Printer Friendly, PDF & Email Printer Friendly, PDF & Email

§170.315(e)(1) View, download, and transmit to 3rd party

Version 1.5 Updated on 04-06-2018
Revision History
Version # Description of Change Version Date
1.0

Final Test Procedure

01-20-2016
1.1

Updated language in paragraph (e)(1)(i) Test Lab Verification step 3 to removed reference to web page.

Provided standards link for 170.210(g) (RFC) 1305.

Removed the 2 references to the ToC Ambulatory xml files as these are not required for (e)(1) - Inpatient ONLY.

Addition of the word "files" to clarify the instructions on what needs to be downloaded for the Inpatient ToC xml files.

Updated paragraph (e)(1)(i)(B)(3) to optional from conditional.

03-21-2016
1.2

In paragraph (e)(1)(ii) Activity History Log authorized representatives was added.

04-14-2016
1.3

Updated language in paragraph (e)(1)(i) Test Lab Verification step 3 to removed reference to web page.

Provided standards link for 170.210(g) (RFC) 1305.

Removed the 2 references to the ToC Ambulatory xml files as these are not required for (e)(1) - Inpatient ONLY.

Addition of the word "files" to clarify the instructions on what needs to be downloaded and transmitted for the Inpatient ToC xml files.

Updated paragraph (e)(1)(i)(C)(2) to optional from conditional.

05-07-2016
1.4

Updated step in paragraph (e)(1)(ii)(B) to explain the optional testing of activity history log testing during the § 170.315(d)(2) testing.

09-29-2017
1.5

Updated paragraphs (e)(1)(i)(B)(3) and (e)(1)(i)(C)(2) to clarify that for the Health IT Modules supporting the inpatient setting they must be able to download and transmit a transition of care/referral summary record however it does not require additional certification to criteria § 170.315(b)(1).

04-06-2018
Regulation Text

Regulation Text

§170.315 (e)(1) View, download, and transmit to 3rd party

  1. Patients (and their authorized representatives) must be able to use internet-based technology to view, download, and transmit their health information to a 3rd party in the manner specified below. Such access must be consistent and in accordance with the standard adopted in §170.204(a)(1) and may alternatively be demonstrated in accordance with the standard specified in §170.204(a)(2).
    1. View. Patients (and their authorized representatives) must be able to use health IT to view, at a minimum, the following data:
      1. The Common Clinical Data Set (which should be in their English (i.e., non-coded) representation if they associate with a vocabulary/code set).
      2. Ambulatory setting only. Provider's name and office contact information.
      3. Inpatient setting only. Admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.
      4. Laboratory test report(s). Laboratory test report(s), including:
        1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7);
        2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d); and
        3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2).
      5. Diagnostic image report(s).
    2. Download.
      1. Patients (and their authorized representatives) must be able to use technology to download an ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) in the following formats:
        1. Human readable format; and
        2. The format specified in accordance to the standard specified in §170.205(a)(4) following the CCD document template.
      2. When downloaded according to the standard specified in §170.205(a)(4) following the CCD document template, the ambulatory summary or inpatient summary must include, at a minimum, the following data (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set):
        1. Ambulatory setting only. All of the data specified in paragraph (e)(1)(i)(A)(1), (2), (4), and (5) of this section.
        2. Inpatient setting only. All of the data specified in paragraphs (e)(1)(i)(A)(1), and (3) through (5) of this section.
      3. Inpatient setting only. Patients (and their authorized representatives) must be able to download transition of care/referral summaries that were created as a result of a transition of care (pursuant to the capability expressed in the certification criterion specified in paragraph (b)(1) of this section).
    3. Transmit to third party. Patients (and their authorized representatives) must be able to:
      1. Transmit the ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) created in paragraph (e)(1)(i)(B)(2) of this section in accordance with both of the following ways:
        1. Email transmission to any email address; and
        2. An encrypted method of electronic transmission.
      2. Inpatient setting only. Transmit transition of care/referral summaries (as a result of a transition of care/referral as referenced by (e)(1)(i)(B)(3)) of this section selected by the patient (or their authorized representative) in both of the ways referenced (e)(1)(i)(C)(1)(i) and (ii) of this section).
    4. Timeframe selection. With respect to the data available to view, download, and transmit as referenced paragraphs (e)(1)(i)(A), (B), and (C) of this section, patients (and their authorized representatives) must be able to:
      1. Select data associated with a specific date (to be viewed, downloaded, or transmitted); and
      2. Select data within an identified date range (to be viewed, downloaded, or transmitted).
  2. Activity history log.
    1. When any of the capabilities included in paragraphs (e)(1)(i)(A) through (C) of this section are used, the following information must be recorded and made accessible to the patient (or his/her authorized representative):
      1. The action(s) (i.e., view, download, transmission) that occurred;
      2. The date and time each action occurred in accordance with the standard specified in §170.210(g);
      3. The user who took the action; and
      4. Where applicable, the addressee to whom an ambulatory summary or inpatient summary was transmitted.
    2. Technology presented for certification may demonstrate compliance with paragraph (e)(1)(ii)(A) of this section if it is also certified to the certification criterion specified in §170.315(d)(2) and the information required to be recorded in paragraph (e)(1)(ii)(A) of this section is accessible by the patient (or his/her authorized representative).

Standard(s) Referenced

Paragraph (e)(1)(i)

§ 170.204(a)(1) Web Content Accessibility Guidelines (WCAG) 2.0, Level A Conformance

§ 170.204(a)(2) Web Content Accessibility Guidelines (WCAG) 2.0, Level AA Conformance

Paragraph (e)(1)(i)(A)

Laboratory test reports:

  1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7) –
    1. For positive patient identification, either the patient's name and identification number, or a unique patient identifier and identification number.
    2. The name and address of the laboratory location where the test was performed.
    3. The test report date.
    4. The test performed.
    5. Specimen source, when appropriate.
    6. The test result and, if applicable, the units of measurement or interpretation, or both.
    7. Any information regarding the condition and disposition of specimens that do not meet the laboratory's criteria for acceptability.
  2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d) – Pertinent “reference intervals” or “normal” values, as determined by the laboratory performing the tests, must be available to the authorized person who ordered the tests and, if applicable, the individual responsible for using the test results.
  3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2) – When errors in the reported patient test results are detected, the laboratory must do the following: Issue corrected reports promptly to the authorized person ordering the test and, if applicable, the individual using the test results.

Please refer to the Data Elements and Vocabularies applicable to the Common Clinical Data Set (CCDS) as outlined in the Common Clinical Data Set Reference Document

Paragraph (e)(1)(i)(B)

§ 170.205(a)(4) HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes (US Realm), Draft Standard for Trial Use Release 2.1, August 2015

Laboratory test reports:

  1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7) –
    1. For positive patient identification, either the patient's name and identification number, or a unique patient identifier and identification number.
    2. The name and address of the laboratory location where the test was performed.
    3. The test report date.
    4. The test performed.
    5. Specimen source, when appropriate.
    6. The test result and, if applicable, the units of measurement or interpretation, or both.
    7. Any information regarding the condition and disposition of specimens that do not meet the laboratory's criteria for acceptability.
  2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d) – Pertinent “reference intervals” or “normal” values, as determined by the laboratory performing the tests, must be available to the authorized person who ordered the tests and, if applicable, the individual responsible for using the test results.
  3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2) – When errors in the reported patient test results are detected, the laboratory must do the following: Issue corrected reports promptly to the authorized person ordering the test and, if applicable, the individual using the test results.

Please refer to the Data Elements and Vocabularies applicable to the Common Clinical Data Set (CCDS) as outlined in the Common Clinical Data Set Reference Document

Paragraph (e)(1)(i)(C)

Please refer to the standards required for § 170.315(d)(9) “trusted connection” for the encrypted method of electronic transmission.

Paragraph (e)(1)(ii)

§ 170.210(g) Synchronized clocks. The date and time recorded utilize a system clock that has been synchronized following (RFC 1305) Network Time Protocol or (RFC 5905) Network Time Protocol Version 4

 

Additional Resources

§ 170.207(a)(4) International Health Terminology Standards Development Organization (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®), U.S. Edition, September 2015 Release

§ 170.207(i) ICD-10-CM

Please consult the Final Rule entitled: 2015 Edition Health Information Technology (Health IT) Certification Criteria, 2015 Edition Base Electronic Health Record (EHR) Definition, and ONC Health IT Certification Program Modifications for a detailed description of the certification criterion with which these testing steps are associated. We also encourage developers to consult the Certification Companion Guide in tandem with the test procedure as they provide clarifications that may be useful for product development and testing.

