Difference between revisions of "Authentication, access control, and authorization (MU2)"
From OpenEMR Project Wiki
Bradymiller (talk | contribs) |
Bradymiller (talk | contribs) |
||
Line 12: | Line 12: | ||
is permitted to perform with the EHR technology. | is permitted to perform with the EHR technology. | ||
</pre> | </pre> | ||
===Per ONC/NIST Final Test Methods=== | |||
:See here: http://www.healthit.gov/policy-researchers-implementers/2014-edition-final-test-method | |||
==Status== | ==Status== |
Latest revision as of 01:20, 26 January 2013
Overview
MU Requirements
Per ONC
- Taken from ONC Final Rule:File:2014 Edition Cert Federal Register.pdf
(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and (ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.