Sec. 170.314 2014 Edition electronic health record certification criteria.

The Secretary adopts the following certification criteria for Complete EHRs or EHR Modules. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically, unless designated as optional, and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Clinical.

(1) Computerized provider order entry. Enable a user to electronically record, change, and access the following order types, at a minimum:

(i) Medications;

(ii) Laboratory; and

(iii) Radiology/imaging.

(2) Drug-drug, drug-allergy interaction checks. (i) Interventions. Before a medication order is completed and acted upon during computerized provider order entry (CPOE), interventions must automatically and electronically indicate to a user drug-drug and drug-allergy contraindications based on a patient's medication list and medication allergy list.

(ii) Adjustments.

(A) Enable the severity level of interventionsprovided for drug-drug interaction checks to be adjusted.

(B) Limit the ability to adjust severity levels to an identified set of users or available as a system administrative function.

(3) Demographics.

(i) Enable a user to electronically record, change, and access patient demographic data including preferred language, sex, race, ethnicity, and date of birth.

(A) Enable race and ethnicity to be recorded in accordance with the standard specified in Sec. 170.207(f) and whether a patient declines to specify race and/or ethnicity.

(B) Enable preferred language to be recorded in accordance with the standard specified in Sec. 170.207(g) and whether a patient declines to specify a preferred language.

(ii) Inpatient setting only. Enable a user to electronically record, change, and access preliminary cause of death in the event of a mortality.

(4) Vital signs, body mass index, and growth charts.

(i) Vital signs. Enable a user to electronically record, change, and access, at a minimum, a patient's height/length, weight, and blood pressure. Height/length, weight, and blood pressure must be recorded in numerical values only.

(ii) Calculate body mass index. Automatically calculate and electronically display body mass index based on a patient's height and weight.

(5) Problem list. Enable a user to electronically record, change, and access a patient's active problem list:

(i) Ambulatory setting. Over multiple encounters in accordance with, at a minimum, the version of the standard specified in Sec. 170.207(a)(3) (SNOMED CT July 2012 Edition); or

(ii) Inpatient setting. For the duration of an entire hospitalization in accordance with, at a minimum, the version of the standard specified in Sec. 170.207(a)(3).(SNOMED CT July 2012 Edition)

(6) Medication list. Enable a user to electronically record, change, and access a patient's active medication list as well as medication history:

(i) Ambulatory setting. Over multiple encounters; or

(ii) Inpatient setting. For the duration of an entire hospitalization.

(7) Medication allergy list. Enable a user to electronically record, change, and access a patient's active medication allergy list as well as medication allergy history:

(i) Ambulatory setting. Over multiple encounters; or

(ii) Inpatient setting. For the duration of an entire hospitalization.

(8) Clinical decision support.

(i) Evidence-based decision support interventions. Enable a limited set of identified users to select (i.e., activate) one or more electronic clinical decision support interventions (in addition to drug-drug and drug-allergy contraindication checking) based on each one and at least one combination of the following data:

(A) Problem list;

(B) Medication list;

(C) Medication allergy list;

(D) Demographics;

(E) Laboratory tests and values/results; and

(F) Vital signs.

(ii) Linked referential clinical decision support.

(A) EHR technology must be able to:

(1) Electronically identify for a user diagnostic and therapeutic reference information; or

(2) Electronically identify for a user diagnostic and therapeutic reference information in accordance with the standard specified at Sec. 170.204(b) and the implementation specifications at Sec. 170.204 (b)(1) or (2).

(B) For paragraph (a)(8)(ii)(A) of this section, EHR technology must be able to electronically identify for a user diagnostic or therapeutic reference information based on each one and at least one combination of the data referenced in paragraphs (a)(8)(i)(A) through (F) of this section.

(iii) Clinical decision support configuration.

(A) Enable interventions and reference resources specified in paragraphs (a)(8)(i) and (ii) of this section to be configured by a limited set of identified users (e.g., system administrator) based on a user's role.

(B) EHR technology must enable interventions to be electronically triggered:

(1) Based on the data referenced in paragraphs (a)(8)(i)(A) through (F) of this section.

