);

(2) Developer of the intervention (translation from clinical research/guideline);

(3) Funding source of the intervention development technical implementation; and

(4) Release and, if applicable, revision date(s) of the intervention or reference source.

(B) For linked referential clinical decision support in paragraph (a)(8)(ii) of this section and drug-drug, drug-allergy interaction checks in paragraph(a)(2) of this section, the developer of the intervention, and where clinically indicated, the bibliographic citation of the intervention (clinical research/guideline).

(9) Electronic notes. Enable a user to electronically record, change, access, and search electronic notes.

(10) Drug-formulary checks. EHR technology must automatically and electronically check whether a drug formulary (or preferred drug list) exists for a given patient and medication.

(11) Smoking status. Enable a user to electronically record, change, and access the smoking status of a patient in accordance with the standard specified at §170.207(h).

(12) Image results. Electronically indicate to a user the availability of a patient's images and narrative interpretations (relating to the radiographic or other diagnostic test(s)) and enable electronic access to such images and narrative interpretations.

(13) Family health history. Enable a user to electronically record, change, and access a patient's family health history according to:

(i) At a minimum, the version of the standard specified in §170.207(a)(3); or

(ii) The standard specified in §170.207(j).

(14) Patient list creation. Enable a user to electronically and dynamically select, sort, access, and create patient lists by: date and time; and based on each one and at least one combination of the following data:

(i) Problems;

(ii) Medications;

(iii) Medication allergies;

(iv) Demographics;

(v) Laboratory tests and values/results; and

(vi) Ambulatory setting only. Patient communication preferences.

(15) Patient-specific education resources. EHR technology must be able to electronically identify for a user patient-specific education resources based on data included in the patient's problem list, medication list, and laboratory tests and values/results:

(i) In accordance with the standard specified at §170.204(b) and the implementation specifications at §170.204(b)(1) or (2); and

(ii) By any means other than the method specified in paragraph (a)(15)(i) of this section.

(16) Inpatient setting only—electronic medication administration record. (i) In combination with an assistive technology that provides automated information on the “rights” specified in paragraphs (a)(16)(i)(A) through (E) of this section, enable a user to electronically verify the following before administering medication(s):

(A) Right patient. The patient to whom the medication is to be administered matches the medication to be administered.

(B) Right medication. The medication to be administered matches the medication ordered for the patient.

(C) Right dose. The dose of the medication to be administered matches the dose of the medication ordered for the patient.

(D) Right route. The route of medication delivery matches the route specified in the medication order.

(E) Right time. The time that the medication was ordered to be administered compared to the current time.

(ii) Right documentation. Electronically record the time and date in accordance with the standard specified in §170.210(g), and user identification when a medication is administered.

(17) Inpatient setting only—advance directives. Enable a user to electronically record whether a patient has an advance directive.

(b) Care coordination—(1) Transitions of care—receive, display, and incorporate transition of care/referral summaries. (i) Receive. EHR technology must be able to electronically receive transition of care/referral summaries in accordance with:

(A) The standard specified in §170.202(a).

(B) Optional. The standards specified in §170.202(a) and (b).

(C) Optional. The standards specified in §170.202(b) and (c).

(ii) Display. EHR technology must be able to electronically display in human readable format the data included in transition of care/referral summaries received and formatted according to any of the following standards (and applicable implementation specifications) specified in: §170.205(a)(1), §170.205(a)(2), and §170.205(a)(3).

(iii) Incorporate. Upon receipt of a transition of care/referral summary formatted according to the standard adopted at §170.205(a)(3), EHR technology must be able to:

(A) Correct patient. Demonstrate that the transition of care/referral summary received is or can be properly matched to the correct patient.

(B) Data incorporation. Electronically incorporate the following data expressed according to the specified standard(s):

(1) Medications. At a minimum, the version of the standard specified in §170.207(d)(2);

(2) Problems. At a minimum, the version of the standard specified in §170.207(a)(3);

(3) Medication allergies. At a minimum, the version of the standard specified in §170.207(d)(2).

(C) Section views. Extract and allow for individual display each additional section or sections (and the accompanying document header information) that were included in a transition of care/referral summary received and formatted in accordance with the standard adopted at §170.205(a)(3).

(2) Transitions of care—create and transmit transition of care/referral summaries. (i) Create. Enable a user to electronically create a transition of care/referral summary formatted according to the standard adopted at §170.205(a)(3) that includes, at a minimum, the Common MU Data Set and the following data expressed, where applicable, according to the specified standard(s):

(A) Encounter diagnoses. The standard specified in §170.207(i) or, at a minimum, the version of the standard specified §170.207(a)(3);

(B) Immunizations. The standard specified in §170.207(e)(2);

(C) Cognitive status;

(D) Functional status; and

(E) Ambulatory setting only. The reason for referral; and referring or transitioning provider's name and office contact information.

(F) Inpatient setting only. Discharge instructions.

(ii) Transmit. Enable a user to electronically transmit the transition of care/referral summary created in paragraph (b)(2)(i) of this section in accordance with:

(A) The standard specified in §170.202(a).

(B) Optional. The standards specified in §170.202(a) and (b).

(C) Optional. The standards specified in §170.202(b) and (c).

(3) Electronic prescribing. Enable a user to electronically create prescriptions and prescription-related information for electronic transmission in accordance with:

(i) The standard specified in §170.205(b)(2); and

(ii) At a minimum, the version of the standard specified in §170.207(d)(2).

(4) Clinical information reconciliation. Enable a user to electronically reconcile the data that represent a patient's active medication, problem, and medication allergy list as follows. For each list type:

(i) Electronically and simultaneously display (i.e., in a single view) the data from at least two list sources in a manner that allows a user to view the data and their attributes, which must include, at a minimum, the source and last modification date.

(ii) Enable a user to create a single reconciled list of medications, medication allergies, or problems.

(iii) Enable a user to review and validate the accuracy of a final set of data and, upon a user's confirmation, automatically update the list.

(5) Incorporate laboratory tests and values/results. (i) Receive results. (A) Ambulatory setting only. (1) Electronically receive and incorporate clinical laboratory tests and values/results in accordance with the standard specified in §170.205(j) and, at a minimum, the version of the standard specified in §170.207(c)(2).

(2) Electronically display the tests and values/results received in human readable format.

(B) Inpatient setting only. Electronically receive clinical laboratory tests and values/results in a structured format and electronically display such tests and values/results in human readable format.

(ii) Electronically display all the information for a test report specified at 42 CFR 493.1291(c)(1) through (7).

(iii) Electronically attribute, associate, or link a laboratory test and value/result with a laboratory order or patient record.

(6) Inpatient setting only—transmission of electronic laboratory tests and values/results to ambulatory providers. EHR technology must be able to electronically create laboratory test reports for electronic transmission in accordance with the standard specified in §170.205(j) and with laboratory tests expressed in accordance with, at a minimum, the version of the standard specified in §170.207(c)(2).

(7) Data portability. Enable a user to electronically create a set of export summaries for all patients in EHR technology formatted according to the standard adopted at §170.205(a)(3) that represents the most current clinical information about each patient and includes, at a minimum, the Common MU Data Set and the following data expressed, where applicable, according to the specified standard(s):

(i) Encounter diagnoses. The standard specified in §170.207(i) or, at a minimum, the version of the standard at §170.207(a)(3);

(ii) Immunizations. The standard specified in §170.207(e)(2);

(iii) Cognitive status;

(iv) Functional status; and

(v) Ambulatory setting only. The reason for referral; and referring or transitioning provider's name and office contact information.

(vi) Inpatient setting only. Discharge instructions.

(c) Clinical quality measures—(1) Clinical Quality Measures—capture and export. (i) Capture. For each and every CQM for which the EHR technology is presented for certification, EHR technology must be able to electronically record all of the data identified in the standard specified at §170.204(c) that would be necessary to calculate each CQM. Data required for CQM exclusions or exceptions must be codified entries, which may include specific terms as defined by each CQM, or may include codified expressions of “patient reason,” “system reason,” or “medical reason.”

(ii) Export. EHR technology must be able to electronically export a data file formatted in accordance with the standards specified at §170.205(h) that includes all of the data captured for each and every CQM to which EHR technology was certified under paragraph (c)(1)(i) of this section.

(2) Clinical quality measures—import and calculate. (i) Import. EHR technology must be able to electronically import a data file formatted in accordance with the standard specified at §170.205(h) and use such data to perform the capability specified in paragraph (c)(2)(ii) of this section. EHR technology presented for certification to all three of the certification criteria adopted in paragraphs (c)(1) through (3) of this section is not required to meet paragraph (c)(2)(i).

(ii) Calculate. EHR technology must be able to electronically calculate each and every clinical quality measure for which it is presented for certification.

(3) Clinical quality measures—electronic submission. Enable a user to electronically create a data file for transmission of clinical quality measurement data:

(i) In accordance with the standards specified at §170.205(h) and (k); and

(ii) That can be electronically accepted by CMS.

(d) Privacy and security—(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and

(ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.

(2) Auditable events and tamper-resistance. (i) Record actions. EHR technology must be able to:

(A) Record actions related to electronic health information in accordance with the standard specified in §170.210(e)(1);

(B) Record the audit log status (enabled or disabled) in accordance with the standard specified in §170.210(e)(2) unless it cannot be disabled by any user; and

(C) Record the encryption status (enabled or disabled) of electronic health information locally stored on end-user devices by EHR technology in accordance with the standard specified in §170.210(e)(3) unless the EHR technology prevents electronic health information from being locally stored on end-user devices (see 170.314(d)(7) of this section).

(ii) Default setting. EHR technology must be set by default to perform the capabilities specified in paragraph (d)(2)(i)(A) of this section and, where applicable, paragraphs (d)(2)(i)(B) or (C), or both paragraphs (d)(2)(i)(B) and (C).

(iii) When disabling the audit log is permitted. For each capability specified in paragraphs (d)(2)(i)(A) through (C) of this section that EHR technology permits to be disabled, the ability to do so must be restricted to a limited set of identified users.

