ONC Certification

This Health IT Module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Vendor name
MEDENT

Date certified
v23.7 – September 18, 2023

Product name and version
MEDENT v23.7

CHPL Certification ID
v23.7 – 15.04.04.1840.MEDE.23.02.1.230918

Certification criteria
170.315 (a)(1-5, 9, 12, 14-15); (b)(1-3, 9-10); (c)(1-3); (d)(1-9, 12-13); (e)(1,3); (f)(1-2, 4-5, 7); (g)(2-7, 9-10); (h)(1)

Certified clinical quality measures (CQM)
2v7; 22v6; 50v6; 52v6; 56v11, 65v7; 68v7; 69v6; 74v7; 75v6; 117v6; 122v6; 123v6; 124v6; 125v6; 127v6; 128v6; 130v6; 131v6; 132v6; 133v6; 134v6; 135v6; 136v7; 138v6; 139v6; 142v6; 143v6; 144v6; 145v6; 146v6; 147v7; 149v6; 153v6; 154v6; 155v6; 156v6; 157v6; 158v6; 159v6; 160v6; 161v6; 164v6; 165v6; 166v7; 167v6; 177v6, 347v6, 349v6, 951v1

Additional software used
NLM AccessGUDI API, Surescripts Clinical Direct Messaging, Surescripts ePrescribing

Additional Costs
Patient Portal – Included as part of the EMR for users of the MEDENT cloud. If a practice is not using the MEDENT cloud there is a monthly subscription charge.

Advanced Drug and ePrescribing – Included as part of the EMR for users of the MEDENT cloud. If a practice is not using the MEDENT cloud there is a monthly charge.

Identity Proofing – In order to send prescriptions electronically providers must go through an Identity proofing process.

Data Export Module (used for interfaces, e.g. immunization, cancer, specialized, etc.) – An additional module that has a cost associated with it.

Updated Standard Versions
§ 170.315(c)(3) – Clinical quality measures (CQMs) — report
CMS Implementation Guide for Quality Reporting Document Architecture: Category III; Eligible Clinicians and Eligible Professionals Programs; Implementation Guide for 2024
Effective Date of Standard: 11/22/2023

§ 170.315(b)(1) Transitions of Care;
§ 170.315(b)(2) Clinical Information Reconciliation and Incorporation;
§ 170.315(e)(1) View, Download, and Transmit to 3rd Party;
§ 170.315(f)(5) Transmission to Public Health Agencies — Electronic Case Reporting;
§ 170.315(g)(6) Consolidated CDA Creation Performance; and
§ 170.315(g)(9) Application Access — All Data Request.
USCDIv1

Real World Testing
2025 Real World Testing Plan
2024 Real World Testing Plan
2023 Real World Testing Plan
2023 Real World Testing Results
2022 Real World Testing Plan
2022 Real World Testing Results

Standardized API – FHIR Documentation
FHIR API Terms of Service
FHIR API Documentation
FHIR Service Base URL Information

Patients can revoke access to their information for an app they gave permission using the Revoke Access in the Patient Portal under Linked Apps > FHIR Apps. Selecting this will option will immediately revoke access.

FHIR Resource Specifications
Allergy Intolerance
Care Plan
Care Team
Condition (EncounterDx)
Condition (ProblemList)
Device
Diagnostic Report
Document Reference
Encounter
Goal
Group
Immunization
Location
Medication
MedicationRequest
Observation (Laboratory)
Observation (SocialHx)
Observation (VitalSigns)
Organization
Patient
Practitioner
Procedure
Provenance
Note: * in a field name denotes an array

Electronic Health Information Specification
EHI Setup and File Format Specification

Allergy File Specification
Appointment File Specification
CareTeam and Resources File Specification
Diagnosis File Specification
Document Listing File Specification
Encounter File Specification
Exchanged Patient Level Files
Eye/Contact Script File Specification
Financial File Specification
Goals File Specification
HIPAA File Specification
Immunization File Specification
Info File Specification
InsurancePlan File Specification
Location File Specification
MedicalHistory File Specification
Medication File Specification
OBEpisode File Specification
OBOutcome File Specification
Order File Specification
Patient File Specification
PatientPlan File Specification
ProblemList File Specification
Procedures File Specification
Progress Note Listing File Specification
Provider File Specification
Referral File Specification
Result File Specification
Screening and Assessment Specification
SocialHistory File Specification
SurgicalHistory File Specification
Vital File Specification

C-CDA R2.1 MEDENT API
MEDENT API Terms Of Service (C-CDA R2.1)
MEDENT API Documentation (C-CDA R2.1)

Multi-factor Authentication
As an additional layer of security, MEDENT offers a free, two-step verification when logging into MEDENT and MEDENT Mobile. If this is enabled, users will need to enter a code generated on their mobile device after entering their user name and password. Without this code, they will not be able to log into MEDENT.

Users can enable this, or an administrator can enforce it for some or all users.

MEDENT uses a time-based one-time password (TOTP), so users are not required to use a specific mobile app. Popular apps that support this form of two-step verification are Google Authenticator, Microsoft Authenticator, and Authy.

Use Cases for Multi-factor Authentication

Secure Login: If set up and enabled, upon logging into MEDENT or MEDENT Mobile, users are prompted to enter a code generated by an authentication app that uses a time-based one-time password (TOTP) such as Google Authenticator or Authy.

Electronic Prescriptions for Controlled Substances (EPCS): As required by the DEA and approved by a third-party auditor, MEDENT uses two-factor authentication to sign controlled substance prescriptions before it transmits controlled substances electronically. Prescribers have the option to use a USB hardware token or mobile app as one of the factors. Both options meet the criteria of FIPS 140–2 Security Level 1.

Carequality

Information Handling Practices
MEDENT does not store the information transmitted for Carequality transactions.