• Print

Frequently Asked Questions

Ask a Question. Find an Answer.
Browse Questions by Topic
Health Information Privacy and Security
Using Mobile Devices

CMS’ Stage 2 Electronic Health Record Incentive Programs Final Rule and CMS MU stage 2 guidance explain that eligible professionals or hospitals must conduct or review a security risk analysis that includes addressing the encryption/security of data stored in certified EHR technology.

ONC’s 2014 Edition Standards and Certification Criteria explains that if data is locally stored on a mobile device that is a certified EHR technology, the EHR technology must be designed to encrypt the locally stored electronic health information by default.



< Back to FAQs