ONC Certification

DHIT has solutions for all of your Certification needs:

HTI Versions

HTI-1

Published January 9, 2024
Enforcement Phased 2026–2027
Impacted Certification Criteria
170.315(b)(10) CDS 170.315(a)(5) Demographics 170.315(f)(5) eCR USCDI v3 Maintenance of Certification Information Blocking
Key Highlights
  • New Conditions & Maintenance of Certification requirements
  • Expanded USCDI v3 data classes across EHRs
  • “TEFCA Manner” Information Blocking Exception introduced
  • Expanded SOGI, disability & language data capture
Impact on Providers

Physicians

More structured data entry for SOGI, disability, and language fields. Expanded CDS alerts and required electronic case reporting workflows.

Hospitals

Must upgrade EHRs to support USCDI v3 data classes, adapt information blocking policies, and ensure certified IT updates are in place by 2026–2027.

HTI-2

Finalized January 15, 2025
Enforcement Begins 2026
Impacted Certification Criteria
TEFCA / QHIN Connectivity Modules 170.315(d) Privacy & Security TEFCA Manner Exception
Key Highlights
  • Codification of TEFCA exchange provisions for certified EHRs
  • Formalization of the TEFCA Manner Information Blocking Exception
  • Strengthened privacy & security certification modules
  • QHIN connectivity requirements integrated into certification
Impact on Providers

Physicians

Must shift to TEFCA-enabled networks for referrals and record exchange, with new workflow expectations around network participation.

Hospitals

Join TEFCA via EHR vendor or QHIN. Update organizational policies and strengthen security and privacy workflows to meet new certification standards.

HTI-3

Finalized December 2024
Enforcement Expected late 2025 – early 2026
Impacted Certification Criteria
Information Blocking Exceptions Privacy Exception Infeasibility Exception Protecting Care Access Exception
Key Highlights
  • Modifies Privacy & Infeasibility information blocking exceptions
  • New “Protecting Care Access” exception, especially for reproductive health
  • Clarifies certification program rules — no major new technical criteria
Impact on Providers

Physicians

Gain liability protections for restricting sensitive reproductive health information. May need to manage more nuanced patient consent workflows.

Hospitals

Must update data release policies, compliance frameworks, and conduct legal review for handling sensitive care access situations.

HTI-4

Published Mid-2025
Enforcement January 1, 2028 (most modules)
Impacted Certification Criteria
170.315(b)(11) Real-Time Prescription Benefit 170.315(b)(12) Electronic Prior Authorization 170.315(g)(31-33) Prior Auth APIs 170.315(j)(20) CDS Hooks 170.315(j)(21) Subscriptions 170.315(b)(3) ePrescribing
Key Highlights
  • New certification for e-prescribing, real-time Rx benefit, and prior auth
  • Adoption of NCPDP SCRIPT 2023011, RxNorm updates, and FHIR APIs
  • Modular criteria support phased certification approaches
  • CDS Hooks & FHIR Subscriptions formally adopted
Impact on Providers

Physicians

Will use real-time prescription benefit tools directly in the EHR, submit prior authorizations electronically, and adapt to updated prescribing modules.

Hospitals

Pharmacy and revenue cycle systems must integrate with RTPB and ePA. Plan system upgrades and staff training well ahead of the January 2028 deadline.

Gap Analysis

Gap Analysis

DHIT analyzes your software for conformance with ONC certification requirements in order to identify functionality gaps. We produce a detailed certification roadmap to guide your certification process. Based upon our gap analysis, DHIT can inform your decision to “build or buy” to achieve your certification goals.

Best of all: we credit back most of the Gap Analysis cost after purchasing one of our certified software solutions.

ONC Software

ONC Certified Software

DHIT has a suite of bolt-on ONC certified software products that can be quickly integrated to fill many certification requirements. Lots of vendors have utilized Dynamic FHIR API as relied-upon software, thereby lowering certification costs.

