National, State and Local Standards
Meaningful Use Certification
This AWARDS Electronic Health Record is 2014 Edition compliant and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of the U.S. Department of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services or guarantee the receipt of incentive payments.
Product InformationRegulation § 170.523(k)(1)(i)-(ii) requires that developers post the following information on their website. This information can be found on the product’s Certificate of Compliance issued by Drummond Group upon successfully achieving certification.
- Developer organization name: Foothold Technology
- Date the product was certified: 7/10/2014
- Product name and version: AWARDS version 2.6
- Unique certification number: 07102014-2066-1
- Certification criteria to which the product has been certified: 170.314(a)(1-15); 170.314(b)(1-5, 7); 170.314(c)(1-3); 170.314(d)(1-8); 170.314(e)(1-3); 170.314(f)(1-3); 170.314(g)(2-4)
- CQMs to which the product has been certified: CMS068v3; CMS069v2; CMS128v2; CMS138v2; CMS155v2; CMS156v2; CMS161v2; CMS165v2; CMS166v3
- Any additional software the certified product relied upon to demonstrate its compliance with certification criteria: ePrescribing module, a Direct HISP connection, the Meaningful Use Dashboard, training and our Medical Diagnosis module
- ONC Disclaimer: “This Complete EHR is 2014 Edition compliant and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.”
HIPAA Information for our Clients
While AWARDS is HIPAA-compliant, Foothold understands that our customers may be confused about their responsibilities under HIPAA and experiencing some difficulty in determining whether and to what degree HIPAA affects them. Below you will find a link to a BAA that you should ask us to sign as well as a link to the Federal HHS home for HIPAA-related questions. (This information is provided “as is” without any express or implied warranty. This information does not constitute legal advice. If you require legal advice, you should consult with an attorney.) Additionally, Foothold has developed relationships with a number of high-quality, nationally known security firms and would be happy to put you in touch with them should you be interested.
For the most part, our industry has never really thought of itself as being part of the larger physical healthcare system and so, in many cases, HIPAA is thought of as something that your vendors can take care of for you. While that may be true in many cases, you are, in all likelihood, a Covered Entity under HIPAA and as a result, it is worth your looking into whether and to what degree your organization reflect the principles behind HIPAA.
Click here for a sample agreement that should be signed by and between the provider and any and all Business Associates as defined by HIPAA.
Click here for a link to the Federal HHS HIPAA Page.
Here are a few links with valuable information on HIPAA and compliance.
- The Centers for Medicare and Medicaid Services.
- Organization contracted to write and provide the implementation guides.
- New York State OMH HIPAA information.
HIPAA Compliance in AWARDSAmong other things, the new HIPAA regulations are designed to protect the security and privacy of agencies and the consumers they serve. At Foothold Technology, security is our top priority. Using Secure-Socket Layer (SSL) and 256-bit encryption technologies, Foothold Technology’s security is second to none. We utilize several layers of encryption to protect data from both external sources and internal accessibility. Below are a number of our specific security measures which should address any concerns you may have.
- AWARDS safeguards the confidentiality of chart records.
- All system users must authenticate themselves using a login and encrypted password. Passwords must meet minimum standards such as not using words found in a dictionary.
- Your agency has its own separate database and database server process with login accounts for your agency’s staff only.
- The database server is protected by a “firewall” that by default blocks all access except the secure sockets layer connection to the web server process running for your agency alone.
- All data transmitted to and from the database server uses 256-bit encryption, the highest legal limit. This is the same encryption used by online banking.
- Physical access to the servers is under lock and key. Backup media can be transported offsite by messenger and stored at a secure site under lock and key.
- No access to chart records is permitted unless the user is Direct Care staff in that clinical program as determined by caseload information, or the user is a supervisor in that program, or that program’s director has granted a specific permit to the user.
- Access to progress notes is restricted to the past 10 days unless the consumer is on the caseload of the user, or the user is the program director, or the program director has issued a specific permit to the user. All exception permits have expiration dates set at the time the permit is issued.
- AWARDS keeps an audit trail each time a progress note is viewed.
- AWARDS blocks all access to notes concerning incidents except by the note writer and users who have a permit to access these notes.
- Whenever an exception permit is issued to grant access to chart records, all administration staff with permits to issue such permits are automatically notified by an internal email message.
- End-to-end screening and tracking of individuals receiving services in any of the PROS Components including CRS, IR, ORS and optional Clinical Treatment
- One-click availability of the automated PROS Monthly Summary Record of Services (PROS Units Calculator)
- Intensive case tracking including Individualized Recovery Plans, PROS Progress Notes and Groups, Onsite/Offsite Program Attendance Tracking
- Standardization of agency data collection and charting procedures
- More staff accountability through reporting, audit trails and reminders
- Easier access to your data, accessible from any location at the agency
- Easier audits using AWARDS' robust reporting functionality
"Level Seven" refers to the seventh level of the International Organization for Standardization (ISO) seven-layer communications model for Open Systems Interconnection (OSI) - the application level. The application level interfaces directly to and performs common application services for the application processes. Although other protocols have largely superseded it, the OSI model remains valuable as a place to begin the study of network architecture.