Note: The order in which the test steps are listed reflects the sequence of the certification criterion and does not necessarily prescribe the order in which the test should take place.
 

Testing components

No GAP Icon Documentation Icon Visual Inspection Icon Test Tool Icon ONC Supplied Test Data Icon

 

Paragraph (e)(1)(i)

System Under Test Test Lab Verification

Web Content Accessibility

  1. The health IT developer submits test documentation that demonstrates their internet-based technology’s compliance with either § 170.204(a)(1), Web Content Accessibility Guidelines (WCAG) 2.0, Level A OR § 170.204(a)(2), Web Content Accessibility Guidelines (WCAG) 2.0, Level AA.

Web Content Accessibility

  1. The tester verifies the level of Web Content Accessibility Guidelines (WCAG) 2.0, Level A as specified in § 170.204(a)(1), or Level AA § 170.204(a)(2), using the submitted test documentation.
  2. Using the submitted testing results for WCAG Conformance (see http://www.w3.org/TR/2008/REC-WCAG20-20081211/#conformance-reqs) submitted in step 1, the tester evaluates the documentation of referenced practice, testing tools, tool results, and accompanying documentation to ensure the health IT developer has achieved conformance with Web Content Accessibility Guidelines (WCAG) 2.0 in accordance with § 170.204(a)(1) or § 170.204(a)(2) as applicable.
  3. The tester verifies that for each internet-based health IT technology, associated with the view, download, or transmit (VDT) capabilities, there is WCAG compliance for associated VDT functions and that all of this information is documented as part of the submitted documentation provided in step 1.

Paragraph (e)(1)(i)(A)

System Under Test Test Lab Verification

View

  1. Using the ETT: Message Validators -C-CDA R2.1 Validator, the health IT developer downloads the ONC-supplied data instructions through the sender download selections of “170.315_e1_VDT_Amb” or “170.315_e1_VDT_Inp” and one of the VDT instruction documents and executes the download.
  2. Using the internet-based technology health IT function(s), a user, with the role of patient, views the ONC-supplied information downloaded in step 1. At a minimum, the view includes the following data as applicable:
    • the Common Clinical Data Set (CCDS) as specified in section (e)(1)(i)(A)(1);
    • Ambulatory setting only: the provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: the admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization as specified in section (e)(1)(i)(A)(3);
    • Laboratory test report(s) as specified in section (e)(1)(i)(A)(4), when available; and
    • Diagnostic Imaging report(s) as specified in section (e)(1)(i)(A)(5), when available.
  3. Based upon the health IT setting(s) being certified, a user repeats steps 1-2 for each of the ambulatory and/or inpatient setting(s). All of the VDT summary record instruction documents for a given health IT setting must be viewed.

Authorized Viewer

  1. Using one of the ONC-supplied test data instructions from step 1 and the internet-based technology health IT function(s), a user role of authorized patient representative views at a minimum the data referenced in step 2.
  2. Negative Test: A user who is neither the patient identified in the patient record nor the patient’s authorized representative attempts to access and view patient data and is prevented from doing so.

View

  1. For each view, the tester uses the VDT instruction document downloaded in step 1 of the SUT to perform visual inspection to verify that a patient’s view of the patient health data in step 2 of the SUT is accurate and without omission, and at a minimum includes the following data as applicable:
    • The CCDS as specified in section (e)(1)(i)(A)(1);
    • Ambulatory setting only: the provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: the admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization as specified in section (e)(1)(i)(A)(3);
    • Laboratory test report(s) as specified in section (e)(1)(i)(A)(4) when available; and
    • Diagnostic Imaging report(s) as specified in section (e)(1)(i)(A)(5) when available.

Authorized Viewer

  1. The tester verifies that a patient’s authorized representative can view the patient health data, and using the VDT instruction document and the view from step 4 of the SUT, performs the same verification as in step 1.
  2. Negative Test: Using visual inspection, the tester verifies that a user, who is neither the patient identified in the record nor the patient’s authorized representative, does not have access to view the patient’s health information.

Paragraph (e)(1)(i)(A)(1)

System Under Test Test Lab Verification

The Common Clinical Data Set

  1. The data presented in section (e)(1)(i)(A) step 2 includes the Common Clinical Data Set as specified in the CCDS Reference Document as applicable, and is in English (i.e., non-coded) representation, if associated with a vocabulary/code set.
  1. Using Visual Inspection, the tester verifies that the data presented in section (e)(1)(i)(A) step 2 of the SUT includes all of the CCDS data elements as specified in the CCDS Reference Document, as applicable.
  2. Using Visual Inspection, the tester verifies that the presentation of the Common Clinical Data Set in section (e)(1)(i)(A) step 2 of the SUT, is in human readable format with English terminology (i.e. non-coded representation of vocabulary/code sets), and present where applicable.

Paragraph (e)(1)(i)(A)(2)

System Under Test Test Lab Verification

Ambulatory Setting Only

The data presented in section (e)(1)(i)(A) step 2 will also include:

  • Provider’s name; and
  • Office contact information.

Using Visual Inspection, the tester verifies that the data presented in section (e)(1)(i)(A) step 2 of the SUT, in the case of an ambulatory setting, includes the provider’s name and office contact information.


Paragraph (e)(1)(i)(A)(3)

System Under Test Test Lab Verification

Inpatient Setting Only

The data presented in section (e)(1)(i)(A) step 2 will also include:

  • Admissions and discharge dates and locations;
  • Discharge instructions; and
  • Reason(s) for hospitalization.

Using Visual Inspection, the tester verifies that the data presented in section (e)(1)(i)(A) step 2 of the SUT, in the case of an inpatient setting, includes the admissions and discharge dates and locations, discharge instructions, and reason(s) for hospitalization.


Paragraph (e)(1)(i)(A)(4)

System Under Test Test Lab Verification

Laboratory Test Report

The data presented includes the laboratory test report(s) when available, including the following information:

  • The test report must indicate the following information as specified in 42 CFR 493.1291(c)(1) through (7):
    1. For positive patient identification, either the patient's name and identification number or a unique patient identifier and identification number.
    2. The name and address of the laboratory location where the test was performed.
    3. The test report date.
    4. The test performed.
    5. Specimen source, when appropriate.
    6. The test result and, if applicable, the units of measurement or interpretation, or both.
    7. Any information regarding the condition and disposition of specimens that do not meet the laboratory's criteria for acceptability.
  • Pertinent “reference intervals” or “normal” values, as determined by the laboratory performing the tests, must be available to the authorized person who ordered the tests and, if applicable, the individual responsible for using the test results as specified in 42 CFR 493.1291(d); and
  • The information for corrected reports as specified in 42 CFR 493.1291(k)(2).
  1. Using the ONC-supplied VDT information and visual inspection, the tester verifies that the correct laboratory test report(s) are displayed in human readable format, and that the laboratory test report is complete and accurate. 
  2. Using visual inspection, the tester verifies that the laboratory test report in step 1 includes:
    • The Clinical Laboratory Improvement Amendments (CLIA) reporting data requirements specified at 42CFR 493.1291(c)(1) through (c)(7);
    • The CLIA referenced values 493.1291(d); and
    • The CLIA corrected report requirements specified at 42CFR 493.1291(k)(2).

Paragraph (e)(1)(i)(A)(5)

System Under Test Test Lab Verification

Diagnostic Imaging Report

The data presented includes the diagnostic image report(s) when available.

Using the ONC-supplied VDT information and visual inspection, the tester verifies that the correct diagnostic imaging report(s) are displayed in human readable format and that the diagnostic imaging report(s) are complete and accurate.


Paragraph (e)(1)(i)(B)(1)(i)

System Under Test Test Lab Verification

Download in Human Readable Format

  1. For each data set viewed in section (e)(1)(i)(A) step 2, a user role of patient uses the internet-based technology health IT function(s), to download an ambulatory or inpatient summary document formatted as a human readable document, which at the minimum contains the health information data identified in sections (e)(1)(i)(A)(1-5), as applicable.

