Difference between revisions of "OpenEMR QA against NIST"

From OpenEMR Project Wiki
 
(110 intermediate revisions by the same user not shown)
Line 2: Line 2:
{|
{|
|colspan="23" style="text-align: center; color:orange;"|
|colspan="23" style="text-align: center; color:orange;"|
|style="color:white; background-color:green"|PASSED TEST
|style="color:white; background-color:green"|PASSED CERTIFICATION
|style="color:black; background-color:yellow"|PASS INTERNAL
|style="color:white; background-color:red"|FEATURE NOT IMPLEMENTED OR NOT YET TESTED
|style="color:white; background-color:red"|FEATURE NOT IMPLEMENTED OR NOT YET TESTED
|style="color:white; background-color:blue"|CURRENTLY UNDERGOING TESTING/ANALYSIS
|style="color:white; background-color:blue"|CURRENTLY UNDERGOING TESTING/ANALYSIS
Line 17: Line 18:
|}
|}


Links to individual testing procedures where pulled from [http://xw2k.nist.gov/healthcare/use_testing/effective_requirements.html Approved Test Procedures Version 1.1 Effective October 24, 2010] and could become stale.  If so, please edit this page and to link to the most recent, approved, and effective version(s).
Links to individual testing procedures where pulled from [http://healthcare.nist.gov/use_testing/effective_requirements.html Approved Test Procedures Version 1.1 Effective October 24, 2010] and could become stale.  If so, please edit this page and to link to the most recent, approved, and effective version(s).


==§170.302 General Certification Criteria==
==§170.302 General Certification Criteria==
Line 24: Line 25:
|colspan="23" style="text-align: center; color:white; background-color:blue"|General Certification Criteria
|colspan="23" style="text-align: center; color:white; background-color:blue"|General Certification Criteria
|-
|-
|style="color:white; background-color:red"|a
|style="color:white; background-color:blue"|a
|style="color:white; background-color:red"|b
|style="color:white; background-color:blue"|b
|style="color:white; background-color:green"|c
|style="color:white; background-color:green"|c
|style="color:white; background-color:green"|d
|style="color:white; background-color:green"|d
Line 31: Line 32:
|style="color:white; background-color:green"|f
|style="color:white; background-color:green"|f
|style="color:white; background-color:green"|g
|style="color:white; background-color:green"|g
|style="color:white; background-color:red"|h
|style="color:white; background-color:blue"|h
|style="color:white; background-color:orange"|i
|style="color:white; background-color:green"|i
|style="color:white; background-color:blue"|j
|style="color:black; background-color:yellow"|j
|style="color:white; background-color:red"|k
|style="color:black; background-color:yellow"|k
|style="color:white; background-color:orange"|l
|style="color:white; background-color:green"|l
|style="color:white; background-color:red"|m
|style="color:black; background-color:yellow"|m
|style="color:white; background-color:red"|n
|style="color:black; background-color:yellow"|n
|style="color:white; background-color:green"|o
|style="color:white; background-color:green"|o
|style="color:white; background-color:green"|p
|style="color:white; background-color:green"|p
|style="color:white; background-color:green"|q
|style="color:white; background-color:green"|q
|style="color:white; background-color:green"|r
|style="color:white; background-color:green"|r
|style="color:white; background-color:blue"|s
|style="color:white; background-color:green"|s
|style="color:white; background-color:green"|t
|style="color:white; background-color:green"|t
|style="color:white; background-color:red"|u
|style="color:white; background-color:green"|u
|style="color:white; background-color:green"|v
|style="color:white; background-color:green"|v
|style="color:white; background-color:green"|w
|style="color:white; background-color:green"|w
|}
|}


===(a) Drug-grug, drug-allergy interaction checks===
===(a) Drug-drug, drug-allergy interaction checks===
[http://xw2k.nist.gov/healthcare/docs/170.302.a_DrugDrugDrugAllergy_v1.1.pdf NIST Test Procedure for §170.302 (a) Drug-drug, drug-allergy interaction checks]
[http://healthcare.nist.gov/docs/170.302.a_DrugDrugDrugAllergy_v1.1.pdf NIST Test Procedure for §170.302 (a) Drug-drug, drug-allergy interaction checks]


No test results.
<span style="color: white; background-color: blue;">TEST/QA ONGOING</span>
 
<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>


===(b) Drug formulary checks===
===(b) Drug formulary checks===
[http://xw2k.nist.gov/healthcare/docs/170.302.b_DrugFormularyChecks_v1.1.pdf NIST Test Procedure for §170.302 (b) Drug formulary checks]
[http://healthcare.nist.gov/docs/170.302.b_DrugFormularyChecks_v1.1.pdf NIST Test Procedure for §170.302 (b) Drug formulary checks]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: white; background-color: blue;">TEST/QA ONGOING</span>


