Objective: Provide patients the ability to view online, download, and transmit their health information within 4 business days of the information being available to the EP.
CMS' Final Rule
§ 495.6(j)(10)(ii)(A) see objective and measure above
§ 495.6(j)(10)(ii)(B) see objective and measure above
§ 495.6(j)(10)(ii)(C) see objective and measure above
Standards and Certification Final Rule
§ 170.314(e)(1) View, download, and transmit to third party.
(i) EHR technology must provide patients (and their authorized representatives) with an online means to view, download, and transmit to a 3rd party the data specified below. Access to these capabilities must be through a secure channel that ensures all content is encrypted and integrity-protected in accordance with the standard for encryption and hashing algorithms specified at § 170.210(f).
(A) View - Electronically view in accordance with the standard adopted at § 170.204(a), at
a minimum, the following data:
i. The Common MU Data Set (which should be in their English (i.e., non-coded)
representation if they associate with a vocabulary/code set).
ii. Provider’s name and office contact information.
Depending on the type of certification issued to the EHR technology, it will also have been certified to the certification criterion adopted at 45 CFR 170.314 (g)(1), (g)(2), or both, in order to assist in the calculation of this meaningful use measure.
§ 170.204(a) Accessibility. Web Content Accessibility Guidelines (WCAG) 2.0, Level A Conformance (incorporated by reference in § 170.299).
§ 170.210(f) Encryption and hashing of electronic health information. Any encryption and hashing algorithm identified by the National Institute of Standards and Technology (NIST) as an approved security function in Annex A of the FIPS Publication 140-2 (incorporated by reference in § 170.299).