Software Compliance Attestation: Difference between revisions
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
A [[Software Compliance Attestation]] is a machine readable packet that can be sent by a software application to a [[Relying Party]] attesting to the application source and compliance status. | A [[Software Compliance Attestation]] is a machine readable packet that can be sent by a software application to a [[Relying Party]] attesting to the application source and compliance status. | ||
==Context== | ==Context== | ||
The final rule | The [https://www.federalregister.gov/documents/2020/05/01/2020-07419/21st-century-cures-act-interoperability-information-blocking-and-the-onc-health-it-certification#footnote-1-p25644 final rule on the 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program] (issued 2020-05-01) has a fairly large chunk of guidance including: | ||
* First the FDA part is interesting because upload of data to the EHR would probably trigger section 618 of FDASIA. SO | |||
* Secition III Application registration = We encourage health IT developers to coalesce around the development and implementation of a common standard for application registration with an API's authorization server. - - - However, implementers of § 170.315(g)(10)-certified Health IT Modules (e.g., health care providers) are not permitted to review or “vet” third-party applications intended for patient access and use (see section VII.C.6 of this preamble). We clarify that the third-party application registration process that a health IT developer must meet under this criterion is not a form of review or “vetting” for purposes of this criterion. | |||
* | |||
==References== | ==References== | ||
[[Category: Compliant Implementations]] | [[Category: Compliant Implementations]] | ||
Revision as of 23:46, 27 May 2020
Full Title
A Software Compliance Attestation is a machine readable packet that can be sent by a software application to a Relying Party attesting to the application source and compliance status.
Context
The final rule on the 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program (issued 2020-05-01) has a fairly large chunk of guidance including:
- First the FDA part is interesting because upload of data to the EHR would probably trigger section 618 of FDASIA. SO
- Secition III Application registration = We encourage health IT developers to coalesce around the development and implementation of a common standard for application registration with an API's authorization server. - - - However, implementers of § 170.315(g)(10)-certified Health IT Modules (e.g., health care providers) are not permitted to review or “vet” third-party applications intended for patient access and use (see section VII.C.6 of this preamble). We clarify that the third-party application registration process that a health IT developer must meet under this criterion is not a form of review or “vetting” for purposes of this criterion.