(iv) Audit log protection. Actions and statuses recorded in accordance with paragraph (d)(2)(i) of this section must not be capable of being changed, overwritten, or deleted by the EHR technology.

(v) Detection. EHR technology must be able to detect whether the audit log has been altered.

(3) Audit report(s). Enable a user to create an audit report for a specific time period and to sort entries in the audit log according to each of the data specified in the standards at §170.210(e).

(4) Amendments. Enable a user to electronically select the record affected by a patient's request for amendment and perform the capabilities specified in paragraphs (d)(4)(i) or (ii) of this section.

(i) Accepted amendment. For an accepted amendment, append the amendment to the affected record or include a link that indicates the amendment's location.

(ii) Denied amendment. For a denied amendment, at a minimum, append the request and denial of the request to the affected record or include a link that indicates this information's location.

(5) Automatic log-off. Prevent a user from gaining further access to an electronic session after a predetermined time of inactivity.

(6) Emergency access. Permit an identified set of users to access electronic health information during an emergency.

(7) End-user device encryption. Paragraph (d)(7)(i) or (ii) of this section must be met to satisfy this certification criterion.

(i) EHR technology that is designed to locally store electronic health information on end-user devices must encrypt the electronic health information stored on such devices after use of EHR technology on those devices stops.

(A) Electronic health information that is stored must be encrypted in accordance with the standard specified in §170.210(a)(1).

(B) Default setting. EHR technology must be set by default to perform this capability and, unless this configuration cannot be disabled by any user, the ability to change the configuration must be restricted to a limited set of identified users.

(ii) EHR technology is designed to prevent electronic health information from being locally stored on end-user devices after use of EHR technology on those devices stops.

(8) Integrity. (i) Create a message digest in accordance with the standard specified in §170.210(c).

(ii) Verify in accordance with the standard specified in §170.210(c) upon receipt of electronically exchanged health information that such information has not been altered.

(9) Optional—accounting of disclosures. Record disclosures made for treatment, payment, and health care operations in accordance with the standard specified in §170.210(d).

(e) Patient engagement—(1) View, download, and transmit to 3rd party. (i) EHR technology must provide patients (and their authorized representatives) with an online means to view, download, and transmit to a 3rd party the data specified below. Access to these capabilities must be through a secure channel that ensures all content is encrypted and integrity-protected in accordance with the standard for encryption and hashing algorithms specified at §170.210(f).

(A) View. Electronically view in accordance with the standard adopted at §170.204(a), at a minimum, the following data:

(1) The Common MU Data Set (which should be in their English (i.e., non-coded) representation if they associate with a vocabulary/code set).

(2) Ambulatory setting only. Provider's name and office contact information.

(3) Inpatient setting only. Admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.

(B) Download. (1) Electronically download an ambulatory summary or inpatient summary (as applicable to the EHR technology setting for which certification is requested) in human readable format or formatted according to the standard adopted at §170.205(a)(3) that includes, at a minimum, the following data (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set):

(i) Ambulatory setting only. All of the data specified in paragraph (e)(1)(i)(A)(1) and (2) of this section.

(ii) Inpatient setting only. All of the data specified in paragraphs (e)(1)(i)(A)(1) and (3) of this section.

(2) Inpatient setting only. Electronically download transition of care/referral summaries that were created as a result of a transition of care (pursuant to the capability expressed in the certification criterion adopted at paragraph (b)(2) of this section).

(C) Transmit to third party. (1) Electronically transmit the ambulatory summary or inpatient summary (as applicable to the EHR technology setting for which certification is requested) created in paragraph (e)(1)(i)(B)(1) of this section in accordance with the standard specified in §170.202(a).

(2) Inpatient setting only. Electronically transmit transition of care/referral summaries (as a result of a transition of care/referral) selected by the patient (or their authorized representative) in accordance with the standard specified in §170.202(a).

(ii) Activity history log. (A) When electronic health information is viewed, downloaded, or transmitted to a third-party using the capabilities included in paragraphs (e)(1)(i)(A) through (C) of this section, the following information must be recorded and made accessible to the patient:

(1) The action(s) (i.e., view, download, transmission) that occurred;

(2) The date and time each action occurred in accordance with the standard specified at §170.210(g); and

(3) The user who took the action.

(B) EHR technology presented for certification may demonstrate compliance with paragraph (e)(1)(ii)(A) of this section if it is also certified to the certification criterion adopted at §170.314(d)(2) and the information required to be recorded in paragraph (e)(1)(ii)(A) is accessible by the patient.

(2) Ambulatory setting only—clinical summary. (i) Create. Enable a user to create a clinical summary for a patient in human readable format and formatted according to the standards adopted at §170.205(a)(3).

(ii) Customization. Enable a user to customize the data included in the clinical summary.

(iii) Minimum data from which to select. EHR technology must permit a user to select, at a minimum, the following data when creating a clinical summary:

(A) Common MU Data Set (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set)

(B) The provider's name and office contact information; date and location of visit; reason for visit; immunizations and/or medications administered during the visit; diagnostic tests pending; clinical instructions; future appointments; referrals to other providers; future scheduled tests; and recommended patient decision aids.

(3) Ambulatory setting only—secure messaging. Enable a user to electronically send messages to, and receive messages from, a patient in a manner that ensures:

(i) Both the patient (or authorized representative) and EHR technology user are authenticated; and

(ii) The message content is encrypted and integrity-protected in accordance with the standard for encryption and hashing algorithms specified at §170.210(f).

(f) Public health—(1) Immunization information. Enable a user to electronically record, change, and access immunization information.

(2) Transmission to immunization registries. EHR technology must be able to electronically create immunization information for electronic transmission in accordance with:

(i) The standard and applicable implementation specifications specified in §170.205(e)(3); and

(ii) At a minimum, the version of the standard specified in §170.207(e)(2).

(3) Transmission to public health agencies—syndromic surveillance. EHR technology must be able to electronically create syndrome-based public health surveillance information for electronic transmission in accordance with:

(i) Ambulatory setting only. (A) The standard specified in §170.205(d)(2). (B) Optional. The standard (and applicable implementation specifications) specified in §170.205(d)(3).

(ii) Inpatient setting only. The standard (and applicable implementation specifications) specified in §170.205(d)(3).

(4) Inpatient setting only—transmission of reportable laboratory tests and values/results. EHR technology must be able to electronically create reportable laboratory tests and values/results for electronic transmission in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(g); and

(ii) At a minimum, the versions of the standards specified in §170.207(a)(3) and (c)(2).

(5) Optional—ambulatory setting only—cancer case information. Enable a user to electronically record, change, and access cancer case information.

(6) Optional—ambulatory setting only—transmission to cancer registries. EHR technology must be able to electronically create cancer case information for electronic transmission in accordance with:

(i) The standard (and applicable implementation specifications) specified in §170.205(i); and

(ii) At a minimum, the versions of the standards specified in §170.207(a)(3) and (c)(2).

(g) Utilization—(1) Automated numerator recording. For each meaningful use objective with a percentage-based measure, EHR technology must be able to create a report or file that enables a user to review the patients or actions that would make the patient or action eligible to be included in the measure's numerator. The information in the report or file created must be of sufficient detail such that it enables a user to match those patients or actions to meet the measure's denominator limitations when necessary to generate an accurate percentage.

(2) Automated measure calculation. For each meaningful use objective with a percentage-based measure that is supported by a capability included in an EHR technology, electronically record the numerator and denominator and create a report including the numerator, denominator, and resulting percentage associated with each applicable meaningful use measure.

(3) Safety-enhanced design. User-centered design processes must be applied to each capability an EHR technology includes that is specified in the following certification criteria: §170.314(a)(1), (2), (6) through (8), and (16) and (b)(3) and (4).

(4) Quality management system. For each capability that an EHR technology includes and for which that capability's certification is sought, the use of a Quality Management System (QMS) in the development, testing, implementation and maintenance of that capability must be identified.

(i) If a single QMS was used for applicable capabilities, it would only need to be identified once.

(ii) If different QMS were applied to specific capabilities, each QMS applied would need to be identified. This would include the application of a QMS to some capabilities and none to others.

(iii) If no QMS was applied to all applicable capabilities such a response is acceptable to satisfy this certification criterion.

[77 FR 54287, Sept. 4, 2012]

Subpart D—Temporary Certification Program for HIT

Source: 75 FR 36203, June 24, 2010, unless otherwise noted.

§170.400   Basis and scope.

This subpart implements section 3001(c)(5) of the Public Health Service Act, and sets forth the rules and procedures related to the temporary certification program for health information technology administered by the National Coordinator for Health Information Technology.

§170.401   Applicability.

This subpart establishes the processes that applicants for ONC-ATCB status must follow to be granted ONC-ATCB status by the National Coordinator, the processes the National Coordinator will follow when assessing applicants and granting ONC-ATCB status, the requirements that ONC-ATCBs must follow to remain in good standing, and the requirements of ONC-ATCBs for testing and certifying Complete EHRs and/or EHR Modules in accordance with the applicable certification criteria adopted by the Secretary in subpart C of this part.

§170.402   Definitions.

For the purposes of this subpart:

Applicant means a single organization or a consortium of organizations that seeks to become an ONC-ATCB by requesting and subsequently submitting an application for ONC-ATCB status to the National Coordinator.

Deployment site means the physical location where a Complete EHR or EHR Module resides or is being or has been implemented.

Development site means the physical location where a Complete EHR or EHR Module was developed.

ONC-ATCB or ONC-Authorized Testing and Certification Body means an organization or a consortium of organizations that has applied to and been authorized by the National Coordinator pursuant to this subpart to perform the testing and certification of Complete EHRs and/or EHR Modules under the temporary certification program.

Remote testing and certification means the use of methods, including the use of web-based tools or secured electronic transmissions, that do not require an ONC-ATCB to be physically present at the development or deployment site to conduct testing and certification.

§170.405   Correspondence.

(a) Correspondence and communication with the National Coordinator shall be conducted by e-mail, unless otherwise necessary. The official date of receipt of any e-mail between the National Coordinator and an applicant for ONC-ATCB status or an ONC-ATCB is the day the e-mail was sent.

(b) In circumstances where it is necessary for an applicant for ONC-ATCB status or an ONC-ATCB to correspond or communicate with the National Coordinator by regular or express mail, the official date of receipt will be the date of the delivery confirmation.

§170.410   Types of testing and certification.

Applicants may seek authorization from the National Coordinator to perform the following types of testing and certification:

(a) Complete EHR testing and certification; and/or

(b) EHR Module testing and certification.

§170.415   Application prerequisite.

Applicants must request in writing an application for ONC-ATCB status from the National Coordinator. Applicants must indicate:

(a) The type of authorization sought pursuant to §170.410; and

(b) If seeking authorization to perform EHR Module testing and certification, the specific type(s) of EHR Module(s) they seek authorization to test and certify. If qualified, applicants will only be granted authorization to test and certify the types of EHR Modules for which they seek authorization.

§170.420   Application.

The application for ONC-ATCB status consists of two parts. Applicants must complete both parts of the application in their entirety and submit them to the National Coordinator for the application to be considered complete.

(a) Part 1. An applicant must provide all of the following:

(1) General identifying information including:

(i) Name, address, city, state, zip code, and Web site of applicant; and

(ii) Designation of an authorized representative, including name, title, phone number, and e-mail address of the person who will serve as the applicant's point of contact.

(2) Documentation of the completion and results of a self-audit against all sections of ISO/IEC Guide 65:1996 (incorporated by reference in §170.499), and the following:

(i) A description of the applicant's management structure according to section 4.2 of ISO/IEC Guide 65:1996;

(ii) A copy of the applicant's quality manual that has been developed according to section 4.5.3 of ISO/IEC Guide 65:1996;

(iii) A copy of the applicant's policies and approach to confidentiality according to section 4.10 of ISO/IEC Guide 65:1996;

(iv) A copy of the qualifications of each of the applicant's personnel who oversee or perform certification according to section 5.2 of ISO/IEC Guide 65:1996;

(v) A copy of the applicant's evaluation reporting procedures according to section 11 of ISO/IEC Guide 65:1996; and

(vi) A copy of the applicant's policies for use and display of certificates according to section 14 of ISO/IEC Guide 65:1996.

(3) Documentation of the completion and results of a self-audit against all sections of ISO/IEC 17025:2005 (incorporated by reference in §170.499), and the following:

(i) A copy of the applicant's quality system document according to section 4.2.2 of ISO/IEC 17025:2005;

(ii) A copy of the applicant's policies and procedures for handling testing nonconformities according to section 4.9.1 of ISO/IEC 17025:2005; and

(iii) The qualifications of each of the applicant's personnel who oversee or conduct testing according to section 5.2 of ISO/IEC 17025:2005.

(4) An agreement, properly executed by the applicant's authorized representative, that it will adhere to the Principles of Proper Conduct for ONC-ATCBs.

(b) Part 2. An applicant must submit a completed proficiency examination.

§170.423   Principles of proper conduct for ONC-ATCBs.

An ONC-ATCB shall:

(a) Operate its certification program in accordance with ISO/IEC Guide 65:1996 (incorporated by reference in §170.499) and testing program in accordance with ISO/IEC 17025:2005 (incorporated by reference in §170.499);

(b) Maintain an effective quality management system which addresses all requirements of ISO/IEC 17025:2005 (incorporated by reference in §170.499);

(c) Attend all mandatory ONC training and program update sessions;

(d) Maintain a training program that includes documented procedures and training requirements to ensure its personnel are competent to test and certify Complete EHRs and/or EHR Modules;

(e) Use test tools and test procedures approved by the National Coordinator for the purposes of assessing Complete EHRs and/or EHR Modules compliance with the certification criteria adopted by the Secretary;

(f) Report to ONC within 15 days any changes that materially affect its:

(1) Legal, commercial, organizational, or ownership status;

(2) Organization and management, including key testing and certification personnel;

(3) Policies or procedures;

(4) Location;

(5) Facilities, working environment or other resources;

(6) ONC authorized representative (point of contact); or

(7) Other such matters that may otherwise materially affect its ability to test and certify Complete EHRs and/or EHR Modules;

(g) Allow ONC, or its authorized agents(s), to periodically observe on site (unannounced or scheduled) during normal business hours, any testing and/or certification performed to demonstrate compliance with the requirements of the temporary certification program;

(h) Provide ONC, no less frequently than weekly, a current list of Complete EHRs and/or EHR Modules that have been tested and certified which includes, at a minimum:

(1) The vendor name (if applicable);

(2) The date certified;

(3) The product version;

(4) The unique certification number or other specific product identification;

(5) The clinical quality measures to which a Complete EHR or EHR Module has been tested and certified;

(6) Where applicable, any additional software a Complete EHR or EHR Module relied upon to demonstrate its compliance with a certification criterion or criteria adopted by the Secretary; and

(7) Where applicable, the certification criterion or criteria to which each EHR Module has been tested and certified.

(i) Retain all records related to tests and certifications according to ISO/IEC Guide 65:1996 (incorporated by reference in §170.499) and ISO/IEC 17025:2005 (incorporated by reference in §170.499) for the duration of the temporary certification program and provide copies of the final results of all completed tests and certifications to ONC at the conclusion of testing and certification activities under the temporary certification program;

(j) Promptly refund any and all fees received for:

(1) Requests for testing and certification that are withdrawn while its operations are suspended by the National Coordinator;

(2) Testing and certification that will not be completed as a result of its conduct; and

(3) Previous testing and certification that it performed if its conduct necessitates the recertification of Complete EHRs and/or EHR Modules;

(k) Ensure adherence to the following requirements when issuing a certification to Complete EHRs and/or EHR Modules:

(1) All certifications must require that a Complete EHR or EHR Module developer conspicuously include the following text on its Web site and in all marketing materials, communications statements, and other assertions related to the Complete EHR or EHR Module's certification:

(i) “This [Complete EHR or EHR Module] is 201[X]/201[X] compliant and has been certified by an ONC-ATCB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services or guarantee the receipt of incentive payments.”; and

(ii) The information an ONC-ATCB is required to report to the National Coordinator under paragraph (h) of this section for the specific Complete EHR or EHR Module at issue;

(2) A certification issued to an integrated bundle of EHR Modules shall be treated the same as a certification issued to a Complete EHR for the purposes of paragraph (k)(1) of this section except that it must also indicate each EHR Module that comprises the bundle; and

(3) A certification issued to a Complete EHR or EHR Module based on applicable certification criteria adopted by the Secretary at subpart C of this part must be separate and distinct from any other certification(s) based on other criteria or requirements.

§170.425   Application submission.

(a) An applicant for ONC-ATCB status must submit its application either electronically via e-mail (or web submission if available), or by regular or express mail.

(b) An application for ONC-ATCB status may be submitted to the National Coordinator at any time during the existence of the temporary certification program.

§170.430   Review of application.

(a) Method of review and review timeframe. (1) Applications will be reviewed in the order they are received.

(2) The National Coordinator will review Part 1 of the application in its entirety and determine whether Part 1 of the application is complete and satisfactory before proceeding to review Part 2 of the application in its entirety.

(3) The National Coordinator is permitted up to 30 days to review an application (submitted for the first time) upon receipt.

(b) Application deficiencies.

(1) If the National Coordinator identifies an area in an application that requires the applicant to clarify a statement or correct an error or omission, the National Coordinator may contact the applicant to make such clarification or correction without issuing a deficiency notice. If the National Coordinator has not received the requested information after five days, the applicant may be issued a deficiency notice specifying the error, omission, or deficient statement.

(2) If the National Coordinator determines that deficiencies in either part of the application exist, the National Coordinator will issue a deficiency notice to the applicant and return the application. The deficiency notice will identify the areas of the application that require additional information or correction.

(c) Revised application.

(1) An applicant is permitted to submit a revised application in response to a deficiency notice. An applicant may request an extension for good cause from the National Coordinator of the 15-day period provided in paragraph (c)(2) of this section to submit a revised application.

(2) In order to continue to be considered for ONC-ATCB status, an applicant's revised application must address the specified deficiencies and be received by the National Coordinator within 15 days of the applicant's receipt of the deficiency notice unless the National Coordinator grants an applicant's request for an extension of the 15-day period based on a finding of good cause. If a good cause extension is granted, then the revised application must be received by the end of the extension period.

(3) The National Coordinator is permitted up to 15 days to review a revised application once it has been received and may request clarification of statements and the correction of errors or omissions in a revised application during this time period.

(4) If the National Coordinator determines that a revised application still contains deficiencies, the applicant will be issued a denial notice indicating that the applicant will no longer be considered for authorization under the temporary certification program. An applicant may request reconsideration of a denial in accordance with §170.435.

(d) Satisfactory application. (1) An application will be deemed satisfactory if it meets all application requirements, including a passing score on the proficiency examination.

(2) The National Coordinator will notify the applicant's authorized representative of its satisfactory application and its successful achievement of ONC-ATCB status.

(3) Once notified by the National Coordinator of its successful achievement of ONC-ATCB status, the applicant may represent itself as an ONC-ATCB and begin testing and certifying Complete EHRs and/or EHR Modules consistent with its authorization.

§170.435   ONC-ATCB application reconsideration.

(a) An applicant may request that the National Coordinator reconsider a denial notice issued for each part of an application only if the applicant can demonstrate that clear, factual errors were made in the review of the applicable part of the application and that the errors' correction could lead to the applicant obtaining ONC-ATCB status.

(b) Submission requirement. An applicant is required to submit, within 15 days of receipt of a denial notice, a written statement to the National Coordinator contesting the decision to deny its application and explaining with sufficient documentation what factual errors it believes can account for the denial. If the National Coordinator does not receive the applicant's submission within the specified timeframe, its reconsideration request may be rejected.

(c) Reconsideration request review. If the National Coordinator receives a timely reconsideration request, the National Coordinator is permitted up to 15 days from the date of receipt to review the information submitted by the applicant and issue a decision.

