§170.315(f)(5) Transmission to public health agencies — electronic case reporting

2015 Edition Cures Update CCG
2015 Edition Cures Update Conformance Method

Updated on 09-11-2023

Revision History

Version #	Description of Change	Version Date
1.0	Final Test Procedure	08-11-2017
1.1	As of September 21, 2017, Test Procedure has been moved to Attestation/Developer self-declaration only.	09-21-2017
1.2	Changed language from self-declaration to attestation.	08-25-2021
1.3	Updated to include approved Standards Version Advancement Process (SVAP) standards for 2022.	08-29-2022
1.4	Updated to include the Standards Version Advancement Process (SVAP) Approved Standards for 2023.	09-11-2023

Regulation Text

§ 170.315 (f)(5) Transmission to public health agencies – electronic case reporting—

Consume and maintain a table of trigger codes to determine which encounters may be reportable.
Match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.
Case report creation. Create a case report for electronic transmission:
1. Based on a matched trigger from paragraph (f)(5)(ii).
2. That includes, at a minimum:
  1. The data classes expressed in the standards in § 170.213, or
  2. The Common Clinical Data Set until December 31, 2022.
  3. Encounter diagnoses. Formatted according to at least one of the following standards:
    1. The standard specified in § 170.207(i).
    2. At a minimum, the version of the standard specified in § 170.207(a)(4).
  4. The provider's name, office contact information, and reason for visit.
  5. An identifier representing the row and version of the trigger table that triggered the case report.

Standard(s) Referenced

Paragraph (f)(5)(iii)

§ 170.213 United States Core Data for Interoperability (USCDI), Version 1

§ 170.207(a)(4)International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT^®), U.S. Edition, September 2019 Release

§ 170.207(i) Encounter diagnoses: The code set specified at 45 CFR 162.1002(c)(2) for the indicated conditions ICD-10-CM as maintained and distributed by HHS, for the following conditions:

Diseases.
Injuries.
Impairments.
Other health problems and their manifestations.
Causes of injury, disease, impairment, or other health problems.

Standards Version Advancement Process Approved

§ 170.213 United States Core Data for Interoperability (USCDI), Version 3, October 2022 Errata

The following is available for certification until December 31, 2023:

§ 170.213 United States Core Data for Interoperability (USCDI), Version 2

For more information, please visit the Standards Version Advancement Process (SVAP) Version(s) page.

Resource Documents

Resource Document

Revision History

Version #	Description of Change	Version Date
1.0	Final Test Procedure	08-11-2017
1.1	As of September 21, 2017, Test Procedure has been moved to Attestation/Developer self-declaration only.	09-21-2017
1.2	Changed language from self-declaration to attestation.	08-25-2021
1.3	Updated to include approved Standards Version Advancement Process (SVAP) standards for 2022.	08-29-2022
1.4	Updated to include the Standards Version Advancement Process (SVAP) Approved Standards for 2023.	09-11-2023

Regulation Text

Regulation Text

§ 170.315 (f)(5) Transmission to public health agencies – electronic case reporting—

Consume and maintain a table of trigger codes to determine which encounters may be reportable.
Match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.
Case report creation. Create a case report for electronic transmission:
1. Based on a matched trigger from paragraph (f)(5)(ii).
2. That includes, at a minimum:
  1. The data classes expressed in the standards in § 170.213, or
  2. The Common Clinical Data Set until December 31, 2022.
  3. Encounter diagnoses. Formatted according to at least one of the following standards:
    1. The standard specified in § 170.207(i).
    2. At a minimum, the version of the standard specified in § 170.207(a)(4).
  4. The provider's name, office contact information, and reason for visit.
  5. An identifier representing the row and version of the trigger table that triggered the case report.

Standard(s) Referenced

Paragraph (f)(5)(iii)

§ 170.213 United States Core Data for Interoperability (USCDI), Version 1

§ 170.207(a)(4)International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT^®), U.S. Edition, September 2019 Release

§ 170.207(i) Encounter diagnoses: The code set specified at 45 CFR 162.1002(c)(2) for the indicated conditions ICD-10-CM as maintained and distributed by HHS, for the following conditions:

Diseases.
Injuries.
Impairments.
Other health problems and their manifestations.
Causes of injury, disease, impairment, or other health problems.

Standards Version Advancement Process Approved

§ 170.213 United States Core Data for Interoperability (USCDI), Version 3, October 2022 Errata

The following is available for certification until December 31, 2023:

§ 170.213 United States Core Data for Interoperability (USCDI), Version 2

For more information, please visit the Standards Version Advancement Process (SVAP) Version(s) page.

