Software Compliance Attestation

From IDESG Wiki
Jump to navigation Jump to search

Full Title

A Software Compliance Attestation is a machine readable packet that can be sent by a software application to a Relying Party attesting to the application source and compliance status.

Context

The final rule on the 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program (issued 2020-05-01) has a fairly large chunk of guidance including:

  • First the FDA part is interesting because upload of data to the EHR would probably trigger section 618 of FDASIA. SO
  • Secition III Application registration = We encourage health IT developers to coalesce around the development and implementation of a common standard for application registration with an API's authorization server. - - - However, implementers of § 170.315(g)(10)-certified Health IT Modules (e.g., health care providers) are not permitted to review or “vet” third-party applications intended for patient access and use (see section VII.C.6 of this preamble). We clarify that the third-party application registration process that a health IT developer must meet under this criterion is not a form of review or “vetting” for purposes of this criterion.

References

Retrieved from "https://wiki.idesg.org/index.php?title=Software_Compliance_Attestation&oldid=14729"