Authorized Downloader

  1. For the data set viewed in section (e)(1)(i)(A) step 4, a user role of patient authorized representative uses the internet-based technology health IT function(s), to download an ambulatory or inpatient summary document formatted as a human readable document, which at a minimum contains the health information data identified in section (e)(1)(i)(A)(1-5), as applicable.
  2. Negative Test: A user who is neither the patient identified in the patient record nor a patient’s authorized representative attempts to access and download patient data and is prevented from doing so.

Download in Human Readable Format

  1. For each data set downloaded in step 1 of the SUT, the tester verifies that the data set can be downloaded using visual inspection, and uses the corresponding ONC-supplied VDT summary record information downloaded in (e)(1)(i)(A) step 1 of the SUT to verify that the downloaded ambulatory and/or inpatient summary, in human readable format, is accurate and without omission. 
  2. For the inpatient setting, the tester uses visual inspection to verify that the downloaded inpatient summary document in step 1 includes at a minimum, the following data as applicable:
    • CCDS as specified in section (e)(1)(i)(A)(1);
    • The admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization as specified in section (e)(1)(i)(A)(3);
    • Laboratory test reports(s) as specified in section (e)(1)(i)(A)(4) when available; and
    • Diagnostic imaging report(s) as specified in section (e)(1)(i)(A)(5) when available.
  3. For the ambulatory setting, the tester uses visual inspection to verify that the downloaded ambulatory summary document in step 1 includes at a minimum, the following data as applicable:
    • CCDS as specified in section (e)(1)(i)(A)(1);
    • The provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Laboratory test reports(s) when available as specified in section (e)(1)(i)(A)(4); and
    • Diagnostic imaging report(s) when available as specified in section (e)(1)(i)(A)(5).
  4. Using visual inspection, the tester verifies that if included in the downloaded document in step 1, the laboratory report(s) are complete and accurate. The laboratory test report must include the Clinical Laboratory Improvement Amendments (CLIA) reporting data requirements specified at 42CFR 493.1291(c)(1) through (c)(7), the CLIA referenced values 493.1291(d), and the CLIA corrected report requirements specified at 42CFR 493.1291(k)(2).
  5. Using visual inspection, the tester verifies that if included in the downloaded document in step 1, the diagnostic report is complete and accurate.

Authorized Downloader

  1. The tester verifies that a patient’s authorized representative can download the patient health data in human readable format, and using the VDT instruction document and the download from step 2 of the SUT to perform the same verification as in steps 1-5.
  2. Negative Test: Using visual inspection, the tester verifies that a user, who is neither the patient identified in the record nor the patient’s authorized representative, does not have access to download the patient’s health information.

Paragraph (e)(1)(i)(B)(1)(ii)

System Under Test Test Lab Verification

Download as a CCD

  1. For each data set viewed in section (e)(1)(i)(A) step 2, a user role of patient uses the internet-based technology health IT function(s), to download an ambulatory or inpatient summary document in section (e)(1)(i)(B) that is formatted as a CCD document according to the standard specified in § 170.205(a)(4), HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, DSTU.
  2. The user submits the downloaded CCD document from step 1 for verification.

Download as a CCD

  1. For each data set downloaded in step 1 of the SUT, the tester verifies that a CCD document has been downloaded using visual inspection.
  2. For each CCD submitted in step 2 of the SUT, the tester uses the ETT: Message Validators – C-CDA R2.1 Validator to upload the CCD submitted by the SUT as a sender, by selecting “170.315_e1_VDT_ Amb” or “170.315_e1_VDT_Inp” criteria and the corresponding ONC-supplied VDT summary record file name, and the tester executes the upload.
  3. The tester uses the Validation Report produced by the ETT: Message Validators – C-CDA R2.1 Validator in step 2 to verify the validation report indicates passing without error to confirm that the VDT summary record is conformant to the standard adopted in § 170.205(a)(4) using the CCD document format, including: the presentation of the downloaded data is a valid coded document containing:
    • All of the required CCDS data elements as specified in sections (e)(1)(i)(A)(1);
    • Ambulatory setting only: the provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: admission and discharge dates and locations, discharge instructions and reason(s) for hospitalization) as specified in section (e)(1)(i)(A)(3);
    • Laboratory report(s) as specified in section (e)(1)(i)(A)(4), when available; and
    • Diagnostic imaging report(s) as specified in section (e)(1)(i)(A)(5), when available.
  4. As required by the ONC—supplied VDT instruction document, the tester uses the ETT: Message Validators – C-CDA R2.1 Validator Message Content Report, created in step 2, to verify the additional checks for equivalent text the content of all section level narrative text.

Paragraph (e)(1)(i)(B)(2)

System Under Test Test Lab Verification

Download CCD - Human Readable Version

  1. For each of the downloaded CCD documents in section (e)(1)(i)(B)(1)(ii), the VDT summary record downloaded must include at a minimum, the following human readable data with applicable standards:
    • The Common Clinical Data Set;
    • Ambulatory setting only: provider’s name and office contact information;
    • Inpatient setting only: admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization;
    • Laboratory test report(s) when available; and
    • Diagnostic imaging report(s) when available.

Download CCD - Human Readable Version

  1. The tester uses the Message Content Report produced by the ETT: Message Validators – C-CDA R2.1 Validator in step 2 to verify that the submitted CCD document created by the Health IT module includes the following human readable data:
    • The Common Clinical Data Set as specified in section (e)(1)(i)(A)(1);
    • Ambulatory setting only: provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization as specified in section (e)(1)(i)(A)(3);
    • The tester verifies that laboratory test report(s) are present as specified in section (e)(1)(i)(A)(4) when available; and
    • The tester verifies that diagnostic imaging report(s) are present as specified in section (e)(1)(i)(A)(5) when available.

Paragraph (e)(1)(i)(B)(3)

System Under Test Test Lab Verification

Inpatient Setting Only - Download Transition of Care/Referral Summary

  1. For the inpatient setting only, using the ETT: Message Validators – C-CDA R2.1 Validator, the health IT developer downloads the ONC-supplied transition of care/referral summary records through the sender download selection of “170.315_e1_VDT_Inp” and one of the transition of care/referral summaries files and executes the download. All of the transition of care/referral summary types: Continuity of Care, Referral Note and Discharge Summary are required.
  2. Using the internet-based technology health IT function(s), the user role of patient downloads each of the VDT transitions of care/referral summary records downloaded from the ETT: Message Validators in step 1 formatted as a:
    • Continuity of Care;
    • Referral Note; and
    • Discharge Summary document.

Setup

  1. For each transition of care/referral summary record document downloaded in step 1 of the SUT, the tester creates a human readable version to be used for verification.

Download Transition of Care/Referral Summary

  1. Using visual inspection, the tester verifies that each of the VDT transition of care/referral summary records from SUT step 1 is downloaded using the internet-based technology health IT function(s).
  2. Using visual inspection the tester verifies that each of the VDT transition of care/referral summary records downloaded from SUT step 2 is accurate and complete according to the human readable version in step 1. This includes verification at a minimum the following content as applicable:
    • Common Clinical Data Set data elements as specified in the CCDS Reference Document;
    • Encounter diagnosis;
    • Cognitive status;
    • Functional status; and
    • Discharge instructions.

Paragraph (e)(1)(i)(C)(1)(i)

System Under Test Test Lab Verification

Unencrypted Email Method

  1. For each data set viewed in section (e)(1)(i)(A), a user role of patient uses the Health IT Module’s internet-based technology, to transmit, via email, an ambulatory summary or inpatient summary as created in section (e)(1)(i)(B)(2) as a CCD document according to the standards specified in § 170.205(a)(4), HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, DSTU, to a valid, third-party email address identified by the health IT developer.
  2. The health IT developer accesses the third-party email account and verifies that the transmission was received and the correct ambulatory and/or inpatient summary is attached.

Authorized Email Transmission

  1. For the test data set viewed in section (e)(1)(i)(A) step 4, a user role of patient authorized representative uses the Health IT Module’s internet-based technology, to transmit, via email, an ambulatory summary or inpatient summary as created in section (e)(1)(i)(B)(2) as a CCD document according to the standards specified in § 170.205(a)(4), HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, DSTU, to a valid, third-party email address identified by the health IT developer.
  2. The health IT developer accesses the third-party email account and verifies that the transmission was received and the correct ambulatory and/or inpatient summary is attached.
  3. Negative Test: A user who is neither the patient identified in the test record nor the patient’s authorized representative attempts to access and transmit patient data and is prevented from doing so.