(2) When a patient's medications, medication allergies, and problems are incorporated from a transition of care/referral summary received pursuant to paragraph (b)(1)(iii) of this section.

(3) Ambulatory setting only. When a patient's laboratory tests and values/results are incorporated pursuant to paragraph (b)(5)(i)(A)(1) of this section.

(iv) Automatically and electronically interact. Interventions triggered in accordance with paragraphs (a)(8)(i) through (iii) of this section must automatically and electronically occur when a user is interacting with EHR technology.

(v) Source attributes. Enable a user to review the attributes as indicated for all clinical decision support resources:

(A) For evidence-based decision support interventions under paragraph (a)(8)(i) of this section:

(1) Bibliographic citation of the intervention (clinical research/guideline);

(2) Developer of the intervention (translation from clinical research/guideline);

(3) Funding source of the intervention development technical implementation; and

(4) Release and, if applicable, revision date(s) of the intervention or reference source.

(B) For linked referential clinical decision support in paragraph (a)(8)(ii) of this section and drug-drug, drug-allergy interaction checks in paragraph(a)(2) of this section, the developer of the intervention, and where clinically indicated, the bibliographic citation of the intervention (clinical research/guideline).

(9) Electronic notes. Enable a user to electronically record, change, access, and search electronic notes.

(10) Drug-formulary checks. EHR technology must automatically and electronically check whether a drug formulary (or preferred drug list) exists for a given patient and medication.

(11) Smoking status. Enable a user to electronically record, change, and access the smoking status of a patient in accordance with the standard specified at Sec. 170.207(h).

(12) Image results. Electronically indicate to a user the availability of a patient's images and narrative interpretations (relating to the radiographic or other diagnostic test(s)) and enable electronic access to such images and narrative interpretations.

(13) Family health history. Enable a user to electronically record, change, and access a patient's family health history according to:

(i) At a minimum, the version of the standard specified in Sec. 170.207(a)(3); or

(ii) The standard specified in Sec. 170.207(j).

(14) Patient list creation. Enable a user to electronically and dynamically select, sort, access, and create patient lists by: date and time; and based on each one and at least one combination of the following data:

(i) Problems;

(ii) Medications;

(iii) Medication allergies;

(iv) Demographics;

(v) Laboratory tests and values/results; and

(vi) Ambulatory setting only. Patient communication preferences.

(15) Patient-specific education resources. EHR technology must be able to electronically identify for a user patient-specific education resources based on data included in the patient's problem list,medication list, and laboratory tests and values/results:

(i) In accordance with the standard specified at Sec. 170.204(b) and the implementation specifications at Sec. 170.204(b)(1) or (2); and

(ii) By any means other than the method specified in paragraph (a)(15)(i) of this section.

(16) Inpatient setting only--electronic medication administration record.

(i) In combination with an assistive technology that provides automated information on the ``rights specified in paragraphs (a)(16)(i)(A) through (E) of this section, enable a user to electronically verify the following before administering medication(s):

(A) Right patient. The patient to whom the medication is to be administered matches the medication to be administered.

(B) Right medication. The medication to be administered matches the medication ordered for the patient.

(C) Right dose. The dose of the medication to be administered matches the dose of the medication ordered for the patient.

(D) Right route. The route of medication delivery matches the route specified in the medication order.

(E) Right time. The time that the medication was ordered to be administered compared to the current time.

(ii) Right documentation. Electronically record the time and date in accordance with the standard specified in Sec. 170.210(g), and user identification when a medication is administered.

(17) Inpatient setting only--advance directives. Enable a user to electronically record whether a patient has an advance directive.

(b) Care coordination.

(1) Transitions of care--receive, display, and incorporate transition of care/referral summaries.

(i) Receive. EHR technology must be able to electronically receive transition of care/referral summaries in accordance with:

(A) The standard specified in Sec. 170.202(a).

(B) Optional. The standards specified in Sec. 170.202(a) and (b).

