top of page

What is this certification about?

About ONC

ONC i.e., Office of National Coordinator for Health Information Technology has introduced Health IT Certification Program in order to enforce a standard and meaningful use of Electronic Health records. ONC certified HIT products assure users that the EHR software system comprises the technological capabilities, functionalities and security requirements that meet the criteria of meaningful use. The certification also ensures the provision of a compatible and structured format for patient data that can be retrieved from and transferred to other EHR systems.This is a voluntary certification program but of high importance when it comes to participating in the Department of Health and Human Services (HHS) programs like MIPS. The requirements for this certification are established by standards, implementation specifications and certification criteria adopted by the Secretary at the Department of Health and Human Services (HHS). 

About ONC Cures update

21st Century Cures Act was  signed into law by President Barack Obama on Dec. 13, 2016. The Cures Act seeks to ease regulatory burdens associated with use of electronic health record (EHR) systems and health information technology (IT) and fostering interoperability of the data with the FHIR-API standards. After the Cures Act was signed into law, it passed to the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare & Medicaid Services (CMS) for review. A final corrected version of this document was published by the Federal register under the Health and Human services department on 8/4/2020.  ONC’s 21st Century Cures Act Final Rule made several changes to the existing 2015 Edition Health IT Certification Criteria. The final rule introduced a small number of new certification criteria, revised several existing certification criteria, and removed several certification criteria.

How is it useful for the users? or its benefits

By implementing the policies within the Cures Act, the Department of Health and Human Services (HHS) is taking steps to make health data more easily exchangeable across health IT systems and provide patients with more control and access to their medical records. According to the ONC, the goal of the final rule is “to give patients access to their electronic medical record at no additional cost, and allow providers to choose the IT tools that allow them to best care for patients without excessive costs or technical barriers.”

Significance of this update for the practitioners is that the rule enforces the implementation of a standards-based, application-based interface (API) to create a pathway for seamless exchange of electronic health information (EHI), establishing a competitive market that allows providers to choose the software that helps them provide better care. APIs can be thought of as a pathway for two different systems or applications to “talk” to each other. Implementing these capabilities within health IT systems such as EHRs will allow patients to request the information in their medical record on-demand through the applications of their choice with no additional costs and will support increased communication from clinician to clinician and clinician to patients. As health care continues to advance, these capabilities will become essential to providing transparent, high-value, patient-centered care.

170.315 (a)(1): Computerized Provider Order Entry (CPOE) – Medications

170.315 (a)(2): CPOE – Laboratory

170.315 (a)(3): CPOE – Diagnostic Imaging

170.315 (a)(4): Drug-Drug, Drug-Allergy Interaction Checks for CPOE

170.315 (a)(5): Demographics

170.315 (a)(9): Clinical Decision Support

170.315 (a)(12): Family Health History

170.315 (a)(14): Implantable Device List

170.315 (b)(1): Transitions of Care (Cures Update)

170.315 (b)(2): Clinical Information Reconciliation and Incorporation (Cures Update)

170.315 (c)(1): Clinical Quality Measures – Record and Export

170.315 (c)(2): Clinical Quality Measures – Import and Calculate

170.315 (d)(1): Authentication, Access Control, Authorization

170.315 (d)(2): Auditable Events and Tamper-Resistance (Cures Update)

170.315 (d)(3): Audit Report(s) (Cures Update)

170.315 (d)(4): Amendments

170.315 (d)(5): Automatic Access Time-out

170.315 (d)(6): Emergency Access

170.315 (d)(7): End-User Device Encryption

170.315 (d)(8): Integrity

170.315 (d)(9): Trusted Connection

170.315 (d)(12): Encrypt Authentication Credentials (Cures Update)

170.315 (d)(13): Multi-Factor Authentication (Cures Update)

170.315 (e)(1): View, Download, and Transmit to 3rd Party (Cures Update)

170.315 (e)(3): Patient Health Information Capture

170.315 (f)(1): Transmission to Immunization Registries

170.315 (g)(2): Automated Measure Calculation

170.315 (g)(3): Safety-Enhanced Design

170.315 (g)(4): Quality Management System

170.315 (g)(5): Accessibility-Centered Design

170.315 (g)(6): Consolidated CDA Creation Performance (Cures Update)

170.315 (g)(7): Application Access – Patient Selection

170.315 (g)(9): Application Access – All Data Request (Cures Update)

170.315 (h)(1): Direct Project

Partnered with Darena’s BlueButtonPro to deliver:

170.315 (b)(10): Electronic Health Information Export (Cures Update)

170.315 (g)(1): Automated Numerator Recording

170.315 (g)(10): Standardized API for Patient and Population Services (Cures Update)

bottom of page