d.9 Certification Criterion

Generally, d.9 is not a certification criterion supported by EMR Direct, since it includes auditing that falls under the implementer's responsibilities. Our products can be used by implementers to meet b.1, h.1, g.7-9, g.10 and e.1 certification requirements; implementers of EMR Direct interoperability solutions generate their own audit logs as part of their custom integration of our software into theirs. The following details may, however, be helpful considering the requirement below:

"Health IT needs to provide a level of trusted connection using either 1) encrypted and integrity message protection or 2) a trusted connection for transport."

The phiMail Direct messaging service includes message-level encryption and uses SHA256 hashing and AES128 encryption when sending messages.



Did this article answer your question? If not, please contact us.