===(c) Maintain up-to-date problem list===
===(c) Maintain up-to-date problem list===
[http://xw2k.nist.gov/healthcare/docs/170.302.c_problemlist_v1.1.pdf NIST Test Procedure for §170.302 (c) Maintain up-to-date problem list]
[http://healthcare.nist.gov/docs/170.302.c_problemlist_v1.1.pdf NIST Test Procedure for §170.302 (c) Maintain up-to-date problem list]


<span style="color: white; background-color: green;">Pass (9/9).</span> [[File:Problem_list.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (9/9).</span> [[File:Problem_list.pdf|Detailed test results]]
Line 69: Line 68:


===(d) Maintain active medication list===
===(d) Maintain active medication list===
[http://xw2k.nist.gov/healthcare/docs/170.302.d_medicationlist_v1.1.pdf NIST Test Procedure for §170.302 (d) Maintain Active Medication List]
[http://healthcare.nist.gov/docs/170.302.d_medicationlist_v1.1.pdf NIST Test Procedure for §170.302 (d) Maintain Active Medication List]


<span style="color: white; background-color: green;">Pass (10/10).</span> [[File:Medication List.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (10/10).</span> [[File:Medication List.pdf|Detailed test results]]
Line 76: Line 75:


===(e) Maintain active medication allergy list===
===(e) Maintain active medication allergy list===
[http://xw2k.nist.gov/healthcare/docs/170.302.e_allergylist_v1.1.pdf NIST Test Procedure for §170.302 (e) Maintain active medication allergy list]
[http://healthcare.nist.gov/docs/170.302.e_allergylist_v1.1.pdf NIST Test Procedure for §170.302 (e) Maintain active medication allergy list]


<span style="color: white; background-color: green;">Pass (6/6).</span>  [[File:Medication Allergy.pdf|Detailed test results]] (Note: The quoted section of the Final Rule is incorrect, but the test results are for §170.302 (e))
<span style="color: white; background-color: green;">Pass (6/6).</span>  [[File:Medication Allergy.pdf|Detailed test results]] (Note: The quoted section of the Final Rule is incorrect, but the test results are for §170.302 (e))
Line 95: Line 94:


====(1) Vital signs====
====(1) Vital signs====
[http://xw2k.nist.gov/healthcare/docs/170.302.f.1_vitalsigns_v1.1.pdf NIST Test Procedure for §170.302 (f) (1) Vital Signs]
[http://healthcare.nist.gov/docs/170.302.f.1_vitalsigns_v1.1.pdf NIST Test Procedure for §170.302 (f) (1) Vital Signs]


<span style="color: white; background-color: green;">Pass (16/16).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
<span style="color: white; background-color: green;">Pass (16/16).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
Line 102: Line 101:


====(2) Calculate body mass index====
====(2) Calculate body mass index====
[http://xw2k.nist.gov/healthcare/docs/170.302.f.2_BMI_v1.1.pdf NIST Test Procedure for §170.302(f) (2) Calculate Body Mass Index]
[http://healthcare.nist.gov/docs/170.302.f.2_BMI_v1.1.pdf NIST Test Procedure for §170.302(f) (2) Calculate Body Mass Index]


<span style="color: white; background-color: green;">Pass (5/5).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
<span style="color: white; background-color: green;">Pass (5/5).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
Line 109: Line 108:


====(3) Plot and display growth charts====
====(3) Plot and display growth charts====
[http://xw2k.nist.gov/healthcare/docs/170.302.f.3_growthcharts_v1.1.pdf NIST Test Procedure for §170.302(f) (3) Plot and Display Growth Charts]
[http://healthcare.nist.gov/docs/170.302.f.3_growthcharts_v1.1.pdf NIST Test Procedure for §170.302(f) (3) Plot and Display Growth Charts]


<span style="color: white; background-color: green;">Pass (9/9).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
<span style="color: white; background-color: green;">Pass (9/9).</span>  All test results for [[#.28f.29_Record_and_chart_vital_signs|(f) Record and chart vital signs]] are combined in one document linked above.
Line 116: Line 115:


===(g) Smoking status===
===(g) Smoking status===
[http://xw2k.nist.gov/healthcare/docs/170.302.g_smokingstatus_v1.1.pdf NIST Test Procedure for §170.302 (g) Smoking Status]
[http://healthcare.nist.gov/docs/170.302.g_smokingstatus_v1.1.pdf NIST Test Procedure for §170.302 (g) Smoking Status]


<span style="color: white; background-color: green;">Pass (10/10).</span>  [[File:Smoking_Status.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (10/10).</span>  [[File:Smoking_Status.pdf|Detailed test results]]
Line 122: Line 121:
Currently implemented in OpenEMR.  Please edit this page to include information about the implementation location in the source tree.
Currently implemented in OpenEMR.  Please edit this page to include information about the implementation location in the source tree.