Unencrypted Email Method

  1. Using visual inspection, the tester verifies that each ambulatory or inpatient summary document transmitted in steps 1-2 of the SUT using an email transmission is received successfully by the third-party, developer-identified email address.
  2. For each CCD document transmitted in step 2 of the SUT, the tester uses ETT: Message Validators – C-CDA R2.1 Validator to upload the CCD transmitted as a sender, by selecting “170.315_e1_VDT_ Amb” or “170.315_e1_VDT_ Inp” criteria and the corresponding ONC-supplied VDT summary record file name, and the tester executes the upload.
  3. The tester uses the Validation Report produced by the ETT: Message Validators – C-CDA R2.1 Validator in step 2 to verify the validation report indicates passing without error to confirm that the VDT summary record is conformant to the standard adopted in § 170.205(a)(4) using the CCD document format, including: the presentation of the transmitted data is a valid coded document containing:
    • All of the required CCDS data elements as specified in section (e)(1)(i)(A)(1);
    • Ambulatory setting only: the provider’s name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: admission and discharge dates and locations, discharge instructions and reason(s) for hospitalization) as specified in section (e)(1)(i)(A)(3), when available;
    • Laboratory report(s) as specified in section (e)(1)(i)(A)(4), when available; and
    • Diagnostic imaging report(s) as specified in section (e)(1)(i)(A)(5) when available.
  4. As required by the corresponding ONC—supplied VDT instruction document, the tester uses the ETT: Message Validators –C-CDA R2.1 Validator Message Content Report created in step 2 to verify the additional checks for equivalent text the content of all section level narrative text.
  5. The tester uses the ETT: Message Validators –C-CDA R2.1 Validator Message Content Report created in step 2 to verify that if included, the correct laboratory test report is displayed in human readable format, and that the laboratory test report is complete and accurate. The laboratory test report must include the CLIA reporting data requirements specified at 42CFR 493.1291(c)(1) through (c)(7), the CLIA referenced values 493.1291(d), and the CLIA corrected report requirements specified at 42CFR 493.1291(k)(2).
  6. The tester uses the ETT: Message Validators -C-CDA R2.1 Validator Message Content Report created in step 2 to verify that if included, the correct diagnostic imaging report is displayed in human readable format, and that the diagnostic imaging report is complete and accurate.
  7. The tester uses the Message Content Report produced by the ETT: Message Validators -C-CDA R2.1 Validator to verify that the transmitted health information in step 2 contains the data in human readable format with English terminology (i.e. non-coded representation of vocabulary/code sets) As specified in section (e)(1)(i)(A).

Authorized Email Transmission

  1. The tester verifies that a patient’s authorized representative can transmit the patient health data as a CCD using an unencrypted email method by using the VDT instruction document and the transmission from step 3-4 of the SUT, performs the same verification as in steps 1-7.
  2. Negative Test: Using visual inspection, the tester verifies that a user who is not the patient identified in the record and is not the patient’s authorized representative does not have access to transmit the patient’s health information.

Paragraph (e)(1)(i)(C)(1)(ii)

System Under Test Test Lab Verification

Encrypted Method

  1. For data set viewed in (e)(1)(i)(A), a user role of patient uses the Health IT Module’s internet-based technology to transmit an ambulatory summary or inpatient summary as created in section (e)(1)(i)(B)(2) as a CCD document according to the standards specified in § 170.205(a)(4), HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, DSTU, to any third party using the developer-identified encrypted method of transmission.
  2. The health IT developer accesses the account to which the encrypted message has been sent and verifies that the transmission was received with the correct ambulatory and/or inpatient summary.

Authorized Encrypted Transmission

  1. For the data set viewed in section (e)(1)(i)(A) step 4, a user role of patient authorized representative uses the Health IT Module’s internet-based technology to transmit an ambulatory summary or inpatient summary as created in section (e)(1)(i)(B)(2) as a CCD document according to the standards specified in § 170.205(a)(4), HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, DSTU, to any third party using the developer-identified encrypted method of transmission.
  2. The health IT developer accesses the account to which the encrypted message has been sent and verifies that the transmission was received and the correct ambulatory and/or inpatient summary is attached.
  3. Negative Test: A user who is neither the patient identified in the test record nor a patient’s authorized representative attempts to access and transmit patient data and is prevented from doing so.

Encrypted Method

  1. Using visual inspection, the tester verifies that for each ambulatory or inpatient transmitted in step 2 of the SUT using an encrypted transmission, that the message is received and successfully decrypted.
  2. For each CCD document transmitted in step 2 of the SUT, the tester uses the ETT: Message Validators -C-CDA R2.1 Validator to upload the CCD transmitted as a sender, by selecting “170.315_e1_VDT_ Amb” or “170.315_e1_VDT_Inp” criteria and the corresponding ONC-supplied VDT summary record file name, and the tester executes the upload.
  3. The tester uses the Validation Report produced by the ETT: Message Validators -C-CDA R2.1 Validator in step 2 to verify the validation report indicates passing without error to confirm that the VDT summary record is conformant to the standard adopted in § 170.205(a)(4) using the CCD document format and that the presentation of the transmitted data is a valid coded document as specified in(e)(1)(i)(A) containing;
    • All of the required CCDS data elements as specified in section (e)(1)(i)(A)(1);
    • Ambulatory setting only: the Provider’s Name and office contact information as specified in section (e)(1)(i)(A)(2);
    • Inpatient setting only: admission and discharge dates and locations, discharge instructions and reason(s) for hospitalization) as specified in section (e)(1)(i)(A)(3);
    • Laboratory report(s) as specified in section (e)(1)(i)(A)(4), when available; and
    • Diagnostic imaging report(s) as specified in section (e)(1)(i)(A)(5) when available.
  4. As required by the corresponding ONC—supplied VDT instruction document, the tester uses the ETT: Message Validators -C-CDA R2.1 Validator Message Content Report created in step 2 to verify the additional checks for equivalent text for the content of all section level narrative text.
  5. The tester uses the ETT: Message Validators -C-CDA R2.1 Validator Message Content Report created in step 2 to verify that if included, the correct laboratory test report is displayed in human readable format, and that the laboratory test report is complete and accurate. The laboratory test report must include the Clinical Laboratory Improvement Amendments (CLIA) reporting data requirements specified at 42CFR 493.1291(c)(1) through (c)(7), the CLIA referenced values 493.1291(d), and the CLIA corrected report requirements specified at 42CFR 493.1291(k)(2) using visual inspection.
  6. The tester uses the ETT: Message Validators -C-CDA R2.1 Validator Message Content Report created in step 2 to verify that if included, the correct diagnostic imaging report is displayed in human readable format, and that the diagnostic imaging report is complete and accurate using visual inspection.
  7. The tester uses the ETT: Message Validators -C-CDA R2.1 Validator Message Content Report created in step 2 to verify that the transmitted health information contains the data in human readable format with English terminology (i.e. non-coded representation of vocabulary/code sets) as specified in (e)(1)(i)(A), using visual inspection.

Authorized Encrypted Transmission

  1. The tester verifies that a patient’s authorized representative can transmit the patient health data as a CCD using an encrypted method by using the VDT instruction document and the view from steps 3-4 of the SUT, performs the same verification as in steps 1-7.
  2. Negative Test: Using visual inspection, the tester verifies that a user who is not the patient identified in the record and is not the patient’s authorized representative does not have access to transmit the patient’s health information.

Paragraph (e)(1)(i)(C)(2)

System Under Test Test Lab Verification

Inpatient Setting Only

Unencrypted Email Method - ToC

  1. For the inpatient setting only, a user role of patient uses the Health IT Module’s internet-based technology to transmit, via email, to a valid, third-party email address identified by the health IT developer, each of the transitions of care/referral summary as downloaded in section (e)(1)(i)(B)(3) formatted as a:
    • Continuity of Care;
    • Referral Note; and
    • Discharge Summary document.
  2. The health IT developer accesses the third-party email account and verifies that the transmission was received and the correct ambulatory and/or inpatient summary is attached.

Encrypted Method - ToC

  1. For the inpatient setting only, a user role of patient uses the Health IT module’s internet-based technology to transmit via the developer-identified encrypted method of transmission a transitions of care/referral summary as downloaded in section (e)(1)(i)(B)(3) formatted as a:
    • Continuity of Care;
    • Referral Note; and
    • Discharge Summary document.

