Knowledge Base
Artifacts for Evidence of Correct Use of StartTLS
Using Edge Protocol for SMTP: “The Health IT Module provides documentation of the Heath IT module’s ability to reject the connection for a TLS session initiated with a HISP due to an invalid certificate.”
One option for meeting this criterion is to provide attestation.
For customers using EMR Direct Interoperability Engine, inform your proctor that you are using SMTP for both send and receive for 170.315(b)(1) so that your proctor will know to run the SMTP send and receive tests in the ETT with you during your certification testing. Then, regarding the additional items that are not already tested by the ETT:
EMR Direct phiMail uses SMTP for 170.315 b.1 RECEIVE and SEND, so if your software is relying on phiMail for b.1, you would only attest to the item(s) that relate to SMTP.
You would not make attestations related to IMAP or POP3 because you will not be using those optional protocols through phiMail.
If additional "documentation" is required by your proctor or your proctor requires documentation as part of the other option to meet this criterion, contact EMR Direct Support to request this information from us.
When relying on EMR Direct during certification testing, please ask your proctor to indicate EMR Direct's vendor name, product and version as indicated in the testing guide documentation you obtained from us. Contact support@emrdirect.com if you need a different version of the certification testing guide than was sent to you when you registered as a developer with us.
Did this article answer your question? If not, please contact us.