===(h) Incorporate labratory test results===
===(h) Incorporate laboratory test results===
[http://xw2k.nist.gov/healthcare/docs/170.302.h_IncorpLabTest_v1.1.pdf NIST Test Procedure for §170.302 (h) Incorporate labratory test results]
[http://healthcare.nist.gov/docs/170.302.h_IncorpLabTest_v1.1.pdf NIST Test Procedure for §170.302 (h) Incorporate laboratory test results]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=4605859c53ccf218aaed7b11b0e26ccb79d4cb8a 4605] and later versions of OpenEMR.
 
<span style="color: white; background-color: blue;">TEST/QA ONGOING</span>
 
:* Ask ICSA how this test will really be run, our servers are setup to receive data from labcorp via a LEN server. Have Jeremy check that we can handle all the test version.


===(i) Generate patient lists===
===(i) Generate patient lists===
[http://xw2k.nist.gov/healthcare/docs/170.302.i_GeneratePatientLists_v1.1.pdf NIST Test Procedure for §170.302 (i) Generate patient lists]
[http://healthcare.nist.gov/docs/170.302.i_GeneratePatientLists_v1.1.pdf NIST Test Procedure for §170.302 (i) Generate patient lists]
 
<span style="color: white; background-color: green;">Passed</span>


Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=a7ec52ca4f3db0f4caacde8588efaae429ca3226 a7ec] and later versions of OpenEMR.
Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=a7ec52ca4f3db0f4caacde8588efaae429ca3226 a7ec] and later versions of OpenEMR.
 
(note the link points to the patch)
<span style="color: white; background-color: orange;">Needs to undergo NIST QA testing.</span>


===(j) Medication reconciliation===
===(j) Medication reconciliation===
[http://xw2k.nist.gov/healthcare/docs/170.302.j_%20MedicationReconciliation_v1.1.pdf NIST Test Procedure for §170.302 (j) Medication reconciliation]
[http://healthcare.nist.gov/docs/170.302.j_%20MedicationReconciliation_v1.1.pdf NIST Test Procedure for §170.302 (j) Medication reconciliation]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>


A patch available in the tracker did not pass NIST testing. Awaiting a new patch - see Test Summary link below for details. [http://sourceforge.net/tracker/?func=detail&aid=3023178&group_id=60081&atid=1245239 Patch] <br>
:Proposed solution --[[User:Tmccormi|Tony - www.mi-squared.com]] 03:13, 6 March 2011 (UTC)
:*OpenEMR has full tracking of medications and a document management and viewing system.  If we can show the internal database list and an uploaded/scanned medication list (like would be provided by patient) then we meet the requirement.   '''ICSA agrees that this will pass the NIST requirement'''


[[Test Summary for Medication reconciliation]]
[[Test Summary for Medication reconciliation]]


===(k) Submission to immunization registries===
===(k) Submission to immunization registries===
[http://xw2k.nist.gov/healthcare/docs/170.302.k_Immunizations_v1.1.pdf NIST Test Procedure for §170.302 (k) Submission to immunization registries]
[http://healthcare.nist.gov/docs/170.302.k_Immunizations_v1.1.pdf NIST Test Procedure for §170.302 (k) Submission to immunization registries]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>


===(l) Public health surveillance===
===(l) Public health surveillance===
[http://xw2k.nist.gov/healthcare/docs/170.302.l_PublicHealthSurveillance_v1.1.pdf NIST Test Procedure for §170.302 (l) Public health surveillance]
[http://healthcare.nist.gov/docs/170.302.l_PublicHealthSurveillance_v1.1.pdf NIST Test Procedure for §170.302 (l) Public health surveillance]


Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=d6db39355ad4f3b318b1728587163184031bf41c d6db] and later versions of OpenEMR.
Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=d6db39355ad4f3b318b1728587163184031bf41c d6db] and later versions of OpenEMR.


<span style="color: white; background-color: orange;">Ready to test (Syndromic Surveillance)</span>
<span style="color: white; background-color: green;">Passed</span> (Syndromic Surveillance)


===(m) Patient specific education resources===
===(m) Patient specific education resources===
[http://xw2k.nist.gov/healthcare/docs/170.302.m_EducationResources_v1.1.pdf NIST Test Procedure for §170.302 (m) Patient specific education resources]
[http://healthcare.nist.gov/docs/170.302.m_EducationResources_v1.1.pdf NIST Test Procedure for §170.302 (m) Patient specific education resources]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>
 
 
:* ICSA agrees that links in the product or even a "requirement" to have access to http://nursing.advancedweb.com or http://www.nlm.nih.gov/medlineplus/ for patient education materials will meet the requirement.
:* '''Proposed Solution''' Make it a required 3rd party tool on the application and leave it at that (see: the HHS site where AlphaCM, Inc did this for MedLinePlus)
:* Sam's workflow
::* Procedure for “specific education resources” lookup.
:::Open Google, Type in the diagnosis or condition and add the preferred site. I like to look at specific resources.
    “Disease” emedicine
    “Disease” mayoclinic
    “Disease” webmd
 
:::The MayoClinic has a lot of good patient lay information, Generally the emedicine site is more for physicians. The WebMD tends to be more physician related.


