Difference between revisions of "Authentication, access control, and authorization (MU2)"
From OpenEMR Project Wiki
Bradymiller (talk | contribs) (→Links) |
Bradymiller (talk | contribs) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 3: | Line 3: | ||
==MU Requirements== | ==MU Requirements== | ||
===Per ONC=== | ===Per ONC=== | ||
:Taken from [ | :Taken from ONC Final Rule:[[File:2014_Edition_Cert_Federal_Register.pdf]] | ||
<pre> | <pre> | ||
(1) Authentication, access control, and authorization. (i) Verify against | (1) Authentication, access control, and authorization. (i) Verify against | ||
| Line 12: | Line 12: | ||
is permitted to perform with the EHR technology. | is permitted to perform with the EHR technology. | ||
</pre> | </pre> | ||
===Per ONC/NIST Final Test Methods=== | |||
:See here: http://www.healthit.gov/policy-researchers-implementers/2014-edition-final-test-method | |||
==Status== | ==Status== | ||
Latest revision as of 01:20, 26 January 2013
Overview
MU Requirements
Per ONC
- Taken from ONC Final Rule:File:2014 Edition Cert Federal Register.pdf
(1) Authentication, access control, and authorization. (i) Verify against a unique identifier(s) (e.g., username or number) that a person seeking access to electronic health information is the one claimed; and (ii) Establish the type of access to electronic health information a user is permitted based on the unique identifier(s) provided in paragraph (d)(1)(i) of this section, and the actions the user is permitted to perform with the EHR technology.