(d) Decision. (1) If the National Coordinator determines that clear, factual errors were made during the review of the application and that correction of the errors would remove all identified deficiencies, the applicant's authorized representative will be notified of the National Coordinator's decision to reverse the previous decision(s) not to approve part of the applicant's application or the entire application.

(i) If the National Coordinator's decision to reverse the previous decision(s) affected part 1 of an application, the National Coordinator will subsequently review part 2 of the application.

(ii) If the National Coordinator's decision to reverse the previous decision(s) affected part 2 of an application, the applicant's authorized representative will be notified of the National Coordinator's decision as well as the applicant's successful achievement of ONC-ATCB status.

(2) If, after reviewing an applicant's reconsideration request, the National Coordinator determines that the applicant did not identify any factual errors or that correction of those factual errors would not remove all identified deficiencies in the application, the National Coordinator may reject the applicant's reconsideration request.

(3) Final decision. A reconsideration decision issued by the National Coordinator is final and not subject to further review.

§170.440   ONC-ATCB status.

(a) Acknowledgement and publication. The National Coordinator will acknowledge and make publicly available the names of ONC-ATCBs, including the date each was authorized and the type(s) of testing and certification each has been authorized to perform.

(b) Representation. Each ONC-ATCB must prominently and unambiguously identify the scope of its authorization on its Web site, and in all marketing and communications statements (written and oral) pertaining to its activities under the temporary certification program.

(c) Renewal. ONC-ATCB status does not need to be renewed during the temporary certification program.

(d) Expiration. The status of all ONC-ATCBs will expire upon the sunset of the temporary certification program in accordance with §170.490.

§170.445   Complete EHR testing and certification.

(a) An ONC-ATCB must test and certify Complete EHRs to all applicable certification criteria adopted by the Secretary at subpart C of this part.

(b) An ONC-ATCB must provide the option for a Complete EHR to be tested and certified solely to the applicable certification criteria adopted by the Secretary at subpart C of this part.

(c) Inherited certified status. An ONC-ATCB must accept requests for a newer version of a previously certified Complete EHR to inherit the previously certified Complete EHR's certified status without requiring the newer version to be retested and recertified.

(1) Before granting certified status to a newer version of a previously certified Complete EHR, an ONC-ATCB must review an attestation submitted by the developer of the Complete EHR to determine whether the newer version has adversely affected any previously certified capabilities.

(2) An ONC-ATCB may grant certified status to a newer version of a previously certified Complete EHR if it determines that previously certified capabilities have not been adversely affected.

(d) An ONC-ATCB that has been authorized to test and certify Complete EHRs is also authorized to test and certify all EHR Modules under the temporary certification program.

§170.450   EHR module testing and certification.

(a) When testing and certifying EHR Modules, an ONC-ATCB must test and certify in accordance with the applicable certification criterion or certification criteria adopted by the Secretary at subpart C of this part.

(b) An ONC-ATCB must provide the option for an EHR Module or a bundle of EHR Modules to be tested and certified solely to the applicable certification criteria adopted by the Secretary at subpart C of this part.

(c) Privacy and security testing and certification. EHR Modules shall be tested and certified to all privacy and security certification criteria adopted by the Secretary unless the EHR Module(s) is/are presented for testing and certification in one of the following manners:

(1) The EHR Module(s) is/are presented for testing and certification as a pre-coordinated, integrated bundle of EHR Modules, which would otherwise meet the definition of and constitute a Complete EHR (as defined in 45 CFR 170.102), and one or more of the constituent EHR Modules is/are demonstrably responsible for providing all of the privacy and security capabilities for the entire bundle of EHR Module(s); or

(2) An EHR Module is presented for testing and certification, and the presenter can demonstrate and provide documentation to the ONC-ATCB that a privacy and security certification criterion is inapplicable or that it would be technically infeasible for the EHR Module to be tested and certified in accordance with such certification criterion.

(d) Inherited certified status. An ONC-ATCB must accept requests for a newer version of a previously certified EHR Module or bundle of EHR Modules to inherit the previously certified EHR Module's or bundle of EHR Modules certified status without requiring the newer version to be retested and recertified.

(1) Before granting certified status to a newer version of a previously certified EHR Module or bundle of EHR Modules, an ONC-ATCB must review an attestation submitted by the developer of the EHR Module or presenter of the bundle of EHR Modules to determine whether the newer version has adversely affected any previously certified capabilities.

(2) An ONC-ATCB may grant certified status to a newer version of a previously certified EHR Module or bundle of EHR Modules if it determines that previously certified capabilities have not been adversely affected.

§170.455   Testing and certification to newer versions of certain standards.

(a) ONC-ATCBs may test and certify Complete EHRs and EHR Module to a newer version of certain identified minimum standards specified at subpart B of this part if the Secretary has accepted a newer version of an adopted minimum standard.

(b) Applicability of an accepted new version of an adopted minimum standard.

(1) ONC-ATCBs are not required to test and certify Complete EHRs and/or EHR Modules according to newer versions of an adopted minimum standard accepted by the Secretary until the incorporation by reference provision of the adopted version is updated in the Federal Register with a newer version.

(2) Certified EHR Technology may be upgraded to comply with newer versions of an adopted minimum standard accepted by the Secretary without adversely affecting the certification status of the Certified EHR Technology.

§170.457   Authorized testing and certification methods.

An ONC-ATCB must provide remote testing and certification for both development and deployment sites.

§170.460   Good standing as an ONC-ATCB.

An ONC-ATCB must maintain good standing by:

(a) Adhering to the Principles of Proper Conduct for ONC-ATCBs;

(b) Refraining from engaging in other types of inappropriate behavior, including an ONC-ATCB misrepresenting the scope of its authorization as well as an ONC-ATCB testing and certifying Complete EHRs and/or EHR Modules for which it does not have authorization; and

(c) Following all other applicable Federal and state laws.

§170.465   Revocation of authorized testing and certification body status.

(a) Type-1 violations. The National Coordinator may revoke an ONC-ATCB's status for committing a Type-1 violation. Type-1 violations include violations of law or temporary certification program policies that threaten or significantly undermine the integrity of the temporary certification program. These violations include, but are not limited to: False, fraudulent, or abusive activities that affect the temporary certification program, a program administered by HHS or any program administered by the Federal government.

(b) Type-2 violations. The National Coordinator may revoke an ONC-ATCB's status for failing to timely or adequately correct a Type-2 violation. Type-2 violations constitute noncompliance with §170.460.

(1) Noncompliance notification. If the National Coordinator obtains reliable evidence that an ONC-ATCB may no longer be in compliance with §170.460, the National Coordinator will issue a noncompliance notification with reasons for the notification to the ONC-ATCB requesting that the ONC-ATCB respond to the alleged violation and correct the violation, if applicable.

(2) Opportunity to become compliant. After receipt of a noncompliance notification, an ONC-ATCB is permitted up to 30 days to submit a written response and accompanying documentation that demonstrates that no violation occurred or that the alleged violation has been corrected.

(i) If the ONC-ATCB submits a response, the National Coordinator is permitted up to 30 days from the time the response is received to evaluate the response and reach a decision. The National Coordinator may, if necessary, request additional information from the ONC-ATCB during this time period.

(ii) If the National Coordinator determines that no violation occurred or that the violation has been sufficiently corrected, the National Coordinator will issue a memo to the ONC-ATCB confirming this determination.

(iii) If the National Coordinator determines that the ONC-ATCB failed to demonstrate that no violation occurred or to correct the area(s) of non-compliance identified under paragraph (b)(1) of this section within 30 days of receipt of the noncompliance notification, then the National Coordinator may propose to revoke the ONC-ATCB's status.

(c) Proposed revocation. (1) The National Coordinator may propose to revoke an ONC-ATCB's status if the National Coordinator has reliable evidence that the ONC-ATCB committed a Type-1 violation; or

(2) The National Coordinator may propose to revoke an ONC-ATCB's status if, after the ONC-ATCB has been notified of a Type-2 violation, the ONC-ATCB fails to:

(i) To rebut the finding of a violation with sufficient evidence showing that the violation did not occur or that the violation has been corrected; or

(ii) Submit to the National Coordinator a written response to the noncompliance notification within the specified timeframe under paragraph (b)(2).

(d) Suspension of an ONC-ATCB's operations. (1) The National Coordinator may suspend the operations of an ONC-ATCB under the temporary certification program based on reliable evidence indicating that:

(i) The ONC-ATCB committed a Type-1 or Type-2 violation; and

(ii) The continued testing and certification of Complete EHRs and/or EHR Modules by the ONC-ATCB could have an adverse impact on the health or safety of patients.

(2) If the National Coordinator determines that the conditions of paragraph (d)(1) have been met, an ONC-ATCB will be issued a notice of proposed suspension.

(3) Upon receipt of a notice of proposed suspension, an ONC-ATCB will be permitted up to 3 days to submit a written response to the National Coordinator explaining why its operations should not be suspended.

(4) The National Coordinator is permitted up to 5 days from receipt of an ONC-ATCB's written response to a notice of proposed suspension to review the response and make a determination.

(5) The National Coordinator may make one of the following determinations in response to the ONC-ATCB's written response or if the ONC-ATCB fails to submit a written response within the timeframe specified in paragraph (d)(3):

(i) Rescind the proposed suspension; or

(ii) Suspend the ONC-ATCB's operations until it has adequately corrected a Type-2 violation; or

(iii) Propose revocation in accordance with §170.465(c) and suspend the ONC-ATCB's operations for the duration of the revocation process.

(6) A suspension will become effective upon an ONC-ATCB's receipt of a notice of suspension.

(e) Opportunity to respond to a proposed revocation notice. (1) An ONC-ATCB may respond to a proposed revocation notice, but must do so within 10 days of receiving the proposed revocation notice and include appropriate documentation explaining in writing why its status should not be revoked.

(2) Upon receipt of an ONC-ATCB's response to a proposed revocation notice, the National Coordinator is permitted up to 30 days to review the information submitted by the ONC-ATCB and reach a decision.

(3) Unless suspended, an ONC-ATCB will be permitted to continue its operations under the temporary certification program during the time period provided for the ONC-ATCB to respond to the proposed revocation notice and the National Coordinator to review the response.

