none
Using HealthVault for the demonstration of the MU criteria "§170.314(e)(1) View, download, and transmit to 3rd party" RRS feed

  • Question

  • Hi,

    We are using HealthVault as a patient portal for our patients. We use master - child app model. We contribute CCDA using record authentication method using patient connect. We are already certified for MU stage 1 and we are planning to get certified for MU stage 2 as complete EHR.

    Since we use HealthVault as our patient portal, I believe we could demonstrate the MU2 criteria "§170.314(e)(1) View, download, and transmit to 3rd party" using HealthVault.

    If I am correct I have the following question based on the test script provided by our proctor.

    1. We need information about encryption algorithm and corresponding key length, hashing algorithm, and authentication method used by MS HealthVault while communication.?

    2. How do we  identify/find DCDT's Trust Anchor (official test tool) in MS HealthVault's trust store? (How to demonstrate this to the proctor?)

    3. How to demonstrate that the TTT's Public Key Certificate and Trust Anchor can be found in the MS HealthVault's trust store?

    4. Where to track the log of the activities for the messages sent from HealthVault?

    5. To whom should I contact to get the WCAG validation report for HealthVault and the tool used for WCAG validation?

    Kindly suggest me with these question for that 

    Thanks,

    Robert

    Saturday, March 8, 2014 12:18 AM

Answers

  • Hi Robert,

    For #1, you can get the necessary information by visiting any HealthVault page, and in IE 10, right-clicking, then properties. You'll see "Connection" info like the following:

    TLS 1.0, AES with 128 bit encryption (High); RSA with 2048 bit exchange

    Additionally, in IE you can click the "lock" icon on the address to view the SSL certificate details, like the hash algorithm.

    For #2 and #3, HealthVault PPE is already provisioned with the trust anchors needed to demonstrate the transmit scenarios. You can visit HealthVault Message Center to exchange messages with the test tools.

    #4: From HealthVault visit the "History" page (from the main left navigation column). Towards the bottom of the page you'll see an option for "All view, download, and transmit activity ... ". This log lists message transmissions.

    5: If the business contracts are in place for your application, please contact hvtech at microsoft dot com to get this info.

    Tuesday, March 18, 2014 1:37 AM

All replies

  • Can anyone help with my questions?
    Monday, March 17, 2014 6:44 PM
  • Hi Robert,

    For #1, you can get the necessary information by visiting any HealthVault page, and in IE 10, right-clicking, then properties. You'll see "Connection" info like the following:

    TLS 1.0, AES with 128 bit encryption (High); RSA with 2048 bit exchange

    Additionally, in IE you can click the "lock" icon on the address to view the SSL certificate details, like the hash algorithm.

    For #2 and #3, HealthVault PPE is already provisioned with the trust anchors needed to demonstrate the transmit scenarios. You can visit HealthVault Message Center to exchange messages with the test tools.

    #4: From HealthVault visit the "History" page (from the main left navigation column). Towards the bottom of the page you'll see an option for "All view, download, and transmit activity ... ". This log lists message transmissions.

    5: If the business contracts are in place for your application, please contact hvtech at microsoft dot com to get this info.

    Tuesday, March 18, 2014 1:37 AM