Software Compliance Attestation
Jump to navigation
Jump to search
Full Title
A Software Compliance Attestation is a machine readable packet that can be sent by a software application to a Relying Party attesting to the application source and compliance status.
Context
The final rule on the 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program (issued 2020-05-01) has a fairly large chunk of guidance including:
- First the FDA part is interesting because upload of data to the EHR would probably trigger section 618 of FDASIA. SO
- Secition III Application registration = We encourage health IT developers to coalesce around the development and implementation of a common standard for application registration with an API's authorization server. - - - However, implementers of § 170.315(g)(10)-certified Health IT Modules (e.g., health care providers) are not permitted to review or “vet” third-party applications intended for patient access and use (see section VII.C.6 of this preamble). We clarify that the third-party application registration process that a health IT developer must meet under this criterion is not a form of review or “vetting” for purposes of this criterion.