Difference between revisions of "Authentication, access control, and authorization (MU2)"
From OpenEMR Project Wiki
Bradymiller (talk | contribs) (Created page with "==Overview== ==MU Requirements== ===Per ONC=== :Taken from [http://www.ofr.gov/OFRUpload/OFRData/2012-20982_PI.pdf ONC Final Rule] <pre> </pre> ==Status== ==Proposal== ==Own...") |
Bradymiller (talk | contribs) |
||
Line 5: | Line 5: | ||
:Taken from [http://www.ofr.gov/OFRUpload/OFRData/2012-20982_PI.pdf ONC Final Rule] | :Taken from [http://www.ofr.gov/OFRUpload/OFRData/2012-20982_PI.pdf ONC Final Rule] | ||
<pre> | <pre> | ||
(1) Authentication, access control, and authorization. (i) Verify against | |||
a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health | |||
information is the one claimed; and | |||
(ii) Establish the type of access to electronic health information a user is permitted based on | |||
the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user | |||
is permitted to perform with the EHR technology. | |||
</pre> | </pre> | ||
Revision as of 00:38, 9 September 2012
Overview
MU Requirements
Per ONC
- Taken from ONC Final Rule
(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and (ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.