(f) Good standing determination. If the National Coordinator determines that an ONC-ATCB's status should not be revoked, the National Coordinator will notify the ONC-ATCB's authorized representative in writing of this determination.

(g) Revocation. (1) The National Coordinator may revoke an ONC-ATCB's status if:

(i) A determination is made that revocation is appropriate after considering the information provided by the ONC-ATCB in response to the proposed revocation notice; or

(ii) The ONC-ATCB does not respond to a proposed revocation notice within the specified timeframe in paragraph (d)(1) of this section.

(2) A decision to revoke an ONC-ATCB's status is final and not subject to further review unless the National Coordinator chooses to reconsider the revocation.

(h) Extent and duration of revocation. (1) The revocation of an ONC-ATCB is effective as soon as the ONC-ATCB receives the revocation notice.

(2) A testing and certification body that has had its ONC-ATCB status revoked is prohibited from accepting new requests for testing and certification and must cease its current testing and certification operations under the temporary certification program.

(3) A testing and certification body that has had its ONC-ATCB status revoked for a Type-1 violation is prohibited from reapplying for ONC-ATCB status under the temporary certification program for one year. If the temporary certification program sunsets during this time, the testing and certification body is prohibited from applying for ONC-ACB status under the permanent certification program for the time that remains within the one year prohibition.

(4) The failure of a testing and certification body that has had its ONC-ATCB status revoked, to promptly refund any and all fees for tests and/or certifications of Complete EHRs and EHR Modules not completed will be considered a violation of the Principles of Proper Conduct for ONC-ATCBs and will be taken into account by the National Coordinator if the testing and certification body reapplies for ONC-ATCB status under the temporary certification program or applies for ONC-ACB status under the permanent certification program.

§170.470   Effect of revocation on the certifications issued to complete EHRs and EHR Modules.

(a) The certified status of Complete EHRs and/or EHR Modules certified by an ONC-ATCB that had it status revoked will remain intact unless a Type-1 violation was committed that calls into question the legitimacy of the certifications issued by the former ONC-ATCB.

(b) If the National Coordinator determines that a Type-1 violation occurred that called into question the legitimacy of certifications conducted by the former ONC-ATCB, then the National Coordinator would:

(1) Review the facts surrounding the revocation of the ONC-ATCB's status; and

(2) Publish a notice on ONC's Web site if the National Coordinator believes that Complete EHRs and/or EHR Modules were improperly certified by the former ONC-ATCB.

(c) If the National Coordinator determines that Complete EHRs and/or EHR Modules were improperly certified, the certification status of affected Complete EHRs and/or EHR Modules would only remain intact for 120 days after the National Coordinator publishes the notice. The certification status of the Complete EHR and/or EHR Module can only be maintained thereafter by being re-certified by an ONC-ATCB in good standing.

§170.490   Sunset of the temporary certification program.

(a) The temporary certification program will sunset on December 31, 2011, or if the permanent certification program is not fully constituted at that time, then upon a subsequent date that is determined to be appropriate by the National Coordinator. On and after the temporary certification program sunset date, ONC-ATCBs will be prohibited from accepting new requests to test and certify Complete EHRs or EHR Modules.

(b) ONC-ATCBs are permitted up to six months after the sunset date to complete all testing and certification activities associated with requests for testing and certification of Complete EHRs and/or EHR Modules received prior to the sunset date.

§170.499   Incorporation by reference.

(a) Certain material is incorporated by reference into this subpart with the approval of the Director of the Federal Register under 5 U.S.C. 552(a) and 1 CFR part 51. To enforce any edition other than that specified in this section, the Department of Health and Human Services must publish notice of change in the Federal Register and the material must be available to the public. All approved material is available for inspection at the National Archives and Records Administration (NARA). For information on the availability of this material at NARA, call 202-741-6030 or go to http://www.archives.gov/federal_register/code_of_federal_regulations/ibr_locations.html. Also, it is available for inspection at U.S. Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, Hubert H. Humphrey Building, Suite 729D, 200 Independence Ave, SW., Washington, DC 20201, call ahead to arrange for inspection at 202-690-7151, and is available from the source listed below.

(b) International Organization for Standardization, Case postale 56, CH·1211, Geneve 20, Switzerland, telephone +41-22-749-01-11, http://www.iso.org.

(1) ISO/IEC 17025 General Requirements for the Competence of Testing and Calibration Laboratories (Second Edition), May 15, 2005, IBR approved for §170.420 and §170.423.

(2) ISO/IEC GUIDE 65 General Requirements for Bodies Operating Product Certification Systems (First Edition), 1996, IBR approved for §170.420 and §170.423.

(3) [Reserved]

Subpart E—ONC HIT Certification Program

Source: 76 FR 1325, Dec. 7, 2011, unless otherwise noted.

§170.500   Basis and scope.

This subpart implements section 3001(c)(5) of the Public Health Service Act and sets forth the rules and procedures related to the ONC HIT Certification Program for health information technology (HIT) administered by the National Coordinator for Health Information Technology.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.501   Applicability.

This subpart establishes the processes that applicants for ONC-ACB status must follow to be granted ONC-ACB status by the National Coordinator; the processes the National Coordinator will follow when assessing applicants and granting ONC-ACB status; the requirements that ONC-ACBs must follow to maintain ONC-ACB status; and the requirements of ONC-ACBs for certifying Complete EHRs, EHR Module(s), and other types of HIT in accordance with the applicable certification criteria adopted by the Secretary in subpart C of this part. It also establishes the processes accreditation organizations must follow to request approval from the National Coordinator and that the National Coordinator in turn will follow to approve an accreditation organization under the ONC HIT Certification Program as well as certain ongoing responsibilities for an ONC-AA.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.502   Definitions.

For the purposes of this subpart:

Applicant means a single organization or a consortium of organizations that seeks to become an ONC-ACB by submitting an application for ONC-ACB status to the National Coordinator.

Deployment site means the physical location where a Complete EHR, EHR Module(s) or other type of HIT resides or is being or has been implemented.

Development site means the physical location where a Complete EHR, EHR Module(s) or other type of HIT was developed.

Gap certification means the certification of a previously certified Complete EHR or EHR Module(s) to:

(1) All applicable new and/or revised certification criteria adopted by the Secretary at subpart C of this part based on the test results of a NVLAP-accredited testing laboratory; and

(2) All other applicable certification criteria adopted by the Secretary at subpart C of this part based on the test results used to previously certify the Complete EHR or EHR Module(s).

ONC-Approved Accreditor or ONC-AA means an accreditation organization that the National Coordinator has approved to accredit certification bodies under the ONC HIT Certification Program.

ONC-Authorized Certification Body or ONC-ACB means an organization or a consortium of organizations that has applied to and been authorized by the National Coordinator pursuant to this subpart to perform the certification of Complete EHRs, EHR Module(s), and/or other types of HIT under the ONC HIT Certification Program.

Providing or provide an updated certification means the action taken by an ONC-ACB to ensure that the developer of a previously certified EHR Module(s) shall update the information required by §170.523(k)(1)(i), after the ONC-ACB has verified that the certification criterion or criteria to which the EHR Module(s) was previously certified have not been revised and that no new certification criteria are applicable to the EHR Module(s).

Remote certification means the use of methods, including the use of web-based tools or secured electronic transmissions, that do not require an ONC-ACB to be physically present at the development or deployment site to conduct certification.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.503   Requests for ONC-AA status and ONC-AA ongoing responsibilities.

(a) The National Coordinator may approve only one ONC-AA at a time.

(b) Submission. The National Coordinator will publish a notice in the Federal Register to announce the 30-day period during which requests for ONC-AA status may be submitted. In order to be considered for ONC-AA status, an accreditation organization must submit a timely request in writing to the National Coordinator along with the following information to demonstrate its ability to serve as an ONC-AA:

(1) A detailed description of the accreditation organization's conformance to ISO/IEC17011:2004 (incorporated by reference in §170.599) and experience evaluating the conformance of certification bodies to ISO/IEC Guide 65:1996 (incorporated by reference in §170.599);

(2) A detailed description of the accreditation organization's accreditation, requirements as well as how those requirements would complement the Principles of Proper Conduct for ONC-ACBs and ensure the surveillance approaches used by ONC-ACBs include the use of consistent, objective, valid, and reliable methods;

(3) Detailed information on the accreditation organization's procedures that would be used to monitor ONC-ACBs;

(4) Detailed information, including education and experience, about the key personnel who review organizations for accreditation; and

(5) Procedures for responding to, and investigating, complaints against ONC-ACBs.

(c) Preliminary selection.

(1) The National Coordinator is permitted up to 60 days from the end of the submission period to review all timely submissions that were received and determine which accreditation organization is best qualified to serve as the ONC-AA.

(2) The National Coordinator's determination will be based on the information provided, the completeness of an accreditation organization's description of the elements listed in paragraph (b) of this section, and each accreditation organization's overall accreditation experience.

(3) The accreditation organization that is determined to be the best qualified will be notified that it has been selected as the ONC-AA on a preliminary basis, subject to the resolution of the reconsideration process in §170.504. All other accreditation organizations will be notified that their requests for ONC-AA status have been denied. The accreditation organization that is selected on a preliminary basis shall not represent itself as the ONC-AA or perform accreditation(s) under the ONC HIT Certification Program unless and until it receives written notice from the National Coordinator that it has been approved as the ONC-AA on a final basis pursuant to paragraph (d) of this section.

(4) Any accreditation organization that submits a timely request for ONC-AA status and is denied may request reconsideration in accordance with §170.504.

(d) Final approval.

(1) If the National Coordinator determines that an accreditation organization has met the standard specified in §170.504(b), then that organization will be approved as the ONC-AA on a final basis. The accreditation organization that was selected as the ONC-AA on a preliminary basis pursuant to paragraph (c) of this section will be notified of this final decision and cannot request reconsideration or further review.

(2) If the National Coordinator determines that no accreditation organization has met the standard specified in §170.504(b), then the organization that was selected as the ONC-AA on a preliminary basis pursuant to paragraph (c) of this section will be approved as the ONC-AA on a final basis.