See All Certified Software
ONC certification

Certify or Relied Upon Software Solution

You may use DHIT’s certification or re-certify as a white labeled solution. To support you throughout the certification process, DHIT offers:

  • Mock Certification Testing
  • DHIT-guided Proctor Testing support with ONC-ATL
  • Guidance and consulting on quarterly attestation
Check Mark

Real World Testing

DHIT offers tiered support for developing and consulting of your Real World Testing (RWT) plans and test execution. Contact us about DHIT being your Trading Partner.

Check Mark

Ongoing Guidance

As industry experts, DHIT can offer consulting on the latest industry regulations, such as:

  • The New HTI-4 Rule – ePrescribing, Prior Authorization, and Real-Time Benefit
  • Consulting on ONC criteria such as 170.319 (b10) EHI Export, (a)(9) Clinical Decision Support, and more

Need ONC Certification?

Get in touch today with our certification experts.

Get in Touch

ONC Certified Criteria

ONC Certified HealthIT

CQMsolution

CQMsolution is certified for all ONC eCQMs.

  • 170.315 (b)(10): Electronic Health Information Export
  • 170.315 (c)(1): Clinical Quality Measures – Record and Export
  • 170.315 (c)(2): Clinical Quality Measures – Import and Calculate
  • 170.315 (c)(3): Clinical Quality Measures – Report
  • 170.315 (c)(4): Clinical Quality Measures – Filter
  • 170.315 (d)(1): Authentication, Access Control, Authorization
  • 170.315 (d)(2): Auditable Events and Tamper-Resistance
  • 170.315 (d)(3): Audit Report(s)
  • 170.315 (d)(5): Automatic Access Time-out
  • 170.315 (d)(12): Encrypt Authentication Credentials
  • 170.315 (d)(13):Multi-Factor Authentication
  • 170.315 (g)(4): Quality Management System
  • 170.315 (g)(5): Accessibility-Centered Design
CHPL Product Detail

ConnectEHR

ConnectEHR is certified for:

  • 170.315 (b)(1): Transitions of Care
  • 170.315 (b)(7): Security Tags – Summary of Care – Send
  • 170.315 (b)(8): Security Tags – Summary of Care – Receive
  • 170.315 (b)(10): Electronic Health Information Export
  • 170.315 (d)(1): Authentication, Access Control, Authorization
  • 170.315 (d)(2): Auditable Events and Tamper-Resistance
  • 170.315 (d)(3): Audit Report(s)
  • 170.315 (d)(4): Amendments
  • 170.315 (d)(5): Automatic Access Time-out
  • 170.315 (d)(6): Emergency Access
  • 170.315 (d)(7): End-User Device Encryption
  • 170.315 (d)(8): Integrity
  • 170.315 (d)(9): Trusted Connection
  • 170.315 (d)(12): Encrypt Authentication Credentials
  • 170.315 (d)(13): Multi-Factor Authentication
  • 170.315 (e)(1): View, Download, and Transmit to 3rd Party
  • 170.315 (e)(3): Patient Health Information Capture
  • 170.315 (f)(1): Transmission to Immunization Registries
  • 170.315 (f)(2): Transmission to Public Health Agencies – Syndromic Surveillance
  • 170.315 (f)(3): Transmission to Public Health Agencies – Reportable Laboratory Tests and Values/Results
  • 170.315 (f)(5): Transmission to Public Health Agencies – Electronic Case Reporting
  • 170.315 (g)(2): Automated Measure Calculation
  • 170.315 (g)(4): Quality Management System
  • 170.315 (g)(5): Accessibility-Centered Design
  • 170.315 (g)(6): Consolidated CDA Creation Performance
  • 170.315 (g)(7): Application Access – Patient Selection
  • 170.315 (g)(9): Application Access – All Data Request
  • 170.315 (g)(10): Standardized API for Patient and Population Services
  • 170.315 (h)(1): Direct Project
CHPL Product Detail