Testing components

Attestation: As of September 21, 2017, the testing approach for this criterion is satisfied by attestation.

The archived version of the Test Procedure is attached below for reference.

System Under Test	ONC-ACB Verification
The health IT developer will attest directly to the ONC-ACB to conformance with the § 170.315 (f)(5) Transmission to public health agencies — electronic case reporting requirements.	The ONC-ACB verifies the health IT developer attests conformance to the § 170.315 (f)(5) Transmission to public health agencies — electronic case reporting requirements.

Archived Version:

§170.315(f)(5) Test Procedure

Reference Documents

Trigger Code Table Examples 08-11-2016

Archived Version:

§ 170.315(f)(5) Transmission to public health agencies — electronic case reporting TP

Updated on 10-05-2021

Revision History

Version #	Description of Change	Version Date
1.0	Initial Publication	06-15-2020
1.1	Updated compliance date per the Interim Final Rule (IFR), Information Blocking and the ONC Health IT Certification Program: Extension of Compliance Dates and Timeframes in Response to the COVID-19 Public Health Emergency	11-02-2020
1.2	Removed the reliance on C-CDA R2.1 and C-CDA Companion Guide that was included in the ONC Cures Act Final Rule in error, and updated Clarification to include eCR Now guidance	04-02-2021
1.3	Updated “Technical Outcome” text in CCG sections to align with regulation text. Clarified that the optional certification pathway using the eCR Now FHIR® application may require a different set of data elements than specified in § 170.315(f)(5)(iii)(B)(1) or (2). Removed the subset list of USCDI data elements from the paragraph (f)(5)(iii) clarification. Added a clarification regarding health IT developer attestation for data element support.	07-12-2021
1.4	Removed paragraph describing the optional use of ONC-approved testing tools for this criterion, given that there are currently no ONC-approved testing tools that specifically support this criterion.	10-05-2021

Regulation Text

§ 170.315 (f)(5) Transmission to public health agencies – electronic case reporting—

Consume and maintain a table of trigger codes to determine which encounters may be reportable.
Match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.
Case report creation. Create a case report for electronic transmission:
1. Based on a matched trigger from paragraph (f)(5)(ii).
2. That includes, at a minimum:
  1. The data classes expressed in the standards in § 170.213, or
  2. The Common Clinical Data Set until December 31, 2022.
  3. Encounter diagnoses. Formatted according to at least one of the following standards:
    1. The standard specified in § 170.207(i).
    2. At a minimum, the version of the standard specified in § 170.207(a)(4).
  4. The provider's name, office contact information, and reason for visit.
  5. An identifier representing the row and version of the trigger table that triggered the case report.

Standard(s) Referenced

Paragraph (f)(5)(iii)

§ 170.213 United States Core Data for Interoperability (USCDI), Version 1

§ 170.207(a)(4)International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT^®), U.S. Edition, September 2019 Release

§ 170.207(i) Encounter diagnoses: The code set specified at 45 CFR 162.1002(c)(2) for the indicated conditions ICD-10-CM as maintained and distributed by HHS, for the following conditions:

Diseases.
Injuries.
Impairments.
Other health problems and their manifestations.
Causes of injury, disease, impairment, or other health problems.

Standards Version Advancement Process Approved

§ 170.213 United States Core Data for Interoperability (USCDI), Version 3, October 2022 Errata

The following is available for certification until December 31, 2023:

§ 170.213 United States Core Data for Interoperability (USCDI), Version 2

For more information, please visit the Standards Version Advancement Process (SVAP) Version(s) page.

Resource Documents

Resource Document

Revision History

Version #	Description of Change	Version Date
1.0	Initial Publication	06-15-2020
1.1	Updated compliance date per the Interim Final Rule (IFR), Information Blocking and the ONC Health IT Certification Program: Extension of Compliance Dates and Timeframes in Response to the COVID-19 Public Health Emergency	11-02-2020
1.2	Removed the reliance on C-CDA R2.1 and C-CDA Companion Guide that was included in the ONC Cures Act Final Rule in error, and updated Clarification to include eCR Now guidance	04-02-2021
1.3	Updated “Technical Outcome” text in CCG sections to align with regulation text. Clarified that the optional certification pathway using the eCR Now FHIR® application may require a different set of data elements than specified in § 170.315(f)(5)(iii)(B)(1) or (2). Removed the subset list of USCDI data elements from the paragraph (f)(5)(iii) clarification. Added a clarification regarding health IT developer attestation for data element support.	07-12-2021
1.4	Removed paragraph describing the optional use of ONC-approved testing tools for this criterion, given that there are currently no ONC-approved testing tools that specifically support this criterion.	10-05-2021