===(n) Automated measure calculation===
===(n) Automated measure calculation===
[http://xw2k.nist.gov/healthcare/docs/170.302.n_AutomateMeasureCalc_v1.1.pdf NIST Test Procedure for §170.302 (n) Automated measure calculation]
[http://healthcare.nist.gov/docs/170.302.n_AutomateMeasureCalc_v1.1.pdf NIST Test Procedure for §170.302 (n) Automated measure calculation]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>


===(o) Access control===
===(o) Access control===
[http://xw2k.nist.gov/healthcare/docs/170.302.o_AccessControl_v1.1.pdf NIST Test Procedure for  §170.302 (o) Access Control]
[http://healthcare.nist.gov/docs/170.302.o_AccessControl_v1.1.pdf NIST Test Procedure for  §170.302 (o) Access Control]


<span style="color: white; background-color: green;">Pass (8/8).</span>  [[File:Access_Control.pdf|Detailed Test Results]]
<span style="color: white; background-color: green;">Pass (8/8).</span>  [[File:Access_Control.pdf|Detailed Test Results]]
Line 173: Line 190:


===(p) Emergency access===
===(p) Emergency access===
[http://xw2k.nist.gov/healthcare/docs/170.302.p_EmergencyAccess_v1.1.pdf NIST Test Procedure for §170.302 (p) Emergency Access]
[http://healthcare.nist.gov/docs/170.302.p_EmergencyAccess_v1.1.pdf NIST Test Procedure for §170.302 (p) Emergency Access]


<span style="color: white; background-color: green;">Pass (9/9).</span>  [[File:Emergency-Access.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (9/9).</span>  [[File:Emergency-Access.pdf|Detailed test results]]
Line 182: Line 199:


===(q) Automatic log-off===
===(q) Automatic log-off===
[http://xw2k.nist.gov/healthcare/docs/170.302.q_AutomaticLogOff_v1.1.pdf NIST Test Procedure for §170.302 (q) Automatic log-off]
[http://healthcare.nist.gov/docs/170.302.q_AutomaticLogOff_v1.1.pdf NIST Test Procedure for §170.302 (q) Automatic log-off]


<span style="color: white; background-color: green;">Pass (2/2).</span>  [[File:Automatic Log Off.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (2/2).</span>  [[File:Automatic Log Off.pdf|Detailed test results]]
Line 189: Line 206:


===(r) Audit log===
===(r) Audit log===
[http://xw2k.nist.gov/healthcare/docs/170.302.r_AuditLog_v1.1.pdf NIST Test Procedure for §170.302 (r) Audit Log]
[http://healthcare.nist.gov/docs/170.302.r_AuditLog_v1.1.pdf NIST Test Procedure for §170.302 (r) Audit Log]


<span style="color: white; background-color: green;">Pass (15/15).</span>  [[File:Audit log.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (15/15).</span>  [[File:Audit log.pdf|Detailed test results]]
Line 196: Line 213:


===(s) Integrity===
===(s) Integrity===
[http://xw2k.nist.gov/healthcare/docs/170.302.s_Integrity_v1.1.pdf NIST Test Procedure for §170.302 (s) Integrity]
[http://healthcare.nist.gov/docs/170.302.s_Integrity_v1.1.pdf NIST Test Procedure for §170.302 (s) Integrity]


<span style="color:white; background-color:blue;">Fail (6/6).</span>  [[File:Data Integrity.pdf|Detailed test results]]  Failure Reason: The hashing algorithm currently in use is MD5.  The standard requires an algorithm at last as strong as SHA-1.  According to [http://en.wikipedia.org/wiki/Comparison_of_cryptographic_hash_functions#Cryptanalysis Wikipedia] SHA-1 has 51 bits of effective security, while MD5 has less than 21.  In fact, (unsalted) MD5 collisions can be found in seconds on GHz-class 32-bit PCs.
<span style="color:white; background-color:green;">Pass 3/18).</span>  [[File:Data Integrity.pdf|Detailed test results]]   
 
: code updated to SHA1 and enhanced Document Mgmt tree
Currently implemented poorly in OpenEMR.  Please edit this page to include information about the implementation location in the source tree.