(C) Optional. The standards specified in Sec. 170.202(b) and (c).

(ii) Display. EHR technology must be able to electronically display in human readable format the data included in transition of care/referral summaries received and formatted according to any of the following standards (and applicable implementation specifications) specified in: Sec. 170.205(a)(1), Sec. 170.205(a)(2), and Sec. 170.205(a)(3).

(iii) Incorporate. Upon receipt of a transition of care/referral summary formatted according to the standard adopted at Sec. 170.205(a)(3), EHR technology must be able to:

(A) Correct patient. Demonstrate that the transition of care/referral summary received is or can be properly matched to the correct patient.

(B) Data incorporation. Electronically incorporate the following data expressed according to the specified standard(s):

(1) Medications. At a minimum, the version of the standard specified in Sec. 170.207(d)(2);

(2) Problems. At a minimum, the version of the standard specified in Sec. 170.207(a)(3);

(3) Medication allergies. At a minimum, the version of the standard specified in Sec. 170.207(d)(2).

(C) Section views. Extract and allow for individual display each additional section or sections (and the accompanying document header information) that were included in a transition of care/referral summary received and formatted in accordance with the standard adopted at Sec. 170.205(a)(3).

(2) Transitions of care--create and transmit transition of care/referral summaries.

(i) Create. Enable a user to electronically create a transition of care/referral summary formatted according to the standard adopted at Sec. 170.205(a)(3) that includes, at a minimum, the Common MU Data Set and the following data expressed, where applicable, according to the specified standard(s):

(A) Encounter diagnoses. The standard specified in Sec. 170.207(i) or, at a minimum, the version of the standard specified Sec.170.207(a)(3);

(B) Immunizations. The standard specified in Sec. 170.207(e)(2);

(C) Cognitive status;

(D) Functional status; and

(E) Ambulatory setting only. The reason for referral; and referring or transitioning provider's name and office contact information.

(F) Inpatient setting only. Discharge instructions.

(ii) Transmit. Enable a user to electronically transmit the transition of care/referral summary created in paragraph (b)(2)(i) of this section in accordance with:

(A) The standard specified in Sec. 170.202(a).

(B) Optional. The standards specified in Sec. 170.202(a) and (b).

(C) Optional. The standards specified in Sec. 170.202(b) and (c).

(3) Electronic prescribing. Enable a user to electronically create prescriptions and prescription-related information for electronic transmission in accordance with:

(i) The standard specified in Sec. 170.205(b)(2); and

(ii) At a minimum, the version of the standard specified in Sec. 170.207(d)(2).

(4) Clinical information reconciliation. Enable a user to electronically reconcile the data that represent a patient's active medication, problem, and medication allergy list as follows. For each list type:

(i) Electronically and simultaneously display (i.e., in a single view) the data from at least two list sources in a manner that allows a user to view the data and their attributes, which must include, at a minimum, the source and last modification date.

(ii) Enable a user to create a single reconciled list of medications, medication allergies, or problems.

(iii) Enable a user to review and validate the accuracy of a final set of data and, upon a user's confirmation, automatically update the list.

(5) Incorporate laboratory tests and values/results.

(i) Receive results.

(A) Ambulatory setting only.

(1) Electronically receive and incorporate clinical laboratory tests and values/results in accordance with the standard specified in Sec. 170.205(j) and, at a minimum, the version of the standard specified in Sec. 170.207(c)(2).

(2) Electronically display the tests and values/results received in human readable format.

(B) Inpatient setting only. Electronically receive clinical laboratory tests and values/results in a structured format and electronically display such tests and values/results in human readable format.

(ii) Electronically display all the information for a test report specified at 42 CFR 493.1291(c)(1) through (7).

(iii) Electronically attribute, associate, or link a laboratory test and value/result with a laboratory order or patient record.

(6) Inpatient setting only--transmission of electronic laboratory tests and values/results to ambulatory providers. EHR technology must be able to electronically create laboratory test reports for electronic transmission in accordance with the standard specified in Sec. 170.205(j) and with laboratory tests expressed in accordance with, at a minimum, the version of the standard specified in Sec. 170.207(c)(2).

(7) Data portability. Enable a user to electronically create a set of export summaries for all patients in EHR technology formatted according to the standard adopted at Sec. 170.205(a)(3) that represents the most current clinical information about each patient and includes, at a minimum, the Common MU Data Set and the following data expressed, where applicable, according to the specified standard(s):

(i) Encounter diagnoses. The standard specified in Sec. 170.207(i) or, at a minimum, the version of the standard at Sec. 170.207(a)(3);

(ii) Immunizations. The standard specified in Sec. 170.207(e)(2);

(iii) Cognitive status;

(iv) Functional status; and

(v) Ambulatory setting only. The reason for referral; and referring or transitioning provider's name and office contact information.

(vi) Inpatient setting only. Discharge instructions.

(c) Clinical quality measures.

(1) Clinical Quality Measures-- capture and export. (i) Capture. For each and every CQM for which the EHR technology is presented for certification, EHR technology must be able to electronically record all of the data identified in the standard specified at Sec. 170.204(c) that would be necessary to calculate each CQM. Data required for CQM exclusions or exceptions must be codified entries, which may include specific terms as defined by each CQM, or may include codified expressions of ``patient reason,``system reason, or ``medical reason.

(ii) Export. EHR technology must be able to electronically export a data file formatted in accordance with the standards specified at Sec. 170.205(h) that includes all of the data captured for each and every CQM to which EHR technology was certified under paragraph (c)(1)(i) of this section.

(2) Clinical quality measures--import and calculate.

(i) Import. EHR technology must be able to electronically import a data file formatted in accordance with the standard specified at Sec. 170.205(h) and use such data to perform the capability specified in paragraph (c)(2)(ii) of this section. EHR technology presented for certification to all three of the certification criteria adopted in paragraphs (c)(1) through (3) of this section is not required to meet paragraph (c)(2)(i).

(ii) Calculate. EHR technology must be able to electronically calculate each and every clinical quality measure for which it is presented for certification.

(3) Clinical quality measures--electronic submission. Enable a user to electronically create a data file for transmission of clinical quality measurement data:

(i) In accordance with the standards specified at Sec. 170.205(h).and (k); and

(ii) That can be electronically accepted by CMS.

(d) Privacy and security.

(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and

(ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.

(2) Auditable events and tamper-resistance.

(i) Record actions. EHR technology must be able to:

(A) Record actions related to electronic health information in accordance with the standard specified in Sec. 170.210(e)(1);

(B) Record the audit log status (enabled or disabled) in accordance with the standard specified in Sec. 170.210(e)(2) unless it cannot be disabled by any user; and

(C) Record the encryption status (enabled or disabled) of electronic health information locally stored on end-user devices by EHR technology in accordance with the standard specified in Sec. 170.210(e)(3) unless the EHR technology prevents electronic health information from being locally stored on end-user devices (see 170.314(d)(7) of this section).

(ii) Default setting. EHR technology must be set by default to perform the capabilities specified in paragraph (d)(2)(i)(A) of this section and, where applicable, paragraphs (d)(2)(i)(B) or (C), or both paragraphs (d)(2)(i)(B) and (C).

(iii) When disabling the audit log is permitted. For each capability specified in paragraphs (d)(2)(i)(A) through (C) of this section that EHR technology permits to be disabled, the ability to do so must be restricted to a limited set of identified users.

(iv) Audit log protection. Actions and statuses recorded in accordance with paragraph (d)(2)(i) of this section must not be capable of being changed, overwritten, or deleted by the EHR technology.

(v) Detection. EHR technology must be able to detect whether the audit log has been altered.

(3) Audit report(s). Enable a user to create an audit report for a specific time period and to sort entries in the audit log according to each of the data specified in the standards at Sec. 170.210(e).

(4) Amendments. Enable a user to electronically select the record affected by a patient's request for amendment and perform the capabilities specified in paragraphs (d)(4)(i) or (ii) of this section.

(i) Accepted amendment. For an accepted amendment, append the amendment to the affected record or include a link that indicates the amendment's location.

(ii) Denied amendment. For a denied amendment, at a minimum, append the request and denial of the request to the affected record or include a link that indicates this information's location.

(5) Automatic log-off. Prevent a user from gaining further access to an electronic session after a predetermined time of inactivity.

(6) Emergency access. Permit an identified set of users to access electronic health information during an emergency.

(7) End-user device encryption. Paragraph (d)(7)(i) or (ii) of this section must be met to satisfy this certification criterion.

(i) EHR technology that is designed to locally store electronic health information on end-user devices must encrypt the electronic health information stored on such devices after use of EHR technology on those devices stops.

(A) Electronic health information that is stored must be encrypted in accordance with the standard specified in Sec. 170.210(a)(1).

(B) Default setting. EHR technology must be set by default to perform this capability and, unless this configuration cannot be disabled by any user, the ability to change the configuration must be restricted to a limited set of identified users.

(ii) EHR technology is designed to prevent electronic health information from being locally stored on end-user devices after use of EHR technology on those devices stops.

(8) Integrity.

(i) Create a message digest in accordance with the standard specified in Sec. 170.210(c).

(ii) Verify in accordance with the standard specified in Sec. 170.210(c) upon receipt of electronically exchanged health information that such information has not been altered.

(9) Optional--accounting of disclosures. Record disclosures made for treatment, payment, and health care operations in accordance with the standard specified in Sec. 170.210(d).

(e) Patient engagement.

(1) View, download, and transmit to 3rd party.

(i) EHR technology must provide patients (and their authorized representatives) with an online means to view, download, and transmit to a 3rd party the data specified below. Access to these capabilities must be through a secure channel that ensures all content is encrypted and integrity-protected in accordance with the standard for encryption and hashing algorithms specified at Sec. 170.210(f).

(A) View. Electronically view in accordance with the standard adopted at Sec. 170.204(a), at a minimum, the following data:

(1) The Common MU Data Set (which should be in their English (i.e.,/non-coded) representation if they associate with a vocabulary/code set).

(2) Ambulatory setting only. Provider's name and office contact information.

(3) Inpatient setting only. Admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.

(B) Download.

(1) Electronically download an ambulatory summary or inpatient summary (as applicable to the EHR technology setting for which certification is requested) in human readable format or formatted according to the standard adopted at Sec. 170.205(a)(3) that includes, at a minimum, the following data (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set):

(i) Ambulatory setting only. All of the data specified in paragraph (e)(1)(i)(A)(1) and (2) of this section.

(ii) Inpatient setting only. All of the data specified in paragraphs (e)(1)(i)(A)(1) and (3) of this section.

(2) Inpatient setting only. Electronically download transition of care/referral summaries that were created as a result of a transition of care (pursuant to the capability expressed in the certification criterion adopted at paragraph (b)(2) of this section).

(C) Transmit to third party.

(1) Electronically transmit the ambulatory summary or inpatient summary (as applicable to the EHR technology setting for which certification is requested) created in paragraph (e)(1)(i)(B)(1) of this section in accordance with the standard specified in Sec. 170.202(a).

(2) Inpatient setting only. Electronically transmit transition of care/referral summaries (as a result of a transition of care/referral) selected by the patient (or their authorized representative) in accordance with the standard specified in Sec. 170.202(a).

(ii) Activity history log.

(A) When electronic health information is viewed, downloaded, or transmitted to a third-party using the capabilities included in paragraphs (e)(1)(i)(A) through (C) of this section, the following information must be recorded and made accessible to the patient:

(1) The action(s) (i.e., view, download, transmission) that occurred;

(2) The date and time each action occurred in accordance with the standard specified at Sec. 170.210(g); and

(3) The user who took the action.

(B) EHR technology presented for certification may demonstrate compliance with paragraph (e)(1)(ii)(A) of this section if it is also certified to the certification criterion adopted at Sec. 170.314(d)(2) and the information required to be recorded in paragraph (e)(1)(ii)(A) is accessible by the patient.