Unencrypted Email Method - ToC

  1. Using visual inspection, the tester verifies that each transitions of care/referral summary document, transmitted in steps 1-2 of the SUT using an email transmission, is received successfully by the third-party, developer-identified email address.
  2. Using visual inspection, the tester verifies that each of the VDT transition of care/referral summary records transmitted in step 2 of the SUT is accurate and complete according to the human readable version as specified in section (e)(1)(i)(B)(3).

Encrypted Method - ToC

  1. Using visual inspection, the tester verifies that each transitions of care/referral summary document transmitted in step 2 of the SUT using an encrypted transmission is received, and the message is successfully decrypted.
  2. Using visual inspection, the tester verifies that each of the VDT transition of care/referral summary records transmitted in step 2 of the SUT is accurate and complete according to the human readable version as specified in section (e)(1)(i)(B)(3).

Paragraph (e)(1)(i)(D)(1)

System Under Test Test Lab Verification
  1. The user role of patient requests to view, download, and transmit the data in sections (e)(1)(i)(A), (e)(1)(i)(B), and (e)(1)(i)(C) for a specific date.
  2. The user role of patient authorized representative requests to view, download, and transmit the data in sections (e)(1)(i)(A), (e)(1)(i)(B), and (e)(1)(i)(C) for a specific date.
  1. The tester verifies that the patient and their authorized representative can view the health information as specified in section (e)(1)(i)(A) for a selected date and that the viewed health information data associated with that date is accurate and without omission.
  2. The tester verifies that the patient and their authorized representative can download the health information as specified in section (e)(1)(i)(B) for a selected date and that the downloaded health information data associated with that date is accurate and without omission.
  3. The tester verifies that the patient and their authorized representative can transmit the health information to a 3rd party as specified in section (e)(1)(i)(C) for a selected date and that the transmitted health information data associated with that date is accurate and without omission.

Paragraph (e)(1)(i)(D)(2)

System Under Test Test Lab Verification
  1. The user role of patient requests to view, download, and transmit the data in sections (e)(1)(i)(A), (e)(1)(i)(B), and (e)(1)(i)(C) for a date range.
  2. The user role of patient authorized representative requests to view, download, and transmit the data in sections (e)(1)(i)(A), (e)(1)(i)(B), and (e)(1)(i)(C) for a date range.
  1. The tester verifies that the patient and their authorized representative can view the health information as specified in section (e)(1)(i)(A) for a selected date range and that the viewed health information data associated with that date range is accurate and without omission.
  2.  The tester verifies that the patient and their authorized representative can download the health information as specified in section(e)(1)(i)(B) for a selected date range and that the downloaded health information data associated with that date range is accurate and without omission.
  3. The tester verifies that the patient and their authorized representative can transmit the health information to a 3rd party as specified in section (e)(1)(i)(C) for a selected date range and that the transmitted health information data associated with that date range is accurate and without omission.

Paragraph (e)(1)(ii)(A)

System Under Test Test Lab Verification
  1. When a user utilizes the view, download, or transmit to a third party capabilities as specified in sections (e)(1)(i)(A) through capabilities (e)(1)(i)(C), the Health IT Module record a new activity log entry for the following actions related to electronic health information:
    • View of patient information;
    • Download patient information; and
    • Transmit patient information.
  2. For each action, the activity log entry includes:
    • Type of action;
    • Date and time of event in accordance with the standard specified in § 170.210(g), RFC 5905 or § 170.210(g), RFC 1305 
    • User identification; and
    • To whom the transmission was sent (if applicable).
  1. The tester verifies that the Health IT Module has certified to the certification criterion specified in § 170.315(d)(2) using Documentation or the tester verifies via visual inspection that for all required actions, an activity log entry related to each action taken has been generated correctly and without omission, containing:
    • The actions that occurred;
    • The date/time, specified in accordance to the standard specified in § 170.210(g);
    • User who took the action; and
    • Addressee to whom the transmission was sent (if applicable).

Paragraph (e)(1)(ii)(B)

System Under Test Test Lab Verification

Health IT Module may perform paragraph (e)(1)(ii)(A) during the § 170.315(d)(2) testing.

Health IT Module may perform paragraph (e)(1)(ii)(A) during the § 170.315(d)(2) testing.


Version 1.8 Updated on 05-02-2018
Revision History
Version # Description of Change Version Date
1.0

Initial Publication

10-30-2015
1.1

Link to Test Tool User Guide updated.

Clarification added to download for inpatient setting only provision.

Date and time range clarification added.

Regulatory text correction added from 2015 Edition Health Information Technology (Health IT) Certification Criteria, 2015 Edition Base Electronic Health Record (EHR) Definition, and ONC Health IT Certification Program Modifications; Corrections and Clarifications, issued December 11, 2015.

04-05-2016
1.2

Added clarification to paragraph (e)(1)(i)(D) to further explain the scope of data filtering.

04-22-2016
1.3

Added further clarification of paragraph (e)(1)(i)(D) requirements, including acceptable certification approaches.

07-20-2016
1.4

Added date range clarification to paragraph (e)(1)(i)(D).

11-28-2016
1.5

Added clarification related to the acceptable transmission capabilities.

05-26-2017
1.6

Removed “activity history log” from the “content required” table on page 4 – this text was included in error and is a separate conformance requirement.

  • Added a first bullet in (e)(1)(i)(B) technical outcome section make explicit that as part of “Download” health IT presented for certification must be capable of creating CCD documents.
  • Added a clarification in (e)(1)(i)(B) regarding the ways in which CCD documents could be created for the purposes of meeting the certification criterion’s conformance requirement.

Revised the “Approach” subheading’s clarification to more explicitly include how the time frame filtering in paragraph (e)(1)(i)(D) aligns with and corresponds to other conformance requirements within the certification criterion.

08-25-2017
1.7

Provides notification of March 2017 Validator Update of C-CDA 2.1 Corrections adoption and compliance requirements for entire criterion.

09-29-2017
1.8

Provides notification of April 2018 Validator Update of C-CDA 2.1 Corrections adoption and compliance requirements for the entire criterion. Note: Due to an error in calculation ONC is also updating the dates for compliance with the March 2017 Validator Update of C-CDA 2.1 Corrections that were adopted September 29, 2017.

05-02-2018
Regulation Text

Regulation Text

§170.315 (e)(1) View, download, and transmit to 3rd party

  1. Patients (and their authorized representatives) must be able to use internet-based technology to view, download, and transmit their health information to a 3rd party in the manner specified below. Such access must be consistent and in accordance with the standard adopted in §170.204(a)(1) and may alternatively be demonstrated in accordance with the standard specified in §170.204(a)(2).
    1. View. Patients (and their authorized representatives) must be able to use health IT to view, at a minimum, the following data:
      1. The Common Clinical Data Set (which should be in their English (i.e., non-coded) representation if they associate with a vocabulary/code set).
      2. Ambulatory setting only. Provider's name and office contact information.
      3. Inpatient setting only. Admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.
      4. Laboratory test report(s). Laboratory test report(s), including:
        1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7);
        2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d); and
        3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2).
      5. Diagnostic image report(s).
    2. Download.
      1. Patients (and their authorized representatives) must be able to use technology to download an ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) in the following formats:
        1. Human readable format; and
        2. The format specified in accordance to the standard specified in §170.205(a)(4) following the CCD document template.
      2. When downloaded according to the standard specified in §170.205(a)(4) following the CCD document template, the ambulatory summary or inpatient summary must include, at a minimum, the following data (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set):
        1. Ambulatory setting only. All of the data specified in paragraph (e)(1)(i)(A)(1), (2), (4), and (5) of this section.
        2. Inpatient setting only. All of the data specified in paragraphs (e)(1)(i)(A)(1), and (3) through (5) of this section.
      3. Inpatient setting only. Patients (and their authorized representatives) must be able to download transition of care/referral summaries that were created as a result of a transition of care (pursuant to the capability expressed in the certification criterion specified in paragraph (b)(1) of this section).
    3. Transmit to third party. Patients (and their authorized representatives) must be able to:
      1. Transmit the ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) created in paragraph (e)(1)(i)(B)(2) of this section in accordance with both of the following ways:
        1. Email transmission to any email address; and
        2. An encrypted method of electronic transmission.
      2. Inpatient setting only. Transmit transition of care/referral summaries (as a result of a transition of care/referral as referenced by (e)(1)(i)(B)(3)) of this section selected by the patient (or their authorized representative) in both of the ways referenced (e)(1)(i)(C)(1)(i) and (ii) of this section).
    4. Timeframe selection. With respect to the data available to view, download, and transmit as referenced paragraphs (e)(1)(i)(A), (B), and (C) of this section, patients (and their authorized representatives) must be able to:
      1. Select data associated with a specific date (to be viewed, downloaded, or transmitted); and
      2. Select data within an identified date range (to be viewed, downloaded, or transmitted).
  2. Activity history log.
    1. When any of the capabilities included in paragraphs (e)(1)(i)(A) through (C) of this section are used, the following information must be recorded and made accessible to the patient (or his/her authorized representative):
      1. The action(s) (i.e., view, download, transmission) that occurred;
      2. The date and time each action occurred in accordance with the standard specified in §170.210(g);
      3. The user who took the action; and
      4. Where applicable, the addressee to whom an ambulatory summary or inpatient summary was transmitted.
    2. Technology presented for certification may demonstrate compliance with paragraph (e)(1)(ii)(A) of this section if it is also certified to the certification criterion specified in §170.315(d)(2) and the information required to be recorded in paragraph (e)(1)(ii)(A) of this section is accessible by the patient (or his/her authorized representative).