Per ICSA:  
Per ICSA:  
Line 206: Line 222:


===(t) Authentication===
===(t) Authentication===
[http://xw2k.nist.gov/healthcare/docs/170.302.t_Authentication_v1.1.pdf NIST Test Procedure for §170.302 (t) Authentication]
[http://healthcare.nist.gov/docs/170.302.t_Authentication_v1.1.pdf NIST Test Procedure for §170.302 (t) Authentication]


<span style="color: white; background-color: green;">Pass (10/10).</span>  [[File:Authentication.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (10/10).</span>  [[File:Authentication.pdf|Detailed test results]]
Line 213: Line 229:


===(u) General encryption===
===(u) General encryption===
[http://xw2k.nist.gov/healthcare/docs/170.302.u_GeneralEncryption_v1.1.pdf NIST Test Procedure for §170.302 (u) General encryption]
[http://healthcare.nist.gov/docs/170.302.u_GeneralEncryption_v1.1.pdf NIST Test Procedure for §170.302 (u) General encryption]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: white; background-color: green;">Passes</span>


Per ICSA:
See: [[170.302_(o-v)_Security_requirements]]
: General Encryption: 3rd party applications can be sued to satisfy this requirement. Any 3rd party application used would be considered part of the system seeking certification, and would need to use a standards based algorithm as identified in the NIST test procedures (FIPS 140-2). The algorithm as well as the 3rd party application would be documented as part of your self-attestation materials. It is up to the applicant to decide what data is encrypted during the testing session, as the NIST procedures are not specific on that point. '''It may not be necessary to have a separate screen that shows the process, however you would be required to demonstrate that the selected data has been encrypted, and can be decrypted, and provide documentation and self-attestation as to the type of algorithm and any  3rd party applications.''' SHA-1 or higher should be used for any 3rd party applications used to meet this step.


===(v) Encryption when exchanging electronic health information===
===(v) Encryption when exchanging electronic health information===
[http://xw2k.nist.gov/healthcare/docs/170.302.v_EncryptionHIE_v1.1.pdf NIST Test Procedure for §170.302 (v) Encryption when exchanging electronic health information]
[http://healthcare.nist.gov/docs/170.302.v_EncryptionHIE_v1.1.pdf NIST Test Procedure for §170.302 (v) Encryption when exchanging electronic health information]


<span style="color: white; background-color: green;">Pass (5/5).</span>  [[File:Encryption_For_Exchanging_Health_Information.pdf]]
<span style="color: white; background-color: green;">Pass (5/5).</span>  [[File:Encryption_For_Exchanging_Health_Information.pdf]]
Line 228: Line 243:


===(w) Accounting of disclosures (optional)===
===(w) Accounting of disclosures (optional)===
[http://xw2k.nist.gov/healthcare/docs/170.302.w_AccountingDisclosures_v1.1.pdf NIST Test Procedure for §170.302 (w) Optional. Accounting of Disclosures]
[http://healthcare.nist.gov/docs/170.302.w_AccountingDisclosures_v1.1.pdf NIST Test Procedure for §170.302 (w) Optional. Accounting of Disclosures]


<span style="color: white; background-color: green;">Pass (5/5).</span>  [[File:Disclosure.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (5/5).</span>  [[File:Disclosure.pdf|Detailed test results]]
Line 239: Line 254:
|colspan="23" style="text-align: center; color:white; background-color:blue"|Ambulatory Certification Criteria
|colspan="23" style="text-align: center; color:white; background-color:blue"|Ambulatory Certification Criteria
|-
|-
|style="color:white; background-color:blue"|a
|style="color:black; background-color:yellow"|a
|style="color:white; background-color:red"|b
|style="color:white; background-color:blue"|b
|style="color:white; background-color:green"|c
|style="color:white; background-color:green"|c
|style="color:white; background-color:red"|d
|style="color:black; background-color:yellow"|d
|style="color:white; background-color:red"|e
|style="color:black; background-color:yellow"|e
|style="color:white; background-color:red"|f
|style="color:black; background-color:yellow"|f
|style="color:white; background-color:red"|g
|style="color:black; background-color:yellow"|g
|style="color:white; background-color:red"|h
|style="color:black; background-color:yellow"|h
|style="color:white; background-color:red"|i
|style="color:black; background-color:yellow"|i
|style="color:white; background-color:red"|j
|style="color:black; background-color:yellow"|j
|}
|}


===(a) Computerized provider order entry===
===(a) Computerized provider order entry===
[http://xw2k.nist.gov/healthcare/docs/170.304.a_CPOE_v1.1.pdf NIST Test Procedure for §170.304 (a) Computerized provider order entry]
[http://healthcare.nist.gov/docs/170.304.a_CPOE_v1.1.pdf NIST Test Procedure for §170.304 (a) Computerized provider order entry]
 
Implemented in [http://openemr.git.sourceforge.net/git/gitweb.cgi?p=openemr/openemr;a=commit;h=6e748bb2b332d26d4284d02625b3572bb4fe0ba3 6e74] and later versions of OpenEMR.
 
<span style="color: black; background-color: yellow;">Passed</span>


[[Test Summary]]
[[Test Summary]]


===(b) Electronic Prescribing===
===(b) Electronic Prescribing===
[http://xw2k.nist.gov/healthcare/docs/170.304.b_eRx_v1.1.pdf NIST Test Procedure for §170.304 (b) Electronic Prescribing]
[http://healthcare.nist.gov/docs/170.304.b_eRx_v1.1.pdf NIST Test Procedure for §170.304 (b) Electronic Prescribing]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: white; background-color: blue;">TEST/QA ONGOING</span>


===(c) Record demographics===
===(c) Record demographics===
[http://xw2k.nist.gov/healthcare/docs/170.304.c_RecordDemographicsAmb_v1.1.pdf NIST Test Procedure for §170.304 (c) Record Demographics]
[http://healthcare.nist.gov/docs/170.304.c_RecordDemographicsAmb_v1.1.pdf NIST Test Procedure for §170.304 (c) Record Demographics]


<span style="color: white; background-color: green;">Pass (12/12).</span>  [[File:Demographics.pdf|Detailed test results]]
<span style="color: white; background-color: green;">Pass (12/12).</span>  [[File:Demographics.pdf|Detailed test results]]
Line 269: Line 288:


===(d) Patient reminders===
===(d) Patient reminders===
[http://xw2k.nist.gov/healthcare/docs/170.304.d_GeneratePatientReminders_v1.1.pdf NIST Test Procedure for §170.304 (d) Patient reminders]
[http://healthcare.nist.gov/docs/170.304.d_GeneratePatientReminders_v1.1.pdf NIST Test Procedure for §170.304 (d) Patient reminders]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>


===(e) Clinical decision support===
===(e) Clinical decision support===
[http://xw2k.nist.gov/healthcare/docs/170.304.e_ClinicalDecisionSupportAmb_v1.1.pdf NIST Test Procedure for §170.304 (e) Clinical decision support]
[http://healthcare.nist.gov/docs/170.304.e_ClinicalDecisionSupportAmb_v1.1.pdf NIST Test Procedure for §170.304 (e) Clinical decision support]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>


===(f) Electronic copy of health information===
===(f) Electronic copy of health information===
[http://xw2k.nist.gov/healthcare/docs/170.304.f_ElectronicCopyOfHealthInformation_v1.1.pdf NIST Test Procedure for §170.304 (f) Electronic copy of health information]
[http://healthcare.nist.gov/docs/170.304.f_ElectronicCopyOfHealthInformation_v1.1.pdf NIST Test Procedure for §170.304 (f) Electronic copy of health information]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed<span>
 
 
[[Test Summary for CCR/CCD modules]]


===(g) Timely access===
===(g) Timely access===
[http://xw2k.nist.gov/healthcare/docs/170.304.g_TimelyAccess_v1.1.pdf NIST Test Procedure for §170.304 (g) Timely access]
[http://healthcare.nist.gov/docs/170.304.g_TimelyAccess_v1.1.pdf NIST Test Procedure for §170.304 (g) Timely access]
* Test Process document needed - Garden
* Dependent on CCR/CCD
<span style="color: white; background-color: orange;">Need to test</span> Garden's Health ISP HIE + Microsoft Health Vault <br>
<span style="color:black; background-color: yellow;">Passed</span> ZH healthcare's mydocsportal <br>
<span style="color: black; background-color: yellow;">Passed</span> Cassi's onsite portal


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
===(h) Clinical summaries===
[http://healthcare.nist.gov/docs/170.304.h_ClinicalSummaries_v1.1.pdf NIST Test Procedure for §170.304 (h) Clinical summaries]


===(h) Clinical summaries===
<span style="color: black; background-color: yellow;">Passed</span>
[http://xw2k.nist.gov/healthcare/docs/170.304.h_ClinicalSummaries_v1.1.pdf NIST Test Procedure for §170.304 (h) Clinical summaries]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
[[Test Summary for CCR/CCD modules]]


===(i) Exchange clinical information and patient summary record===
===(i) Exchange clinical information and patient summary record===
[http://xw2k.nist.gov/healthcare/docs/170.304.i_ExchangeClinicalinfoPatientSummaryRecordAmb_v1.1.pdf NIST Test Procedure for §170.304 (i) Exchange clinical information and patient summary record]
[http://healthcare.nist.gov/docs/170.304.i_ExchangeClinicalinfoPatientSummaryRecordAmb_v1.1.pdf NIST Test Procedure for §170.304 (i) Exchange clinical information and patient summary record]


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
<span style="color: black; background-color: yellow;">Passed</span>
[[Test Summary for CCR/CCD modules]]


===(j) Calculate and submit clinical quality measures===
===(j) Calculate and submit clinical quality measures===
[http://xw2k.nist.gov/healthcare/docs/170.304.j_CalcSubmitClinQualityMeasures_v1.1.pdf NIST Test Procedure for §170.304 (j) Calculate and submit clinical quality measures]
[http://healthcare.nist.gov/docs/170.304.j_CalcSubmitClinQualityMeasures_v1.1.pdf NIST Test Procedure for §170.304 (j) Calculate and submit clinical quality measures]
 
<span style="color: black; background-color: yellow;">Passed</span>
 


<span style="color: white; background-color: red;">Currently unimplemented in OpenEMR.</span>
[[Category:Certification]][[Category:Certification Stage I]]

Latest revision as of 18:16, 9 September 2012

Color Legend

PASSED CERTIFICATION PASS INTERNAL FEATURE NOT IMPLEMENTED OR NOT YET TESTED CURRENTLY UNDERGOING TESTING/ANALYSIS FLAGGED FOR TESTING

NIST Meaningful Use Test Method by Criteria

Status Summary:

NIST Meaningful Use Test Method
§170.302 §170.304

Links to individual testing procedures where pulled from Approved Test Procedures Version 1.1 Effective October 24, 2010 and could become stale. If so, please edit this page and to link to the most recent, approved, and effective version(s).

§170.302 General Certification Criteria

Status Summary:

General Certification Criteria
a b c d e f g h i j k l m n o p q r s t u v w

(a) Drug-drug, drug-allergy interaction checks

NIST Test Procedure for §170.302 (a) Drug-drug, drug-allergy interaction checks

TEST/QA ONGOING

(b) Drug formulary checks

NIST Test Procedure for §170.302 (b) Drug formulary checks

TEST/QA ONGOING

(c) Maintain up-to-date problem list

NIST Test Procedure for §170.302 (c) Maintain up-to-date problem list

Pass (9/9). File:Problem list.pdf

Implemented in fc72 and later versions of OpenEMR.

(d) Maintain active medication list

NIST Test Procedure for §170.302 (d) Maintain Active Medication List

Pass (10/10). File:Medication List.pdf

Currently implemented in OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(e) Maintain active medication allergy list

NIST Test Procedure for §170.302 (e) Maintain active medication allergy list

Pass (6/6). File:Medication Allergy.pdf (Note: The quoted section of the Final Rule is incorrect, but the test results are for §170.302 (e))

Implemented in fc72 and later versions of OpenEMR.

(f) Record and chart vital signs

Status Summary:

Record and chart vital signs
1 2 3

File:Vital sign.pdf

(1) Vital signs

NIST Test Procedure for §170.302 (f) (1) Vital Signs

Pass (16/16). All test results for (f) Record and chart vital signs are combined in one document linked above.

Currently implemented by OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(2) Calculate body mass index

NIST Test Procedure for §170.302(f) (2) Calculate Body Mass Index

Pass (5/5). All test results for (f) Record and chart vital signs are combined in one document linked above.

Currently implemented by OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(3) Plot and display growth charts

NIST Test Procedure for §170.302(f) (3) Plot and Display Growth Charts

Pass (9/9). All test results for (f) Record and chart vital signs are combined in one document linked above.

Currently implemented by OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(g) Smoking status

NIST Test Procedure for §170.302 (g) Smoking Status

Pass (10/10). File:Smoking Status.pdf

Currently implemented in OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(h) Incorporate laboratory test results

NIST Test Procedure for §170.302 (h) Incorporate laboratory test results

Implemented in 4605 and later versions of OpenEMR.

TEST/QA ONGOING

  • Ask ICSA how this test will really be run, our servers are setup to receive data from labcorp via a LEN server. Have Jeremy check that we can handle all the test version.

(i) Generate patient lists

NIST Test Procedure for §170.302 (i) Generate patient lists

Passed

Implemented in a7ec and later versions of OpenEMR. (note the link points to the patch)

(j) Medication reconciliation

NIST Test Procedure for §170.302 (j) Medication reconciliation

Passed

Proposed solution --Tony - www.mi-squared.com 03:13, 6 March 2011 (UTC)
  • OpenEMR has full tracking of medications and a document management and viewing system. If we can show the internal database list and an uploaded/scanned medication list (like would be provided by patient) then we meet the requirement. ICSA agrees that this will pass the NIST requirement

Test Summary for Medication reconciliation

(k) Submission to immunization registries

NIST Test Procedure for §170.302 (k) Submission to immunization registries

Passed

(l) Public health surveillance

NIST Test Procedure for §170.302 (l) Public health surveillance

Implemented in d6db and later versions of OpenEMR.

Passed (Syndromic Surveillance)

(m) Patient specific education resources

NIST Test Procedure for §170.302 (m) Patient specific education resources

Passed


  • ICSA agrees that links in the product or even a "requirement" to have access to http://nursing.advancedweb.com or http://www.nlm.nih.gov/medlineplus/ for patient education materials will meet the requirement.
  • Proposed Solution Make it a required 3rd party tool on the application and leave it at that (see: the HHS site where AlphaCM, Inc did this for MedLinePlus)
  • Sam's workflow
  • Procedure for “specific education resources” lookup.
Open Google, Type in the diagnosis or condition and add the preferred site. I like to look at specific resources.
   “Disease” emedicine
   “Disease” mayoclinic
   “Disease” webmd
The MayoClinic has a lot of good patient lay information, Generally the emedicine site is more for physicians. The WebMD tends to be more physician related.

(n) Automated measure calculation

NIST Test Procedure for §170.302 (n) Automated measure calculation

Passed

(o) Access control

NIST Test Procedure for §170.302 (o) Access Control

Pass (8/8). File:Access Control.pdf

Currently implemented by OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(p) Emergency access

NIST Test Procedure for §170.302 (p) Emergency Access

Pass (9/9). File:Emergency-Access.pdf

Configuring and testing Emergency access

Currently implemented in OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(q) Automatic log-off

NIST Test Procedure for §170.302 (q) Automatic log-off

Pass (2/2). File:Automatic Log Off.pdf

Currently implemented in OpenEMR. Please edit this page to include information about the implementation location in the source tree.

(r) Audit log

NIST Test Procedure for §170.302 (r) Audit Log

Pass (15/15). File:Audit log.pdf

Implemented in e97e and later versions of OpenEMR.

(s) Integrity

NIST Test Procedure for §170.302 (s) Integrity

Pass 3/18). File:Data Integrity.pdf

code updated to SHA1 and enhanced Document Mgmt tree

Per ICSA:

As long as you can demonstrate that the hash value has been created, and then a different hash value appears once the data is modified. SSL would also meet the requirements for transport. The secure hashing algorithm used to provide the hash value should also be SHA-1 or higher. For this test procedure you would also have to electronically exchange test data (that you specify) and the generated message digest to a receiving system (of your choice) and demonstrate that the electronically exchanged message digest and the message digest generated on the receiving system are the same for the provided test data.

(t) Authentication

NIST Test Procedure for §170.302 (t) Authentication

Pass (10/10). File:Authentication.pdf

Currently implemented by OpenEMR with using client SSL certificates. Please edit this page to include information about the implementation location in the source tree.

(u) General encryption

NIST Test Procedure for §170.302 (u) General encryption

Passes

See: 170.302_(o-v)_Security_requirements

(v) Encryption when exchanging electronic health information

NIST Test Procedure for §170.302 (v) Encryption when exchanging electronic health information

Pass (5/5). File:Encryption For Exchanging Health Information.pdf

Currently implemented by OpenEMR when using Apache configured for SSL. Please edit this page to include information about the implementation location in the source tree.

(w) Accounting of disclosures (optional)

NIST Test Procedure for §170.302 (w) Optional. Accounting of Disclosures

Pass (5/5). File:Disclosure.pdf

Currently implemented in OpenEMR. Please edit this page to include information about the implementation location in the source tree.

§170.304 Ambulatory Certification Criteria

Status Summary:

Ambulatory Certification Criteria
a b c d e f g h i j

(a) Computerized provider order entry

NIST Test Procedure for §170.304 (a) Computerized provider order entry

Implemented in 6e74 and later versions of OpenEMR.

Passed

Test Summary

(b) Electronic Prescribing

NIST Test Procedure for §170.304 (b) Electronic Prescribing

TEST/QA ONGOING

(c) Record demographics

NIST Test Procedure for §170.304 (c) Record Demographics

Pass (12/12). File:Demographics.pdf

Implemented in 1c745 and later versions of OpenEMR.

(d) Patient reminders

NIST Test Procedure for §170.304 (d) Patient reminders

Passed

(e) Clinical decision support

NIST Test Procedure for §170.304 (e) Clinical decision support

Passed

(f) Electronic copy of health information

NIST Test Procedure for §170.304 (f) Electronic copy of health information

Passed


Test Summary for CCR/CCD modules

(g) Timely access

NIST Test Procedure for §170.304 (g) Timely access

  • Test Process document needed - Garden
  • Dependent on CCR/CCD

Need to test Garden's Health ISP HIE + Microsoft Health Vault
Passed ZH healthcare's mydocsportal
Passed Cassi's onsite portal

(h) Clinical summaries

NIST Test Procedure for §170.304 (h) Clinical summaries

Passed

Test Summary for CCR/CCD modules

(i) Exchange clinical information and patient summary record

NIST Test Procedure for §170.304 (i) Exchange clinical information and patient summary record

Passed Test Summary for CCR/CCD modules

(j) Calculate and submit clinical quality measures

NIST Test Procedure for §170.304 (j) Calculate and submit clinical quality measures

Passed

Retrieved from "https://www.open-emr.org/wiki/index.php?title=OpenEMR_QA_against_NIST&oldid=12573"