Authentication, access control, and authorization (MU2)
From OpenEMR Project Wiki
- Taken from ONC Final Rule:File:2014 Edition Cert Federal Register.pdf
(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and (ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.