Standard(s) Referenced

Paragraph (e)(1)(i)

§ 170.204(a)(1) Web Content Accessibility Guidelines (WCAG) 2.0, Level A Conformance

§ 170.204(a)(2) Web Content Accessibility Guidelines (WCAG) 2.0, Level AA Conformance

Paragraph (e)(1)(i)(A)

Laboratory test reports:

  1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7) –
    1. For positive patient identification, either the patient's name and identification number, or a unique patient identifier and identification number.
    2. The name and address of the laboratory location where the test was performed.
    3. The test report date.
    4. The test performed.
    5. Specimen source, when appropriate.
    6. The test result and, if applicable, the units of measurement or interpretation, or both.
    7. Any information regarding the condition and disposition of specimens that do not meet the laboratory's criteria for acceptability.
  2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d) – Pertinent “reference intervals” or “normal” values, as determined by the laboratory performing the tests, must be available to the authorized person who ordered the tests and, if applicable, the individual responsible for using the test results.
  3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2) – When errors in the reported patient test results are detected, the laboratory must do the following: Issue corrected reports promptly to the authorized person ordering the test and, if applicable, the individual using the test results.

Please refer to the Data Elements and Vocabularies applicable to the Common Clinical Data Set (CCDS) as outlined in the Common Clinical Data Set Reference Document

Paragraph (e)(1)(i)(B)

§ 170.205(a)(4) HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes (US Realm), Draft Standard for Trial Use Release 2.1, August 2015

Laboratory test reports:

  1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7) –
    1. For positive patient identification, either the patient's name and identification number, or a unique patient identifier and identification number.
    2. The name and address of the laboratory location where the test was performed.
    3. The test report date.
    4. The test performed.
    5. Specimen source, when appropriate.
    6. The test result and, if applicable, the units of measurement or interpretation, or both.
    7. Any information regarding the condition and disposition of specimens that do not meet the laboratory's criteria for acceptability.
  2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d) – Pertinent “reference intervals” or “normal” values, as determined by the laboratory performing the tests, must be available to the authorized person who ordered the tests and, if applicable, the individual responsible for using the test results.
  3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2) – When errors in the reported patient test results are detected, the laboratory must do the following: Issue corrected reports promptly to the authorized person ordering the test and, if applicable, the individual using the test results.

Please refer to the Data Elements and Vocabularies applicable to the Common Clinical Data Set (CCDS) as outlined in the Common Clinical Data Set Reference Document

Paragraph (e)(1)(i)(C)

Please refer to the standards required for § 170.315(d)(9) “trusted connection” for the encrypted method of electronic transmission.

Paragraph (e)(1)(ii)

§ 170.210(g) Synchronized clocks. The date and time recorded utilize a system clock that has been synchronized following (RFC 1305) Network Time Protocol or (RFC 5905) Network Time Protocol Version 4

 

Additional Resources

§ 170.207(a)(4) International Health Terminology Standards Development Organization (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®), U.S. Edition, September 2015 Release

§ 170.207(i) ICD-10-CM

Certification Companion Guide: View, download, and transmit to 3rd party

This Certification Companion Guide (CCG) is an informative document designed to assist with health IT product development. The CCG is not a substitute for the 2015 Edition final regulation. It extracts key portions of the rule’s preamble and includes subsequent clarifying interpretations. To access the full context of regulatory intent please consult the 2015 Edition final rule or other included regulatory reference. The CCG is for public use and should not be sold or redistributed.
 

 

Certification Requirements

Privacy and Security: This certification criterion was adopted at § 170.315(e)(1). As a result, an ONC-ACB must ensure that a product presented for certification to a § 170.315(e) “paragraph (e)” criterion includes the privacy and security criteria (adopted in § 170.315(d)) within the overall scope of the certificate issued to the product.

  • The privacy and security criteria (adopted in § 170.315(d)) do not need to be explicitly tested with this specific paragraph (e) criterion unless it is the only criterion for which certification is requested.
  • As a general rule, a product presented for certification only needs to be tested once to each applicable privacy and security criterion (adopted in § 170.315(d)) so long as the health IT developer attests that such privacy and security capabilities apply to the full scope of capabilities included in the requested certification. However, exceptions exist for § 170.315(e)(1) “VDT” and (e)(2) “secure messaging,” which are explicitly stated.

Design and Performance: The following design and performance certification criteria (adopted in § 170.315(g)) must also be certified in order for the product to be certified.

  • When a single quality management system (QMS) is used, the QMS only needs to be identified once. Otherwise, the QMS’ need to be identified for every capability to which it was applied.
  • When a single accessibility-centered design standard is used, the standard only needs to be identified once. Otherwise, the accessibility- centered design standards need to be identified for every capability to which they were applied; or, alternatively the developer must state that no accessibility-centered design was used.
  • C-CDA creation performance (§ 170.315(g)(6)) does not need to be explicitly tested with this criterion unless it is the only criterion within the scope of the requested certification that includes C-CDA creation capabilities. Note that the application of § 170.315(g)(6) depends on the C- CDA templates explicitly required by the C-CDA-referenced criterion or criteria included within the scope of the certificate sought. Please refer to the C-CDA creation performance Certification Companion Guide for more details.
Table for Privacy and Security
Technical Explanations and Clarifications

Content Required

Function

Both Care Settings

Ambulatory Setting

Inpatient Setting

View

  • CCDS (English/human readable)
  • Laboratory test report(s)
  • Diagnostic image report(s)
  • Provider name
  • Office contact information
  • Admission and discharge dates and locations
  • Discharge instructions
  • Reason(s) for hospitalization

Download and Transmit

  • Human readable summary and CCD document template containing:
    • CCDS
    • Laboratory test report(s)
    • Diagnostic image report(s)
  • Human readable summary and CCD also contain:
    • Provider name
    • Office contact information
  • Human readable summary and CCD also contain:
    • Admission and discharge dates and locations
    • Discharge instructions
    • Reason(s) for hospitalization
  • Transition of care/referral summaries created as a result of a transition of care or referral (human readable and CCD)

 

Applies to entire criterion 

Clarifications:

  • The scope of this criterion is limited to the Consolidated CDA (C-CDA) Release 2.1 Continuity of Care Document (CCD) document template. Health IT developers may choose to offer VDT capabilities for other C-CDA templates as appropriate for different care and practice settings, but the CCD document template is the mandatory minimum that must be supported for this criterion.
  • “Patients (and their authorized representatives)” is defined as any individual to whom the patient has granted access to their health information. (see also 80 FR 62658 and 77 FR 13720)
  • The technology specifications should be designed and implemented in such a way as to provide maximum clarity to a patient (and their authorized representative) about what data exists in the system and how to interpret it, and we expect that health IT developers will make choices following design and usability best practices that will make it easier and clearer for patients to find and use their records. [see also 80 FR 62659]
  • In order to mitigate potential interoperability errors and inconsistent implementation of the HL7 Implementation Guide for CDA® Release 2: Consolidated CDA Templates for Clinical Notes, Draft Standard for Trial Use, Release 2.1, ONC assesses, approves, and incorporates corrections as part of required testing and certification to this criterion. [see FAQ #51] Certified health IT adoption and compliance with the following corrections are necessary because they implement updates to vocabularies, update rules for cardinality and conformance statements, and promote proper exchange of C-CDA documents. Consistent with FAQ 51, there is a 90-day delay from the time the CCG has been updated with the ONC-approved corrections to when compliance with the corrections will be required to pass testing (i.e., C-CDA 2.1 Validator). Similarly consistent with FAQ 51, there will be an 18-month delay before a finding of a correction’s absence in certified health IT during surveillance would constitute a non-conformity under the Program.

Paragraph (e)(1)(i)

Technical outcome Patients (and their authorized representatives) can view, download, and transmit their health information to a 3rd party via internet-based technology consistent with one of the Web Content Accessibility Guidelines (WCAG) 2.0 Levels A or AA.

Clarifications:

  • A Health IT Module must demonstrate compliance with the Web Content Accessibility Guideline (WCAG) 2.0 Level A at minimum, and may alternatively demonstrate compliance in accordance with the standard specified in Level AA protocols. This information will be listed with the product as part of its Certified Health IT Product List (CHPL) listing. [see also 80 FR 62660]
  • A Health IT Module does not need to support both WCAG 2.0 Levels.
  • Documentation from a third party or self-attestation that provides independent evidence of conformance to WCAG Levels A or AA can expedite a NVLAP- accredited testing laboratory’s review, but health IT still needs to be independently assessed by the testing laboratory for conformance according to the ONC test procedure. [see also 77 FR 54179]

Paragraph (e)(1)(i)(A)

Technical outcome – View:

The health IT must allow patients (and their authorized representatives) to view, at a minimum, the Common Clinical Data Set; laboratory test report(s); and diagnostic image reports. Additionally, patients (and their authorized representatives) must be able to view for specific settings:

  • Ambulatory setting only – the provider's name and office contact information;
  • Inpatient setting only – the admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.

Clarifications:

  • To meet the “view” requirement, the Common Clinical Data Set information should be made available in its human readable/English (i.e., non-coded) representation.
  • Please refer to the standards required by the Common Clinical Data Set.
  • Throughout this criterion, this requirement pertains to the diagnostic image report, not the image(s) itself. A diagnostic image report contains the consulting specialist’s interpretation of image data conveying the interpretation to the referring/ordering physician and should become a part of the patient’s medical record. Unstructured data for the interpretation text is acceptable for certification. [see also 80 FR 62659]
  • Although Health IT Modules must allow the patient to download and transmit corrected reports in accordance with 42 CFR 493.1291(k)(2), there is no need to separately test for this capability to achieve certification for this criterion. The laboratory test report requirement is satisfied if the Health IT Module demonstrates that it can send a test report.

Paragraph (e)(1)(i)(B)

Technical outcome – Download:

  • In general, health IT presented for certification must be capable of creating CCD documents in order to demonstrate compliance with this certification criterion. [see also 80 FR 16850; 80 FR 62659; and 80 FR 62674]
  • Ambulatory setting – Patients (and their authorized representatives) must be able to download a summary in both a human readable format and using the Continuity of Care Document (CCD) document template of the Consolidated CDA Release 2.1. If the patient (or their authorized representative) chooses to download a summary using the CCD document template, the information must contain:
    • The Common Clinical Data Set;
    • The provider’s name and office contact information;
    • Laboratory test report(s);
    • Diagnostic image report(s).
  • Inpatient setting –
    • Patients (and their authorized representatives) must be able to download a summary in both a human readable format and using the Continuity of Care Document (CCD) document template of the Consolidated CDA Release 2.1. If the patient (or their authorized representative) chooses to download a summary using the CCD document template, the information must contain:
      • The Common Clinical Data Set;
      • Admission and discharge dates and locations;
      • Discharge instructions;
      • Reason(s) for hospitalization;
      • Laboratory test report(s);
      • Diagnostic image report(s).
    • Patients (and their authorized representatives) must be able to download transition of care/referral summaries that were created for a transition of care. [see also Transitions of Care Certification Companion Guide]
  • For both settings, if the patient (or their authorized representative) chooses to download a summary using the CCD document template, the human readable CCD must include data in their English (i.e., non-coded) representation if associated with a vocabulary or code set.

Clarifications:

  • Health IT may demonstrate that it is capable of creating CCDs in one of two ways.
    1. As a native capability that is part of the health IT presented for certification; or
    2. Relying upon a separate source system to perform the CCD creation capability. In this latter case, the source system would be performing a required capability to demonstrate compliance with this certification criterion and would be bound to the issued certificate as “relied upon software.” [see Relied Upon Software Guidance]  If taking this approach, the Health IT Module must be tested with at least one relied upon software product.
  • The “human readable” aspect of this provision can be satisfied using a style sheet associated with a document formatted according to the C-CDA. [see also 77 FR 54180]
  • A hyperlink to the data alone cannot satisfy this provision. The patient (or their authorized representatives) must be able to download the data to meet this requirement. [see also 77 FR 54180]
  • For inpatient setting only, patients (and their authorized representatives) must be able to download transition of care/referral summaries.
  • Health IT Modules may include laboratory test reports and diagnostic image reports in the “Results” section of the CCD.
    • For laboratory test reports, the C-CDA can support this information in a structured way using the “Result Observation Template” in the “Results” section.
      • There is no need to test for sending a corrected laboratory report; this requirement is satisfied if the Health IT Module can demonstrate that it can send a laboratory test report. [see also 80 FR 62660]
    • The C-CDA can support the laboratory test reports data in a structured way using the “Result Observation Template” in the “Results” section. We recommend developers follow the best practices for use of the Result Observation Template per HL7 (e.g., HL7 Task Force Examples). [see also 80 FR 62660]
    • We recommend developers code laboratory test report data where possible and appropriate in anticipation that future certification will require more extensively coded laboratory test report data. [see also 80 FR 62660] For diagnostic image reports, unstructured data for the interpretation text is acceptable. [see also 80 FR 62659]
  • The “inpatient setting only” provision at paragraph (e)(1)(i)(B)(3), which requires a Health IT Module to enable the download of transition of care/referral summaries created as a result of a transition of care, tests the functionality of supplying such previously created C-CDAs and not the content/conformance of the C-CDAs supplied.

Paragraph (e)(1)(i)(C)

Technical outcome – Transmit:

  • For both settings, patients (and their authorized representatives) must be able to transmit the CCD summary created in provision (i)(B)(2) through both (1) email transmission to any email address; and (2) an encrypted method of electronic transmission.
  • In addition, for the inpatient setting, patients (and their authorized representatives) must be able to select and transmit transition of care/referral summaries created for a transition of care through both (1) email transmission to any email address; and (2) an encrypted method of electronic transmission.

Clarifications:

  • Please see the OCR frequently asked questions for best practices regarding the use of email for transmitting health information: http://www.hhs.gov/ocr/privacy/hipaa/faq/health_information_technology/570.html.
  • For the email option, the approach is to provide patients with a readily understood and convenient option to send their health information via email. Under current HIPAA regulations (45 CFR 164.524 and related guidance), patients may presently ask that their data be disclosed to them via unencrypted email. [see also 80 FR 62660]
  • For the encrypted “transmit” option, we encourage developers to provide innovative options for individuals to easily and efficiently protect their health information based on generally available mechanisms for security and new advances in this area.
    • The second “transmit” option is subject to the 2015 Edition privacy and security certification framework, particularly the “trusted connection” certification criterion (§ 170.315(d)(9)).
    • Health IT developers have the flexibility to either establish an encrypted connection between two end points or, alternatively, secure the payload via encryption.
    • The Direct protocol remains an encouraged and viable method to meet the requirements of the encrypted “transmit” requirement.
  • Transferring data to an electronic media like a USB drive or DVD does not constitute “electronic transmission” to meet this criterion. [see also 77 FR 54182]
  • For the purposes of transmission, several methods are acceptable with respect to enabling patients to use this capability. The transmission capabilities could include the ambulatory or inpatient summary created as a file attachment or provide another way for the patient to access their ambulatory or inpatient summary after initiating a transmission, such as a link embedded to their ambulatory or inpatient summary. In either case, however, note that the transmission capability must be able to support transmitting CCD documents and human readable formatted documents.

Paragraph (e)(1)(i)(D)

Technical outcome – Timeframe Selection:

For all of the provisions in (i)(A), (i)(B), and (i)(C) (i.e. View, Download, and Transmit capabilities), patients and their authorized representatives must be able to select data associated with a specific date and select data within an identified time range.