Regulation Text

Regulation Text

§ 170.315 (f)(5) Transmission to public health agencies – electronic case reporting—

Consume and maintain a table of trigger codes to determine which encounters may be reportable.
Match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.
Case report creation. Create a case report for electronic transmission:
1. Based on a matched trigger from paragraph (f)(5)(ii).
2. That includes, at a minimum:
  1. The data classes expressed in the standards in § 170.213, or
  2. The Common Clinical Data Set until December 31, 2022.
  3. Encounter diagnoses. Formatted according to at least one of the following standards:
    1. The standard specified in § 170.207(i).
    2. At a minimum, the version of the standard specified in § 170.207(a)(4).
  4. The provider's name, office contact information, and reason for visit.
  5. An identifier representing the row and version of the trigger table that triggered the case report.

Standard(s) Referenced

Paragraph (f)(5)(iii)

§ 170.213 United States Core Data for Interoperability (USCDI), Version 1

§ 170.207(a)(4)International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT^®), U.S. Edition, September 2019 Release

§ 170.207(i) Encounter diagnoses: The code set specified at 45 CFR 162.1002(c)(2) for the indicated conditions ICD-10-CM as maintained and distributed by HHS, for the following conditions:

Diseases.
Injuries.
Impairments.
Other health problems and their manifestations.
Causes of injury, disease, impairment, or other health problems.

Standards Version Advancement Process Approved

§ 170.213 United States Core Data for Interoperability (USCDI), Version 3, October 2022 Errata

The following is available for certification until December 31, 2023:

§ 170.213 United States Core Data for Interoperability (USCDI), Version 2

For more information, please visit the Standards Version Advancement Process (SVAP) Version(s) page.

Certification Companion Guide: Transmission to public health agencies — electronic case reporting

This Certification Companion Guide (CCG) is an informative document designed to assist with health IT product development. The CCG is not a substitute for the 21^st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program Final Rule (ONC Cures Act Final Rule). It extracts key portions of the rule’s preamble and includes subsequent clarifying interpretations. To access the full context of regulatory intent please consult the ONC Cures Act Final Rule or other included regulatory reference. The CCG is for public use and should not be sold or redistributed.

Link to ONC Cures Act Final Rule Preamble

Link to Interim Final Rule

Base EHR Definition	In Scope for CEHRT Definition	Real World Testing	USCDI	SVAP
Not Included	Yes	Yes	Yes	Yes

Certification Requirements

Privacy and Security: This certification criterion was adopted at § 170.315(f)(5). As a result, an ONC Authorized Certification Body (ONC-ACB) must ensure that a product presented for certification to a § 170.315(f) criterion includes the privacy and security criteria (adopted in § 170.315(d)) within the overall scope of the certificate issued to the product.

The privacy and security criteria (adopted in § 170.315(d)) do not need to be explicitly tested with this specific paragraph (f) criterion unless it is the only criterion for which certification is requested.
As a general rule, a product presented for certification only needs to be presented once to each applicable privacy and security criterion (adopted in § 170.315(d)) so long as the health IT developer attests that such privacy and security capabilities apply to the full scope of capabilities included in the requested certification. However, exceptions exist for § 170.315(e)(1) “View, download and transmit to 3^rd party (VDT)” and (e)(2) “Secure messaging”, which are explicitly stated.

Table for Privacy and Security

If choosing Approach 1:
If choosing Approach 2:
- For each applicable privacy and security certification criterion not certified for Approach 1, the health IT developer may certify using system documentation which is sufficiently detailed to enable integration such that the Health IT Module has implemented service interfaces the Health IT Module to access external services necessary to meet the requirements of the privacy and security certification criterion. Please see the ONC Cures Act Final Rule at 85 FR 25710 for additional clarification.

Design and Performance: The following design and performance certification criteria (adopted in § 170.315(g)) must also be certified for the product to be certified.

When a single quality management system (QMS) is used, the QMS only needs to be identified once. Otherwise, when different QMS are used, each QMS needs to be separately identified for every capability to which it was applied.
When a single accessibility-centered design standard is used, the standard only needs to be identified once. Otherwise, the accessibility-centered design standards need to be identified for every capability to which they were applied; or, alternatively, the developer must state that no accessibility-centered design was used.

Table for Design and Performance

Certification Requirements

The privacy and security criteria (adopted in § 170.315(d)) do not need to be explicitly tested with this specific paragraph (f) criterion unless it is the only criterion for which certification is requested.
As a general rule, a product presented for certification only needs to be presented once to each applicable privacy and security criterion (adopted in § 170.315(d)) so long as the health IT developer attests that such privacy and security capabilities apply to the full scope of capabilities included in the requested certification. However, exceptions exist for § 170.315(e)(1) “View, download and transmit to 3^rd party (VDT)” and (e)(2) “Secure messaging”, which are explicitly stated.

