Wednesday, March 7, 2012

Stage 2 - Meaningful Use

NOTE: Encryption and Auditable events are two key components of Stage 2 certification with regards to the security requirements.

The Centers for Medicare and Medicaid Services (CMS), Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 2

 http://www.gpo.gov/fdsys/pkg/FR-2012-03-07/pdf/2012-4443.pdf

The ONC proposed rule proposed stage 2 rules; Health Information Technology: Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, 2014 Edition; Revisions to the Permanent Certification Program for Health Information Technology.
http://www.gpo.gov/fdsys/pkg/FR-2012-03-07/pdf/2012-4430.pdf

MU Objective: Protect electronic health information created or maintained by the Certified EHR Technology through the implementation of appropriate technical capabilities.

2014 Edition EHR Certification Criteria:
§ 170.314(d)(2) (Auditable events and tamper-resistance)
§ 170.314(d)(3) (Audit report(s))
Standard:
§ 170.210(e) (Record actions related to electronic health information, audit log
status, and encryption of end user devices)
 
Encryption of data at rest:
2014 Edition EHR Certification Criterion
§ 170.314(d)(7) (Encryption of data at rest)

No comments: