HIPAA Compliance Plan
« Previous PageHIT Standards ContentsNext Page »

Download our Free HIPAA Project Plan.

§170.304 Specific certification criteria for Complete EHRs or EHR Modules designed for an ambulatory setting.

The Secretary adopts the following certification criteria for Complete EHRs or EHR Modules designed to be used in an ambulatory setting. Complete EHRs or EHR Modules must include the capability to perform the following functions electronically and in accordance with all applicable standards and implementation specifications adopted in this part:

(a) Computerized provider order entry. Enable a user to electronically record, store, retrieve, and manage, at a minimum, the following order types:

(1) Medications;

(2) Laboratory;

(3) Radiology/imaging; and

(4) Provider referrals.

(b) Electronically exchange prescription information. Enable a user to electronically transmit medication orders (prescriptions) for patients in accordance with the standards specified in §170.205(c).

(c) Record demographics. Enable a user to electronically record, modify, and retrieve patient demographic data including preferred language, insurance type, gender, race, ethnicity, and date of birth.

(d) Generate patient reminder list. Electronically generate, upon request, a patient reminder list for preventive or follow-up care according to patient preferences based on demographic data, specific conditions, and/or medication list.

(e) Clinical decision support.

(1) Implement rules. Implement automated, electronic clinical decision support rules (in addition to drug-drug and drug-allergy contraindication checking) according to specialty or clinical priorities that use demographic data, specific patient diagnoses, conditions, diagnostic test results and/or patient medication list.

(2) Alerts. Automatically and electronically generate and indicate in real-time, alerts and care suggestions based upon clinical decision support rules and evidence grade.

(3) Alert statistics. Automatically and electronically track, record, and generate reports on the number of alerts responded to by a user.

(f) Electronic copy of health information. Enable a user to create an electronic copy of a patient’s clinical information, including, at a minimum, diagnostic test results, problem list, medication list, medication allergy list, immunizations, and procedures in:

(1) Human readable format; and

(2) On electronic media or through some other electronic means in accordance with:

(i) One of the standards specified in §170.205(a)(1);

(ii) The standard specified in §170.205(a)(2)(i)(A), or, at a minimum, the version of the standard specified in §170.205(a)(2)(i)(B);

(iii) One of the standards specified in §170.205(a)(2)(ii);

(iv) At a minimum, the version of the standard specified in §170.205(a)(2)(iii); and

(v) The standard specified in §170.205(a)(2)(iv).

(g) Timely access. Enable a user to provide patients with online access to their clinical information, including, at a minimum, lab test results, problem list, medication list, medication allergy list, immunizations, and procedures.

(h) Clinical summaries.

(1) Provision. Enable a user to provide clinical summaries to patients for each office visit that include, at a minimum, diagnostic test results, problem list, medication list, medication allergy list, immunizations and procedures.

(2) Provided electronically. If the clinical summary is provided electronically it must be:

(i) Provided in human readable format; and

(ii) On electronic media or through some other electronic means in accordance with:

(A) One of the standards specified in §170.205(a)(1);

(B) The standard specified in §170.205(a)(2)(i)(A), or, at a minimum, the version of the standard specified in §170.205(a)(2)(i)(B);

(C) One of the standards specified in §170.205(a)(2)(ii);

(D) At a minimum, the version of the standard specified in §170.205(a)(2)(iii); and

(E) The standard specified in §170.205(a)(2)(iv).

(i) Exchange clinical information and patient summary record.

(1) Electronically receive and display. Electronically receive a patient’s summary record, from other providers and organizations including, at a minimum, diagnostic tests results, problem list, medication list, medication allergy list, immunizations, and procedures in accordance with §170.205(a) and upon receipt of a patient summary record formatted in an alternate standard specified in §170.205(a)(1), display it in human readable format.

(2) Electronically transmit. Enable a user to electronically transmit a patient summary record to other providers and organizations including, at a minimum, diagnostic test results, problem list, medication list, medication allergy list, immunizations, and procedures in accordance with:

(i) One of the standards specified in §170.205(a)(1);

(ii) The standard specified in §170.205(a)(2)(i)(A), or, at a minimum, the version of the standard specified in §170.205(a)(2)(i)(B);

(iii) One of the standards specified in §170.205(a)(2)(ii);

(iv) At a minimum, the version of the standard specified in §170.205(a)(2)(iii); and

(v) The standard specified in §170.205(a)(2)(iv).

Make sure you are Omnibus Rule Compliant: HIPAA Privacy Checklist.

« Previous PageHIT Standards ContentsNext Page »