OpenEMR 7.0.0 ONC Ambulatory EHR Certification Requirements
From OpenEMR Project Wiki
Revision as of 15:48, 2 July 2022 by Bradymiller (talk | contribs) (Created page with ":*You are required to register your Organization name and FHIR endpoint with the OpenEMR Foundation by sending an email with this information to hello@open-emr.org with subjec...")
- You are required to register your Organization name and FHIR endpoint with the OpenEMR Foundation by sending an email with this information to hello@open-emr.org with subject of 'ONC 2015 registration'. This information will be posted on OpenEMR_7.0.0_API#Service_Base_URLs, which is a requirement for ONC 2015 (the OpenEMR Foundation is required to post this information within 10 days of your request).
- Required global settings
- Administration->Globals->Security->Hash Algorithm for Authentication->SHA512 (ONC 2015)
- Administration->Globals->Security->Hash Algorithm for Token->SHA512 (ONC 2015)
- Administration->Globals->Logging->Enable Audit Log Encryption->On
- Administration->Globals->Connectors->Enable OpenEMR Standard FHIR REST API->On
- To ensure optimal security, users are required to run their OpenEMR client web browser on a end-user device that encrypts entire drive(s) with AES based encryption algorithm.
- To ensure optimal security, users are required to use a FIPS compliant cipher for the HTTPS/SSL browser connection.
- To ensure accurate time, server are required to set up a Network Time Protocol server that supports version 4 Network Time Protocol (NTP) as defined by RFC 5905.
- For users NOT NEEDING ONC 2015, then would consider setting following global setting to improve performance
- Administration->Globals->Security->Audit Logging SELECT Query->Off
- Administration->Globals->Security->Printing Log Option->No logging