(2) Ambulatory setting only--clinical summary.

(i) Create. Enable a user to create a clinical summary for a patient in human readable format and formatted according to the standards adopted at Sec. 170.205(a)(3).

(ii) Customization. Enable a user to customize the data included in the clinical summary.

(iii) Minimum data from which to select. EHR technology must permit a user to select, at a minimum, the following data when creating a clinical summary:

(A) Common MU Data Set (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set)

(B) The provider's name and office contact information; date and location of visit; reason for visit; immunizations and/or medications administered during the visit; diagnostic tests pending; clinical instructions; future appointments; referrals to other providers; future scheduled tests; and recommended patient decision aids.

(3) Ambulatory setting only--secure messaging. Enable a user to electronically send messages to, and receive messages from, a patient in a manner that ensures:

(i) Both the patient (or authorized representative) and EHR technology user are authenticated; and

(ii) The message content is encrypted and integrity-protected in accordance with the standard for encryption and hashing algorithms specified at Sec. 170.210(f).

(f) Public health.

(1) Immunization information. Enable a user to electronically record, change, and access immunization information.

(2) Transmission to immunization registries. EHR technology must be able to electronically create immunization information for electronic transmission in accordance with:

(i) The standard and applicable implementation specifications specified in Sec. 170.205(e)(3); and

(ii) At a minimum, the version of the standard specified in Sec. 170.207(e)(2).

(3) Transmission to public health agencies--syndromic surveillance. EHR technology must be able to electronically create syndrome-based public health surveillance information for electronic transmission in accordance with:

(i) Ambulatory setting only.

(A) The standard specified in Sec. 170.205(d)(2).

(B) Optional. The standard (and applicable implementation specifications) specified in Sec. 170.205(d)(3).

(ii) Inpatient setting only. The standard (and applicable implementation specifications) specified in Sec. 170.205(d)(3).

(4) Inpatient setting only--transmission of reportable laboratory tests and values/results. EHR technology must be able to electronically create reportable laboratory tests and values/results for electronic transmission in accordance with:

(i) The standard (and applicable implementation specifications) specified in Sec. 170.205(g); and

(ii) At a minimum, the versions of the standards specified in Sec.170.207(a)(3) and (c)(2).

(5) Optional--ambulatory setting only--cancer case information. Enable a user to electronically record, change, and access cancer case information.

(6) Optional--ambulatory setting only--transmission to cancer registries. EHR technology must be able to electronically create cancer case information for electronic transmission in accordance with:

(i) The standard (and applicable implementation specifications) specified in Sec. 170.205(i); and

(ii) At a minimum, the versions of the standards specified in Sec. 170.207(a)(3) and (c)(2).

(g) Utilization.

(1) Automated numerator recording. For each meaningful use objective with a percentage-based measure, EHR technology must be able to create a report or file that enables a user to review the patients or actions that would make the patient or action eligible to be included in the measure's numerator. The information in the report or file created must be of sufficient detail such that it enables a user to match those patients or actions to meet the measure's denominator limitations when necessary to generate an accurate percentage.

(2) Automated measure calculation. For each meaningful use objective with a percentage-based measure that is supported by a capability included in an EHR technology, electronically record the numerator and denominator and create a report including the numerator, denominator, and resulting percentage associated with each applicable meaningful use measure.

(3) Safety-enhanced design. User-centered design processes must be applied to each capability an EHR technology includes that is specified in the following certification criteria: Sec. 170.314(a)(1), (2), (6) through (8), and (16) and (b)(3) and (4).

(4) Quality management system. For each capability that an EHR technology includes and for which that capability's certification is sought, the use of a Quality Management System (QMS) in the development, testing, implementation and maintenance of that capability must be identified.

(i) If a single QMS was used for applicable capabilities, it would only need to be identified once.

(ii) If different QMS were applied to specific capabilities, each QMS applied would need to be identified. This would include the application of a QMS to some capabilities and none to others.

(iii) If no QMS was applied to all applicable capabilities such a response is acceptable to satisfy this certification criterion.