Clarifications:

Timeframes

  • This criterion has two timeframe filters that patients must be able to select and configure on their own (specific date and date range). We did not include the ability to select a specific data element category as part of this filtering requirement.
  • There is no need to allow for selection of a specific time within in each date range. For example, “9/1/2015 to 10/1/2015” is sufficient, rather than “9/1/2015 at 9:00am to 10/1/2015 at 5:00pm.” However, health IT developers may choose to include additional functionality to make it easy for patients to locate the information they need.

Data Requirements

  • Paragraph (e)(1)(i)(D) and its subsequent subparagraphs focus on "data." The scope of the information to be included in the timeframe selection for paragraphs (e)(i)(A),(B), and (C) is focused on the data as laid out in (e)(1)(A)(1) through (5), which is more than just the Common Clinical Data Set.
  • All referenced data in the specified range of the timeframe selection must be returned regardless of whether the data is contained in a C-CDA document or in an atomic form and parsed.
  • Returning all data all the time regardless of a date selection or date range selection is non-conformant insofar as the technology is not demonstrating filtering by date range. The health IT developer must be able to demonstrate that filtering based on the two timeframes can be done properly.
  • Filtering in terms of excluding certain data must be by timeframe pursuant to the two filtering functionalities.
    • We expect that the Health IT Module must be able to send, at a minimum, all required data for a specified date range(s). We acknowledge that there will be organizational policies and/or safety best practices that will dictate additional data to be sent and when data is considered complete and/or ready for being sent.
    • For a Date Range Filter associated with VDT a System Under Test can provide the patient with one or more C-CDA documents that contain the data that is appropriate for the date range.

Approach

  • The date/date range filtering capability does not alone require the creation of new CCD documents to match the patient’s date or date range selection. Health IT is not expected to decompose, extract, and recompose the data from multiple CCD documents into a single larger CCD reflective of the entire date/date range filter selected. Rather, existing/previously created CCD documents in the health IT could be returned in response to a date/date range filter request that the patient could then view, download, or transmit. In other words, the health IT would not be expected to reproduce duplicative copies of CCDs it already created as part of this criterion’s conformance requirements in order to meet the date/date range filter requirement. Providing a list of the existing/previously created CCDs for that date or within the specified date range would be acceptable.
  • However, to be clear, the practice of creating a new CCD is not prohibited and would have the positive effect of making discrete data available to the patient upon request.
  • Health IT must separately demonstrate compliance with paragraphs (e)(1)(i)(B)(3) and (e)(1)(i)(C)(2) of this criterion. However, the data requirements of paragraph (e)(1)(i)(D) do not apply to “supplied” transition of care/referral summaries referenced in these paragraphs.

Paragraph (e)(1)(ii)

Technical outcome – Activity History Log:

For all of the provisions in (i)(A), (i)(B), and (i)(C) (i.e., View, Download, and Transmit capabilities), patients (and their authorized representatives) must be able to access information regarding the action (view, download, or transmit) that occurred, the date and time each action occurred using either Network Time Protocol RFC 1305 or 5905, the user who took the action, and the addressee to whom the summary was transmitted.

Clarifications:

  • Health IT may meet this requirement if it is certified to the 2015 Edition “auditable events and tamper-resistance” certification criterion (§ 170.315(d)(2)) and these data are accessible by the patient (and their authorized representatives).
  • The time period for which the activity log should be available is a policy determination that the organization who implements the health IT should make. Testing and certification will only test for the health IT’s ability to create such a log. [see also 77 FR 54184]

Regulation Text

Regulation Text

§170.315 (e)(1) View, download, and transmit to 3rd party

  1. Patients (and their authorized representatives) must be able to use internet-based technology to view, download, and transmit their health information to a 3rd party in the manner specified below. Such access must be consistent and in accordance with the standard adopted in §170.204(a)(1) and may alternatively be demonstrated in accordance with the standard specified in §170.204(a)(2).
    1. View. Patients (and their authorized representatives) must be able to use health IT to view, at a minimum, the following data:
      1. The Common Clinical Data Set (which should be in their English (i.e., non-coded) representation if they associate with a vocabulary/code set).
      2. Ambulatory setting only. Provider's name and office contact information.
      3. Inpatient setting only. Admission and discharge dates and locations; discharge instructions; and reason(s) for hospitalization.
      4. Laboratory test report(s). Laboratory test report(s), including:
        1. The information for a test report as specified all the data specified in 42 CFR 493.1291(c)(1) through (7);
        2. The information related to reference intervals or normal values as specified in 42 CFR 493.1291(d); and
        3. The information for corrected reports as specified in 42 CFR 493.1291(k)(2).
      5. Diagnostic image report(s).
    2. Download.
      1. Patients (and their authorized representatives) must be able to use technology to download an ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) in the following formats:
        1. Human readable format; and
        2. The format specified in accordance to the standard specified in §170.205(a)(4) following the CCD document template.
      2. When downloaded according to the standard specified in §170.205(a)(4) following the CCD document template, the ambulatory summary or inpatient summary must include, at a minimum, the following data (which, for the human readable version, should be in their English representation if they associate with a vocabulary/code set):
        1. Ambulatory setting only. All of the data specified in paragraph (e)(1)(i)(A)(1), (2), (4), and (5) of this section.
        2. Inpatient setting only. All of the data specified in paragraphs (e)(1)(i)(A)(1), and (3) through (5) of this section.
      3. Inpatient setting only. Patients (and their authorized representatives) must be able to download transition of care/referral summaries that were created as a result of a transition of care (pursuant to the capability expressed in the certification criterion specified in paragraph (b)(1) of this section).
    3. Transmit to third party. Patients (and their authorized representatives) must be able to:
      1. Transmit the ambulatory summary or inpatient summary (as applicable to the health IT setting for which certification is requested) created in paragraph (e)(1)(i)(B)(2) of this section in accordance with both of the following ways:
        1. Email transmission to any email address; and
        2. An encrypted method of electronic transmission.
      2. Inpatient setting only. Transmit transition of care/referral summaries (as a result of a transition of care/referral as referenced by (e)(1)(i)(B)(3)) of this section selected by the patient (or their authorized representative) in both of the ways referenced (e)(1)(i)(C)(1)(i) and (ii) of this section).
    4. Timeframe selection. With respect to the data available to view, download, and transmit as referenced paragraphs (e)(1)(i)(A), (B), and (C) of this section, patients (and their authorized representatives) must be able to:
      1. Select data associated with a specific date (to be viewed, downloaded, or transmitted); and
      2. Select data within an identified date range (to be viewed, downloaded, or transmitted).
  2. Activity history log.
    1. When any of the capabilities included in paragraphs (e)(1)(i)(A) through (C) of this section are used, the following information must be recorded and made accessible to the patient (or his/her authorized representative):
      1. The action(s) (i.e., view, download, transmission) that occurred;
      2. The date and time each action occurred in accordance with the standard specified in §170.210(g);
      3. The user who took the action; and
      4. Where applicable, the addressee to whom an ambulatory summary or inpatient summary was transmitted.
    2. Technology presented for certification may demonstrate compliance with paragraph (e)(1)(ii)(A) of this section if it is also certified to the certification criterion specified in §170.315(d)(2) and the information required to be recorded in paragraph (e)(1)(ii)(A) of this section is accessible by the patient (or his/her authorized representative).

Testing Tool

Edge Testing Tool (ETT): Message Validators

 

 Test Tool Documentation

Test Tool Supplemental Guide

 

Criterion Subparagraph Test Data
(e)(1)(i)(A)

Inpatient setting: 170.315_e1_vdt_inp_sample*.pdf (All samples)

Ambulatory setting: 170.315_e1_vdt_amb_sample*.pdf (All samples)

(e)(1)(i)(B)

Inpatient setting: 170.315_e1_vdt_inp_sample*.pdf (All samples)

Ambulatory setting: 170.315_e1_vdt_amb_sample*.pdf (All samples)

Inpatient setting: 170.315_e1_vdt_toc_inp_*_r2.1_sample*.xml (All samples)

(e)(1)(i)(C)

Inpatient setting: 170.315_e1_vdt_inp_sample*.pdf (All samples)

Ambulatory setting: 170.315_e1_vdt_amb_sample*.pdf (All samples)

Inpatient setting: 170.315_e1_vdt_toc_inp_*_r2.1_sample*.xml (All samples)

Content last reviewed on May 25, 2018
Was this page helpful?