(e) ONC-AA ongoing responsibilities. An ONC-AA must:

(1) Maintain conformance with ISO/IEC 17011:2004 (incorporated by reference in §170.599);

(2) Verify that the certification bodies it accredits and ONC-ACBs conform to, at a minimum, ISO/IEC Guide 65:1996 (incorporated by reference in §170.599);

(3) Ensure the surveillance approaches used by ONC-ACBs include the use of consistent, objective, valid, and reliable methods;

(4) Verify that ONC-ACBs are performing surveillance in accordance with their respective annual plans; and

(5) Review ONC-ACB surveillance results to determine if the results indicate any substantive non-conformance by ONC-ACBs with the conditions of their respective accreditations.

(f) ONC-AA status.

(1) An accreditation organization has not been granted ONC-AA status unless and until it is notified by the National Coordinator that it has been approved as the ONC-AA on a final basis pursuant to paragraph (d) of this section.

(2) An ONC-AA's status will expire not later than 3 years from the date its status was granted by the National Coordinator.

(3) The National Coordinator will accept requests for ONC-AA status, in accordance with paragraph (b) of this section, at least 180 days before the current ONC-AA's status is set to expire.

[76 FR 1325, Dec. 7, 2011, as amended at 76 FR 72642, Nov. 25, 2011; 77 FR 54291, Sept. 4, 2012]

§170.504   Reconsideration process for requests for ONC-AA status.

(a) An accreditation organization that submits a timely request for ONC-AA status in accordance with §170.503 and is denied may request reconsideration of the decision to deny its request for ONC-AA status.

(b) Submission requirement. To request reconsideration, an accreditation organization is required to submit to the National Coordinator, within 15 days of receipt of a denial notice, a written statement with supporting documentation contesting the decision to deny its request for ONC-AA status. The submission must demonstrate that clear, factual errors were made in the review of its request for ONC-AA status and that the accreditation organization would have been selected as the ONC-AA pursuant to §170.503(c) if those errors had been corrected. If the National Coordinator does not receive an accreditation organization's submission within the specified timeframe, then its request for reconsideration may be denied.

(c) Review of submissions. The National Coordinator is permitted up to 30 days to review all timely submissions that were received and determine whether an accreditation organization has met the standard specified in paragraph (b) of this section.

(d) Decision.

(1) If the National Coordinator determines that an accreditation organization has met the standard specified in paragraph (b) of this section, then that organization will be approved as the ONC-AA on a final basis. All other accreditation organizations will be notified that their requests for reconsideration have been denied.

(2) Final decision. A reconsideration decision issued by the National Coordinator is final and not subject to further review.

§170.505   Correspondence.

(a) Correspondence and communication with the National Coordinator shall be conducted by e-mail, unless otherwise necessary. The official date of receipt of any e-mail between the National Coordinator and an accreditation organization requesting ONC-AA status, the ONC-AA, an applicant for ONC-ACB status, or an ONC-ACB is the date on which the e-mail was sent.

(b) In circumstances where it is necessary for an accreditation organization requesting ONC-AA status, the ONC-AA, an applicant for ONC-ACB status, or an ONC-ACB to correspond or communicate with the National Coordinator by regular or express mail, the official date of receipt will be the date of the delivery confirmation.

§170.510   Types of certification.

Applicants may seek authorization from the National Coordinator to perform the following types of certification:

(a) Complete EHR certification; and/or

(b) EHR Module certification; and/or

(c) Certification of other types of HIT for which the Secretary has adopted certification criteria under subpart C of this part.

§170.520   Application.

Applicants must include the following information in an application for ONC-ACB status and submit it to the National Coordinator for the application to be considered complete.

(a) The type of authorization sought pursuant to §170.510. For authorization to perform EHR Module certification, applicants must indicate the specific type(s) of EHR Module(s) they seek authorization to certify. If qualified, applicants will only be granted authorization to certify the type(s) of EHR Module(s) for which they seek authorization.

(b) General identifying, information including:

(1) Name, address, city, state, zip code, and Web site of applicant; and

(2) Designation of an authorized representative, including name, title, phone number, and e-mail address of the person who will serve as the applicant's point of contact.

(c) Documentation that confirms that the applicant has been accredited by the ONC-AA.

(d) An agreement, properly executed by the applicant's authorized representative, that it will adhere to the Principles of Proper Conduct for ONC-ACBs.

§170.523   Principles of proper conduct for ONC-ACBs.

An ONC-ACB shall:

(a) Maintain its accreditation, or if a new ONC-AA is approved by the National Coordinator, obtain accreditation from the new ONC-AA within 12 months or a reasonable period specified by the National Coordinator and maintain such accreditation;

(b) Attend all mandatory ONC training and program update sessions;

(c) Maintain a training program that includes documented procedures and training requirements to ensure its personnel are competent to certify HIT;

(d) Report to ONC within 15 days any changes that materially affect its:

(1) Legal, commercial, organizational, or ownership status;

(2) Organization and management including key certification personnel;

(3) Policies or procedures;

(4) Location;

(5) Personnel, facilities, working environment or other resources;

(6) ONC authorized representative (point of contact); or

(7) Other such matters that may otherwise materially affect its ability to certify HIT.

(e) Allow ONC, or its authorized agent(s), to periodically observe on site (unannounced or scheduled), during normal business hours, any certifications performed to demonstrate compliance with the requirements of the ONC HIT Certification Program;

(f) Provide ONC, no less frequently than weekly, a current list of Complete EHRs and/or EHR Modules that have been certified, which includes, at a minimum:

(1) The Complete EHR or EHR Module developer name (if applicable);

(2) The date certified;

(3) The product version;

(4) The unique certification number or other specific product identification;

(5) The clinical quality measures to which a Complete EHR or EHR Module has been certified;

(6) Where applicable, any additional software a Complete EHR or EHR Module relied upon to demonstrate its compliance with a certification criterion or criteria adopted by the Secretary; and

(7) Where applicable, the certification criterion or criteria to which each EHR Module has been certified.

(8) A hyperlink to the test results used to certify the Complete EHRs and/or EHR Modules that can be accessed by the public.

(g) Retain all records related to the certification of Complete EHRs and/or EHR Module(s) for a minimum of 5 years;

(h) Only certify HIT, including Complete EHRs and/or EHR Module(s), that has been tested, using test tools and test procedures approved by the National Coordinator, by a/an:

(1) NVLAP-accredited testing laboratory; or

(2) ONC-ATCB when:

(i) Certifying previously certified EHR Module(s) if the certification criterion or criteria to which the EHR Module(s) was previously certified have not been revised and no new certification criteria are applicable to the EHR Module(s); or

(ii) Performing gap certification.

(i) Submit an annual surveillance plan to the National Coordinator and annually report to the National Coordinator its surveillance results; and

(j) Promptly refund any and all fees received for:

(1) Requests for certification that are withdrawn while its operations are suspended by the National Coordinator;

(2) Certifications that will not be completed as a result of its conduct; and

(3) Previous certifications that it performed if its conduct necessitates the recertification of Complete EHRs and/or EHR Module(s);

(k) Ensure adherence to the following requirements when issuing a certification to a Complete EHR and/or EHR Module(s):

(1) A Complete EHR or EHR Module developer must conspicuously include the following on its Web site and in all marketing materials, communications statements, and other assertions related to the Complete EHR or EHR Module's certification:

(i) “This [Complete EHR or EHR Module] is [specify Edition of EHR certification criteria] compliant and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services”;

(ii) The information an ONC-ACB is required to report to the National Coordinator under paragraph (f) of this section for the specific Complete EHR or EHR Module at issue; and

(iii) Any additional types of costs that an EP, EH, or CAH would pay to implement the Complete EHR's or EHR Module's capabilities in order to attempt to meet meaningful use objectives and measures. EHR technology self-developers are excluded from this requirement.

(2) A certification issued to a pre-coordinated, integrated bundle of EHR Modules shall be treated the same as a certification issued to a Complete EHR for the purposes of paragraph (k)(1) of this section, except that the certification must also indicate each EHR Module that is included in the bundle; and

(3) A certification issued to a Complete EHR or EHR Module based solely on the applicable certification criteria adopted by the Secretary at subpart C of this part must be separate and distinct from any other certification(s) based on other criteria or requirements.

[76 FR 1325, Dec. 7, 2011, as amended at 76 FR 72642, Nov. 25, 2011; 77 FR 54291, Sept. 4, 2012]

§170.525   Application submission.

(a) An applicant for ONC-ACB status must submit its application either electronically via e-mail (or web submission if available), or by regular or express mail.

(b) An application for ONC-ACB status may be submitted to the National Coordinator at any time.

§170.530   Review of application.

(a) Method of review and review timeframe.

(1) Applications will be reviewed in the order they are received.

(2) The National Coordinator is permitted up to 30 days from receipt to review an application that is submitted for the first time.

(b) Application deficiencies.

(1) If the National Coordinator identifies an area in an application that requires the applicant to clarify a statement or correct an error or omission, the National Coordinator may contact the applicant to make such clarification or correction without issuing a deficiency notice. If the National Coordinator has not received the requested information after five days, the National Coordinator may issue a deficiency notice to the applicant.

(2) If the National Coordinator determines that deficiencies in the application exist, the National Coordinator will issue a deficiency notice to the applicant and return the application. The deficiency notice will identify the areas of the application that require additional information or correction.

(c) Revised application.

(1) An applicant is permitted to submit a revised application in response to a deficiency notice. An applicant may request from the National Coordinator an extension for good cause of the 15-day period provided in paragraph (c)(2) of this section to submit a revised application.

(2) In order for an applicant to continue to be considered for ONC-ACB status, the applicant's revised application must address the specified deficiencies and be received by the National Coordinator within 15 days of the applicant's receipt of the deficiency notice, unless the National Coordinator grants an applicant's request for an extension of the 15-day period based on a finding of good cause. If a good cause extension is granted, then the revised application must be received by the end of the extension period.

(3) The National Coordinator is permitted up to 15 days to review a revised application once it has been received and may request clarification of statements and the correction of errors or omissions in a revised application during this time period.

(4) If the National Coordinator determines that a revised application still contains deficiencies, the applicant will be issued a denial notice indicating that the applicant cannot reapply for ONC-ACB status for a period of six months from the date of the denial notice. An applicant may request reconsideration of this decision in accordance with §170.535.

(d) Satisfactory application.

(1) An application will be deemed satisfactory if it meets all the application requirements, as determined by the National Coordinator.

(2) The National Coordinator will notify the applicant's authorized representative of its satisfactory application and its successful achievement of ONC-ACB status.

(3) Once notified by the National Coordinator of its successful achievement of ONC-ACB status, the applicant may represent itself as an ONC-ACB and begin certifying health information technology consistent with its authorization.

§170.535   ONC-ACB application reconsideration.

(a) An applicant may request that the National Coordinator reconsider a denial notice only if the applicant can demonstrate that clear, factual errors were made in the review of its application and that the errors' correction could lead to the applicant obtaining ONC-ACB status.

(b) Submission requirement. An applicant is required to submit, within 15 days of receipt of a denial notice, a written statement to the National Coordinator contesting the decision to deny its application and explaining with sufficient documentation what factual error(s) it believes can account for the denial. If the National Coordinator does not receive the applicant's reconsideration request within the specified timeframe, its reconsideration request may be rejected.

(c) Reconsideration request review. If the National Coordinator receives a timely reconsideration request, the National Coordinator is permitted up to 15 days from the date of receipt to review the information submitted by the applicant and issue a decision.

(d) Decision.

(1) If the National Coordinator determines that clear, factual errors were made during the review of the application and that correction of the errors would remove all identified deficiencies, the applicant's authorized representative will be notified of the National Coordinator's determination and the applicant's successful achievement of ONC-ACB status.

(2) If, after reviewing an applicant's reconsideration request, the National Coordinator determines that the applicant did not identify factual errors or that the correction of the factual errors would not remove all identified deficiencies in the application, the National Coordinator may reject the applicant's reconsideration request.

(3) Final decision. A reconsideration decision issued by the National Coordinator is final and not subject to further review.

§170.540   ONC-ACB status.

(a) Acknowledgement and publication. The National Coordinator will acknowledge and make publicly available the names of ONC-ACBs, including the date each was authorized and the type(s) of certification each has been authorized to perform.

(b) Representation. Each ONC-ACB must prominently and unambiguously identify the scope of its authorization on its Web site and in all marketing and communications statements (written and oral) pertaining to its activities under the ONC HIT Certification Program.

(c) Renewal. An ONC-ACB is required to renew its status every three years. An ONC-ACB is required to submit a renewal request, containing any updates to the information requested in §170.520, to the National Coordinator 60 days prior to the expiration of its status.

(d) Expiration. An ONC-ACB's status will expire three years from the date it was granted by the National Coordinator unless it is renewed in accordance with paragraph (c) of this section.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.545   Complete EHR certification.

(a) When certifying Complete EHRs, an ONC-ACB must certify in accordance with all applicable certification criteria adopted by the Secretary at subpart C of this part.

(b) An ONC-ACB must provide the option for a Complete EHR to be certified solely to the applicable certification criteria adopted by the Secretary at subpart C of this part.

(c) Gap certification. An ONC-ACB may provide the option for and perform gap certification of previously certified Complete EHRs.

(d) Inherited certified status. An ONC-ACB must accept requests for a newer version of a previously certified Complete EHR to inherit the certified status of the previously certified Complete EHR without requiring the newer version to be recertified.

(1) Before granting certified status to a newer version of a previously certified Complete EHR, an ONC-ACB must review an attestation submitted by the developer of the Complete EHR to determine whether any change in the newer version has adversely affected the Complete EHR's capabilities for which certification criteria have been adopted.

(2) An ONC-ACB may grant certified status to a newer version of a previously certified Complete EHR if it determines that the capabilities for which certification criteria have been adopted have not been adversely affected.

(e) An ONC-ACB that has been authorized to certify Complete EHRs is also authorized to certify all EHR Modules under the ONC HIT Certification Program.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.550   EHR Module certification.

(a) When certifying EHR Module(s), an ONC-ACB must certify in accordance with the applicable certification criteria adopted by the Secretary at subpart C of this part.

(b) An ONC-ACB must provide the option for an EHR Module(s) to be certified solely to the applicable certification criteria adopted by the Secretary at subpart C of this part.

(c) Gap certification. An ONC-ACB may provide the option for and perform gap certification of previously certified EHR Module(s).

(d) An ONC-ACB may provide an updated certification to a previously certified EHR Module(s).

(e) Privacy and security certification. For certification to the 2011 Edition EHR certification criteria, EHR Module(s) shall be certified to all privacy and security certification criteria adopted by the Secretary, unless the EHR Module(s) is presented for certification in one of the following manners:

(1) The EHR Modules are presented for certification as a pre-coordinated, integrated bundle of EHR Modules, which would otherwise meet the definition of and constitute a Complete EHR, and one or more of the constituent EHR Modules is demonstrably responsible for providing all of the privacy and security capabilities for the entire bundle of EHR Modules; or

(2) An EHR Module is presented for certification, and the presenter can demonstrate and provide documentation to the ONC-ACB that a privacy and security certification criterion is inapplicable or that it would be technically infeasible for the EHR Module to be certified in accordance with such certification criterion.

(f) When certifying an EHR Module to the 2014 Edition EHR certification criteria, an ONC-ACB must certify the EHR Module in accordance with the certification criteria at:

(1) Section 170.314(g)(1) if the EHR Module has capabilities presented for certification that would support a meaningful use objective with a percentage-based measure;

(2) Section 170.314(g)(3) if the EHR Module is presented for certification to one or more listed certification criteria in §170.314(g)(3); and

(3) Section 170.314(g)(4).

(g) Inherited certified status. An ONC-ACB must accept requests for a newer version of a previously certified EHR Module(s) to inherit the certified status of the previously certified EHR Module(s) without requiring the newer version to be recertified.

(1) Before granting certified status to a newer version of a previously certified EHR Module(s), an ONC-ACB must review an attestation submitted by the developer(s) of the EHR Module(s) to determine whether any change in the newer version has adversely affected the EHR Module(s)' capabilities for which certification criteria have been adopted.

(2) An ONC-ACB may grant certified status to a newer version of a previously certified EHR Module(s) if it determines that the capabilities for which certification criteria have been adopted have not been adversely affected.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.553   Certification of health information technology other than Complete EHRs and EHR Modules.

An ONC-ACB authorized to certify health information technology other than Complete EHRs and/or EHR Modules must certify such health information technology in accordance with the applicable certification criterion or certification criteria adopted by the Secretary at subpart C of this part.

§170.555   Certification to newer versions of certain standards.

(a) ONC-ACBs may certify Complete EHRs and/or EHR Module(s) to a newer version of certain identified minimum standards specified at subpart B of this part, unless the Secretary prohibits the use of a newer version for certification.

(b) Applicability of a newer version of a minimum standard. (1) ONC-ACBs are not required to certify Complete EHRs and/or EHR Module(s) according to newer versions of standards identified as minimum standards in subpart B of this part, unless and until the incorporation by reference of a standard is updated in the Federal Register with a newer version.

(2) A certified Complete EHR or certified EHR Module may be upgraded to comply with newer versions of standards identified as minimum standards in subpart B of this part without adversely affecting its certification status, unless the Secretary prohibits the use of a newer version for certification.

[77 FR 54291, Sept. 4, 2012]

§170.557   Authorized certification methods.

An ONC-ACB must provide remote certification for both development and deployment sites.

§170.560   Good standing as an ONC-ACB.

An ONC-ACB must maintain good standing by:

(a) Adhering to the Principles of Proper Conduct for ONC-ACBs;

(b) Refraining from engaging in other types of inappropriate behavior, including an ONC-ACB misrepresenting the scope of its authorization, as well as an ONC-ACB certifying Complete EHRs and/or EHR Module(s) for which it does not have authorization; and

(c) Following all other applicable Federal and State laws.

§170.565   Revocation of ONC-ACB status.

(a) Type-1 violations. The National Coordinator may revoke an ONC-ACB's status for committing a Type-1 violation. Type-1 violations include violations of law or ONC HIT Certification Program policies that threaten or significantly undermine the integrity of the ONC HIT Certification Program. These violations include, but are not limited to: False, fraudulent, or abusive activities that affect the ONC HIT Certification Program, a program administered by HHS or any program administered by the Federal government.

(b) Type-2 violations. The National Coordinator may revoke an ONC-ACB's status for failing to timely or adequately correct a Type-2 violation. Type-2 violations constitute noncompliance with §170.560.

(1) Noncompliance notification. If the National Coordinator obtains reliable evidence that an ONC-ACB may no longer be in compliance with §170.560, the National Coordinator will issue a noncompliance notification with reasons for the notification to the ONC-ACB requesting that the ONC-ACB respond to the alleged violation and correct the violation, if applicable.

(2) Opportunity to become compliant. After receipt of a noncompliance notification, an ONC-ACB is permitted up to 30 days to submit a written response and accompanying documentation that demonstrates that no violation occurred or that the alleged violation has been corrected.

(i) If the ONC-ACB submits a response, the National Coordinator is permitted up to 30 days from the time the response is received to evaluate the response and reach a decision. The National Coordinator may, if necessary, request additional information from the ONC-ACB during this time period.

(ii) If the National Coordinator determines that no violation occurred or that the violation has been sufficiently corrected, the National Coordinator will issue a memo to the ONC-ACB confirming this determination.

(iii) If the National Coordinator determines that the ONC-ACB failed to demonstrate that no violation occurred or to correct the area(s) of non-compliance identified under paragraph (b)(1) of this section within 30 days of receipt of the noncompliance notification, then the National Coordinator may propose to revoke the ONC-ACB's status.

(c) Proposed revocation.

(1) The National Coordinator may propose to revoke an ONC-ACB's status if the National Coordinator has reliable evidence that the ONC-ACB has committed a Type-1 violation; or

(2) The National Coordinator may propose to revoke an ONC-ACB's status if, after the ONC-ACB has been notified of a Type-2 violation, the ONC-ACB fails to:

(i) To rebut the finding of a violation with sufficient evidence showing that the violation did not occur or that the violation has been corrected; or

(ii) Submit to the National Coordinator a written response to the noncompliance notification within the specified timeframe under paragraph (b)(2) of this section.

(d) Suspension of an ONC-ACB's operations.

(1) The National Coordinator may suspend the operations of an ONC-ACB under the ONC HIT Certification Program based on reliable evidence indicating that:

(i) The ONC-ACB committed a Type-1 or Type-2 violation; and

(ii) The continued certification of Complete EHRs, EHR Module(s), and/or other types of HIT by the ONC-ACB could have an adverse impact on the health or safety of patients.

(2) If the National Coordinator determines that the conditions of paragraph (d)(1) of this section have been met, an ONC-ACB will be issued a notice of proposed suspension.

(3) Upon receipt of a notice of proposed suspension, an ONC-ACB will be permitted up to 3 days to submit a written response to the National Coordinator explaining why its operations should not be suspended.

(4) The National Coordinator is permitted up to 5 days from receipt of an ONC-ACB's written response to a notice of proposed suspension to review the response and make a determination.

(5) The National Coordinator may make one of the following determinations in response to the ONC-ACB's written response or if the ONC-ACB fails to submit a written response within the timeframe specified in paragraph (d)(3) of this section:

(i) Rescind the proposed suspension; or

(ii) Suspend the ONC-ACB's operations until it has adequately corrected a Type-2 violation; or

(iii) Propose revocation in accordance with §170.565(c) and suspend the ONC-ACB's operations for the duration of the revocation process.

(6) A suspension will become effective upon an ONC-ACB's receipt of a notice of suspension.

(e) Opportunity to respond to a proposed revocation notice.

(1) An ONC-ACB may respond to a proposed revocation notice, but must do so within 10 days of receiving the proposed revocation notice and include appropriate documentation explaining in writing why its status should not be revoked.

(2) Upon receipt of an ONC-ACB's response to a proposed revocation notice, the National Coordinator is permitted up to 30 days to review the information submitted by the ONC-ACB and reach a decision.

(f) Good standing determination. If the National Coordinator determines that an ONC-ACB's status should not be revoked, the National Coordinator will notify the ONC-ACB's authorized representative in writing of this determination.

(g) Revocation.

(1) The National Coordinator may revoke an ONC-ACB's status if:

(i) A determination is made that revocation is appropriate after considering the information provided by the ONC-ACB in response to the proposed revocation notice; or

(ii) The ONC-ACB does not respond to a proposed revocation notice within the specified timeframe in paragraph (e)(1) of this section.

(2) A decision to revoke an ONC-ACB's status is final and not subject to further review unless the National Coordinator chooses to reconsider the revocation.

(h) Extent and duration of revocation.

(1) The revocation of an ONC-ACB is effective as soon as the ONC-ACB receives the revocation notice.

(2) A certification body that has had its ONC-ACB status revoked is prohibited from accepting new requests for certification and must cease its current certification operations under the ONC HIT Certification Program.

(3) A certification body that has had its ONC-ACB has its status revoked for a Type-1 violation, is not permitted to reapply for ONC-ACB status under the ONC HIT Certification Program for a period of 1 year.

(4) The failure of a certification body that has had its ONC-ACB status revoked to promptly refund any and all fees for certifications of Complete EHRs and EHR Module(s) not completed will be considered a violation of the Principles of Proper Conduct for ONC-ACBs and will be taken into account by the National Coordinator if the certification body reapplies for ONC-ACB status under the ONC HIT Certification Program.

[76 FR 1325, Dec. 7, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.570   Effect of revocation on the certifications issued to Complete EHRs and EHR Module(s).

(a) The certified status of Complete EHRs and/or EHR Module(s) certified by an ONC-ACB that had its status revoked will remain intact unless a Type-1 violation was committed that calls into question the legitimacy of the certifications issued by the former ONC-ACB.

(b) If the National Coordinator determines that a Type-1 violation occurred that called into question the legitimacy of certifications conducted by the former ONC-ACB, then the National Coordinator would:

(1) Review the facts surrounding the revocation of the ONC-ACB's status; and

(2) Publish a notice on ONC's Web site if the National Coordinator believes that Complete EHRs and/or EHR Module(s) were improperly certified by the former ONC-ACB.

(c) If the National Coordinator determines that Complete EHRs and/or EHR Module(s) were improperly certified, the certification status of affected Complete EHRs and/or EHR Module(s) would only remain intact for 120 days after the National Coordinator publishes the notice. The certification status of affected Complete EHRs and/or EHR Module(s) can only be maintained thereafter by being re-certified by an ONC-ACB in good standing.

§170.575   Removal of the ONC-AA.

(a) Conduct violations. The National Coordinator may remove the ONC-AA for committing a conduct violation. Conduct violations include violations of law or ONC HIT Certification Program policies that threaten or significantly undermine the integrity of the ONC HIT Certification Program. These violations include, but are not limited to: false, fraudulent, or abusive activities that affect the ONC HIT Certification Program, a program administered by HHS, or any program administered by the Federal government.

(b) Performance violations. The National Coordinator may remove the ONC-AA for failing to timely or adequately correct a performance violation. Performance violations constitute a failure to adequately perform the ONC-AA's responsibilities as specified in §170.503(e).

(1) Noncompliance notification. If the National Coordinator obtains reliable evidence that the ONC-AA may no longer be adequately performing its responsibilities specified in §170.503(e), the National Coordinator will issue a noncompliance notification with reasons for the notification to the ONC-AA requesting that the ONC-AA respond to the alleged violation and correct the violation, if applicable.

(2) Opportunity to become compliant. The ONC-AA is permitted up to 30 days from receipt of a noncompliance notification to submit a written response and accompanying documentation that demonstrates that no violation occurred or that the alleged violation has been corrected.

(i) If the ONC-AA submits a response, the National Coordinator is permitted up to 60 days from the time the response is received to evaluate the response and reach a decision. The National Coordinator may, if necessary, request additional information from the ONC-AA during this time period.

(ii) If the National Coordinator determines that no violation occurred or that the violation has been sufficiently corrected, the National Coordinator will issue a memo to the ONC-AA confirming this determination. Otherwise, the National Coordinator may propose to remove the ONC-AA in accordance with paragraph (c) of this section.

(c) Proposed removal.

(1) The National Coordinator may propose to remove the ONC-AA if the National Coordinator has reliable evidence that the ONC-AA has committed a conduct violation; or

(2) The National Coordinator may propose to remove the ONC-AA if, after the ONC-AA has been notified of an alleged performance violation, the ONC-AA fails to:

(i) Rebut the alleged violation with sufficient evidence showing that the violation did not occur or that the violation has been corrected; or

(ii) Submit to the National Coordinator a written response to the noncompliance notification within the specified timeframe under paragraph (b)(2) of this section.

(d) Opportunity to respond to a proposed removal notice.

(1) The ONC-AA may respond to a proposed removal notice, but must do so within 20 days of receiving the proposed removal notice and include appropriate documentation explaining in writing why it should not be removed as the ONC-AA.

(2) Upon receipt of the ONC-AA's response to a proposed removal notice, the National Coordinator is permitted up to 60 days to review the information submitted by the ONC-AA and reach a decision.

(e) Retention of ONC-AA status. If the National Coordinator determines that the ONC-AA should not be removed, the National Coordinator will notify the ONC-AA in writing of this determination.

(f) Removal.

(1) The National Coordinator may remove the ONC-AA if:

(i) A determination is made that removal is appropriate after considering the information provided by the ONC-AA in response to the proposed removal notice; or

(ii) The ONC-AA does not respond to a proposed removal notice within the specified timeframe in paragraph (d)(1) of this section.

(2) A decision to remove the ONC-AA is final and not subject to further review unless the National Coordinator chooses to reconsider the removal.

(g) Extent and duration of removal.

(1) The removal of the ONC-AA is effective upon the date specified in the removal notice provided to the ONC-AA.

(2) An accreditation organization that is removed as the ONC-AA must cease all activities under the ONC HIT Certification Program, including accepting new requests for accreditation under the ONC HIT Certification Program.

(3) An accreditation organization that is removed as the ONC-AA is prohibited from being considered for ONC-AA status for a period of 1 year from the effective date of its removal as the ONC-AA.

[76 FR 72643, Nov. 25, 2011, as amended at 77 FR 54291, Sept. 4, 2012]

§170.599   Incorporation by reference.

(a) Certain material is incorporated by reference into this subpart with the approval of the Director of the Federal Register under 5 U.S.C. 552(a) and 1 CFR part 51. To enforce any edition other than that specified in this section, the Department of Health and Human Services must publish notice of change in the Federal Register and the material must be available to the public. All approved material is available for inspection at the National Archives and Records Administration (NARA). For information on the availability of this material at NARA, call 202-741-6030 or go to http://www.archives.gov/federal_register/code_of_federal_regulations/ibr_locations.html. Also, it is available for inspection at U.S. Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, Hubert H. Humphrey Building, Suite 729D, 200 Independence Ave., SW., Washington, DC 20201, call ahead to arrange for inspection at 202-690-7151, and is available from the source listed below.

(b) International Organization for Standardization, Case postale 56, CH·1211, Geneve 20, Switzerland, telephone +41-22-749-01-11, http://www.iso.org.

(1) ISO/IEC 17011:2004 Conformity Assessment—General Requirements for Accreditation Bodies Accrediting Conformity Assessment Bodies (Corrected Version), February 15, 2005, IBR approved for §170.503.

(2) ISO/IEC GUIDE 65:1996—General Requirements for Bodies Operating Product Certification Systems (First Edition), 1996, IBR approved for §170.503.

(3) [Reserved]



For questions or comments regarding e-CFR editorial content, features, or design, email ecfr@nara.gov.
For questions concerning e-CFR programming and delivery issues, email webteam@gpo.gov.