Design and Performance: The following design and performance certification criteria (adopted in § 170.315(g)) must also be certified for the product to be certified.

When a single quality management system (QMS) is used, the QMS only needs to be identified once. Otherwise, when different QMS are used, each QMS needs to be separately identified for every capability to which it was applied.
When a single accessibility-centered design standard is used, the standard only needs to be identified once. Otherwise, the accessibility-centered design standards need to be identified for every capability to which they were applied; or, alternatively, the developer must state that no accessibility-centered design was used.

Table for Privacy and Security

If choosing Approach 1:
If choosing Approach 2:
- For each applicable privacy and security certification criterion not certified for Approach 1, the health IT developer may certify using system documentation which is sufficiently detailed to enable integration such that the Health IT Module has implemented service interfaces the Health IT Module to access external services necessary to meet the requirements of the privacy and security certification criterion. Please see the ONC Cures Act Final Rule at 85 FR 25710 for additional clarification.

Table for Design and Performance

Technical Explanations and Clarifications

Applies to entire criterion

Clarifications:

For the public health certification criteria in § 170.315(f), health IT will only need to be certified to those criteria that are required to meet the measures the provider intends to report on to meet Objective 8: Public Health and Clinical Data Registry Reporting.
A specific content exchange standard for electronic case reporting (eCR) is not required to meet this criterion. [see also 80 FR 62667]
This criterion may be met through one of the following two ways:
- Documentation that sufficiently describes how the Health IT Module meets the functional requirements of the criterion.
- Documentation eCR implementation using the eCR Now Fast Health Interoperability Resources (FHIR®) application and the ability to meet paragraph (i) of this criterion. Note that this optional certification pathway using the eCR Now FHIR^® application may require a different set of data elements than specified in § 170.315(f)(5)(iii)(B)(1) or (2).

Applies to entire criterion

Clarifications:

For the public health certification criteria in § 170.315(f), health IT will only need to be certified to those criteria that are required to meet the measures the provider intends to report on to meet Objective 8: Public Health and Clinical Data Registry Reporting.
A specific content exchange standard for electronic case reporting (eCR) is not required to meet this criterion. [see also 80 FR 62667]
This criterion may be met through one of the following two ways:
- Documentation that sufficiently describes how the Health IT Module meets the functional requirements of the criterion.
- Documentation eCR implementation using the eCR Now Fast Health Interoperability Resources (FHIR®) application and the ability to meet paragraph (i) of this criterion. Note that this optional certification pathway using the eCR Now FHIR^® application may require a different set of data elements than specified in § 170.315(f)(5)(iii)(B)(1) or (2).

Paragraph (f)(5)(i)

Technical outcome – A Health IT Module is able to consume and maintain a table of trigger codes to determine which encounters may be reportable.

Clarifications:

An example table of trigger codes is in "Trigger Code Table Examples" under the Reference Documents section on the Test Procedures tab.

Paragraph (f)(5)(i)

Technical outcome – A Health IT Module is able to consume and maintain a table of trigger codes to determine which encounters may be reportable.

Clarifications:

An example table of trigger codes is in "Trigger Code Table Examples" under the Reference Documents section on the Test Procedures tab.

Paragraph (f)(5)(ii)

Technical outcome – A Health IT Module can match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.

Clarifications:

No additional clarifications.

Paragraph (f)(5)(ii)

Technical outcome – A Health IT Module can match a patient visit or encounter to the trigger code based on the parameters of the trigger code table.

Clarifications:

No additional clarifications.

Paragraph (f)(5)(iii)

Technical outcome – A Health IT Module can create a case report for electronic transmission.

Clarifications

For attestation, a health IT developer must attest to their product’s ability to support the referenced standard(s) in § 170.315(f)(5)(iii)(B)(1) or (2). However, individual public health authorities may require a subset of this data for reporting.
ONC provides the following object identifier (OID) to assist developers in the proper identification and exchange of health information coded to certain vocabulary standards [see also 80 FR 62612-13]:
- SNOMED CT^® OID: 2.16.840.1.113883.6.96
- LOINC® OID: 2.16.840.1.113883.6.1
- RxNorm OID: 2.16.840.1.113883.6.88
- HL7^® Standard Code Set CVX-Vaccines Administered OID: 2.16.840.1.113883.12.292
- National Drug Code (NDC) Directory OID: 2.16.840.1.113883.6.69
- International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS) OID: 2.16.840.1.113883.6.4
- CDC Race and Ethnicity Code Set Version 1.0 (March 2000) OID: 2.16.840.1.113883.6.238
- Tags for Identifying Languages—Request for Comment (RFC) 5646 (preferred language) OID: 2.16.840.1.113883.6.316
- Healthcare Provider Taxonomy OID: 2.16.840.1.113883.6.101
A Health IT Module can present for testing and certification to more recent versions of the following vocabulary standards than the versions adopted in the 2015 Edition Health Information Technology Certification Criteria, 2015 Edition Base Electronic Health Record Definition, and ONC Health IT Certification Program Modifications Final Rule [see also 80 FR 62612]:
- SNOMED CT®
- LOINC®
- RxNorm
- CVX
- NDC
- CDC Race Ethnicity Code Set
The requirement for an identifier representing the row and version of the trigger table that triggered the case report in (f)(5)(iii)(B) can be met by providing an identifier that will uniquely identify the original file from which the “matched trigger” described above originated (the version of the trigger table) as well as uniquely identify the individual trigger (row) itself.

Paragraph (f)(5)(iii)

Technical outcome – A Health IT Module can create a case report for electronic transmission.

Clarifications

For attestation, a health IT developer must attest to their product’s ability to support the referenced standard(s) in § 170.315(f)(5)(iii)(B)(1) or (2). However, individual public health authorities may require a subset of this data for reporting.
ONC provides the following object identifier (OID) to assist developers in the proper identification and exchange of health information coded to certain vocabulary standards [see also 80 FR 62612-13]:
- SNOMED CT^® OID: 2.16.840.1.113883.6.96
- LOINC® OID: 2.16.840.1.113883.6.1
- RxNorm OID: 2.16.840.1.113883.6.88
- HL7^® Standard Code Set CVX-Vaccines Administered OID: 2.16.840.1.113883.12.292
- National Drug Code (NDC) Directory OID: 2.16.840.1.113883.6.69
- International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS) OID: 2.16.840.1.113883.6.4
- CDC Race and Ethnicity Code Set Version 1.0 (March 2000) OID: 2.16.840.1.113883.6.238
- Tags for Identifying Languages—Request for Comment (RFC) 5646 (preferred language) OID: 2.16.840.1.113883.6.316
- Healthcare Provider Taxonomy OID: 2.16.840.1.113883.6.101
A Health IT Module can present for testing and certification to more recent versions of the following vocabulary standards than the versions adopted in the 2015 Edition Health Information Technology Certification Criteria, 2015 Edition Base Electronic Health Record Definition, and ONC Health IT Certification Program Modifications Final Rule [see also 80 FR 62612]:
- SNOMED CT®
- LOINC®
- RxNorm
- CVX
- NDC
- CDC Race Ethnicity Code Set
The requirement for an identifier representing the row and version of the trigger table that triggered the case report in (f)(5)(iii)(B) can be met by providing an identifier that will uniquely identify the original file from which the “matched trigger” described above originated (the version of the trigger table) as well as uniquely identify the individual trigger (row) itself.

Archived Version:

§ 170.315(f)(5) Transmission to public health agencies — electronic case reporting CCG

Certification of Health IT

Health Information Technology Advisory Committee (HITAC)

Health Equity

HTI-1 Proposed Rule

Information Blocking

Interoperability

Patient Access to Health Records

Clinical Quality and Safety

Global Health IT Efforts

Health IT and Health Information Exchange Basics

HTI-1 Proposed Rule

Health IT in Health Care Settings

Health IT Resources

Laws, Regulation, and Policy

ONC Funding Opportunities

ONC HITECH Programs

Privacy, Security, and HIPAA

Scientific Initiatives

Standards & Technology

Usability and Provider Burden

§170.315(f)(5) Transmission to public health agencies — electronic case reporting

Paragraph (f)(5)(iii)

Standards Version Advancement Process Approved

Paragraph (f)(5)(iii)

Standards Version Advancement Process Approved

Testing components

Paragraph (f)(5)(iii)

Standards Version Advancement Process Approved

Paragraph (f)(5)(iii)

Standards Version Advancement Process Approved

Certification Companion Guide: Transmission to public health agencies — electronic case reporting

Applies to entire criterion

Applies to entire criterion

Paragraph (f)(5)(i)

Paragraph (f)(5)(i)

Paragraph (f)(5)(ii)

Paragraph (f)(5)(ii)

Paragraph (f)(5)(iii)

Paragraph (f)(5)(iii)

Connect with us: