In this issue:
- ONC Real World Test Plan Template Available
- 21st Century Cures Updates for Health IT
- New FHIR® API Program Helps Fill Interoperability Gap
- PCI DSS Protects Card Data in Your EHR Application
ONC Real World Testing (RWT) Plan Template Available
For the past several weeks, Drummond worked alongside the Office of the National Coordinator for Health Information Technology (ONC) to help finalize the Real World Testing (RWT) Plan Template. This template is designed to provide health IT developers with guidance on developing and submitting their RWT plan. Drummond clients can log into our Customer Portal and download a copy here.
The ONC also will be releasing a “Real World Testing Resource Guide” soon to provide further details and clarifications. After the release of this additional guidance, Drummond will invite clients to a webinar discussing the resources shared and a review of the RWT requirements.
As a reminder, in order to maintain compliance to ONC health IT certification, developers are required to submit a RWT test plan for any product certified to one or more of the following criteria: §170.315(b), (c)(1) through (3), (e)(1), (f), (g)(7) through (10), and (h). Test plans must be submitted no later than Nov. 15, 2021.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][movedo_divider][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
21st Century Cures Updates for Health IT
Are you ready for the ONC’s 21st Century Cures updates? Many health IT developers have begun attesting to meeting compliance with Cures requirements. A full recertification is not required for products already certified under 2015 edition. Rather, developers may self-attest to the new and revised Cures criteria with the exception of 315(g.10) Standardized API for Patient and Population Services which requires scheduling a live test session.
Drummond clients can log into our Customer Portal to access resources regarding Cures updated criteria, compliance timelines, and more. For more information, please feel free to contact us at firstname.lastname@example.org.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][movedo_divider][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
New FHIR® API Certification Program Helps Fill Interoperability Gap
Drummond continues to fill the interoperability gap by extending a valuable certification service to the payer community with its Payer and Patient Access FHIR® API Certification Program powered by Touchstone. This service ensures payer implementations of patient access APIs remain compliant with the Centers for Medicare and Medicaid Services (CMS) Interoperability and Patient Access final rule (CMS-9115-F), as well as instill confidence in the ability to securely share data with patients and other payers. The API infrastructure is built upon the HL7® FHIR® standard. Patients can then utilize third-party applications of their choosing to access their information within payer systems. Sign up today for more information.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][movedo_divider][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
PCI DSS Protects Card Data in Your EHR Application
Is your electronic health record (EHR) software application integrated with a payment gateway so that healthcare practices may charge their patients from within the software application? The Payment Card Industry (PCI) Data Security Standard (DSS) enhances cardholder data security to protect an organization from hackers and thieves and facilitates broad adoption of consistent data security measures globally. Drummond’s PCI compliance practice can ensure the payment process is efficient and can help reduce patient waiting time.
And, our experts in the PCI compliance practice stay on track of ongoing updates to regulatory requirements that are sometimes difficult to interpret. With the rising importance of achieving PCI DSS compliance, Drummond can help guide organizations through a baseline of technical and operational requirements designed to protect cardholder data. This applies to all organizations that store, process or transmit cardholder data.
Our Quality Security Assessors (QSAs) work with your organization to understand your cardholder data environment, determine the scope of the assessment and select samples. Being PCI DSS compliant is important and should be a top priority for your business and your clients – it is time to protect your data digitally.