Cerner 2015 Edition Certified Health IT Costs Information

Cerner is proud to offer products that are certified under the Office of the National Coordinator (ONC) for Health Information Technology’s Health IT Certification Program. Contained within is a list of Cerner’s certified Health IT Modules, the respective offerings, types of cost information, and significant implementation guidance for each.

The certified Health IT Modules listed within are 2015 Edition compliant and have been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

To obtain more information about how Cerner products meet the ONC 2015 Edition certification standards, please email us at [email protected]. For unique certification numbers and test reports, please see ONCs Certified Health IT Product List.

Products listed within may incur varying degrees of costs related to professional services to support new implementations and upgrades depending on the election of the client under their contractual agreement with Cerner. Please note that in cases of upgrading code levels related to the applicable certified products, there may be optional implementation costs associated to adopt new features upon upgrade. Additionally, while professional services for upgrades are not generally required, they can help ensure questions related to adoption of new features are appropriately responded to and implementation of content and functionality better considers intended use.

NOTE: For clients using Cerner’s CommunityWorks, Ambulatory Application Service Provider (ASP), or Integrated Behavioral Health services to support use of Cerner’s certified products and who rely on Cerner to provide application and system management support on an outsourced basis as part of these offerings, reference to “Client” within this disclosure can mean user roles directly supported by Cerner associates acting in their capacity to provide application management services covered by such offerings. As a part of the outsourcing, clients should expect services to include managed IT infrastructure, system operations management and reference database configuration change management. Certain third-party software costs are included in the cost of these services. Any requests for services that fall outside the scope of the managed services offering will need to be evaluated for additional service fees.

It should also be noted that configuration of interfaces, exports or outputs of clinical documents or data that goes beyond the specifications, standards or requirements tested by certification are considered outside the CommunityWorks, Ambulatory ASP, and Integrated Behavioral Health offerings. Any such request that involves use of advanced qualification parameters, modification of standard reporting programs or interfaces to be adapted for other purposes are considered beyond the intended use of the certified capabilities and are subject to a fee.

Cerner 2015 Edition Certified Health IT V. 32 Page 1 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Table of Contents Cerner Millennium Certified Health IT Modules Antimicrobial Usage and Resistance Electronic Lab Results FirstNet (Clinical) FirstNet (CQMs) FirstNet (Immunizations) HealtheAnalytics: Promoting Interoperability HealtheLife HealthSentry Message Center P2 Sentinel PowerChart (Clinical) PowerChart (CQMs) PowerChart (Health Care Surveys) PowerChart (Immunizations) PowerChart Touch Syndromic Surveillance

Cerner Soarian Certified Health IT Modules Soarian Clinicals Soarian DM (Soarian Document Management) Patient Portal – MMD Provider Portal NOVIUS Lab

Appendix A: Active Certified Health IT Module Versions

Cerner 2015 Edition Certified Health IT V. 32 Page 2 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Cerner Millennium Certified Health IT Modules

Antimicrobial Usage and Resistance Reporting See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables Required costs include a software license for PowerChart (or Configuration of Millennium Core Security for user account security privileges, Authentication, Access authentication against unique user identifiers PowerChart Ambulatory or PowerChart ASP). authentication parameters, and related access controls is required for use of Control, Authorization (i.e. username/password) to gain access to the certified capability. As a part of standard implementation, defining and electronic health information, and includes administering users, security roles, authorization and authentication the ability to control the specific access and parameters, and the like is required. privilege rights a user is granted. Use of any advanced authentication methodologies, such as biometrics or Relied upon software: Cerner PowerChart cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities, but are not incompatible with their use.

§ 170.315(d)(2) Supports event creation capabilities for Required costs include a software license for PowerChart (or Configuration of the Millennium Core Audit Service, including enabling of Auditable Events and security auditing of access to ePHI via PowerChart Ambulatory or PowerChart ASP). Optional costs desired audit events for logging and hash algorithm for tamper detection of Tamper-Resistance Antimicrobial Use (AU) and Antimicrobial include the P2Sentinel Listener to enable audit events to be sent captured audit data, must be completed for use of the certified capabilities. Resistance (AR) report execution, including from the Millennium platform on which the certified product integrity protection of recorded audit logs. operates to an external third-party audit reporting application. If a third-party audit reporting application is used, configuration of audit Additional services-related costs may apply for configuration of events to be securely transmitted from Millennium is required. Audit event Relied upon software: Cerner PowerChart, outbound audit event data to meet the formatting constraints of data is captured and transmitted outbound to the audit log repository in XML ntpd (Linux) any such third-party audit reporting application. format according to the Audit Trail and Node Authentication (ATNA) profile standard message structure and may be subject to customization or modification to conform to the inbound formatting requirements of any such third-party application.

§ 170.315(d)(3) Enables creation of sortable audit reports for Required costs include a software license for PowerChart (or Reporting capabilities for audit events and data from the certified product Audit Report(s) specific time frames, and based on specific PowerChart Ambulatory or PowerChart ASP). that are captured via Millennium Core Audit Service require use of an external parameters such as user ID, patient ID, type of audit repository and reporting application to which audit data is securely action, etc. Use of P2Sentinel as the audit repository and reporting transmitted after capture supporting physical separation of the audit log from application is recommended and is subject to additional licensing the HIT module that is the subject of the audit in accordance with good Relied upon software: ntpd (Linux) costs. If a certified third-party audit reporting application (e.g. security practices. P2Sentinel is recommended as the audit reporting Fair Warning) is used in place of P2Sentinel, a license for the application, but third-party applications may also be leveraged. P2Sentinel Listener is recommended (but not required). If a third-party audit reporting application is used, implementation of the P2Sentinel Listener is highly recommended as best practice for interfacing data from the Millennium environment to the foreign application. Without it, there is potential for communication issues with residual impact on system performance in Millennium.

Cerner 2015 Edition Certified Health IT V. 32 Page 3 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(d)(7) The certified product is designed to prevent Required costs include a software license for PowerChart (or Storage of data locally on end-user devices is not utilized by the applications End-user Device any persistent storage of electronic health PowerChart Ambulatory or PowerChart ASP). and capabilities within scope of the certified product. Encryption capabilities Encryption information processed via the AU/AR reports for server-side or data center hosting and ad hoc user actions to export ePHI locally to end-user devices (e.g. temp files, for local/personalized storage is beyond the scope of certification testing for cookies, caches). the criterion.

Relied upon software: Cerner PowerChart § 170.315(f)(6) Enables creation of antimicrobial usage and Required costs include software licenses for PowerChart, Required costs accommodate the following pre-requisites for the certified Transmission to Public resistance reporting information formatted Pharmacy Inpatient, Medication Administration Record (MAR) or capabilities: Health Agencies — according to HL7 CDA standards for Point of Care, Cerner Microbiology or discrete Microbiology (1) MAR or Point of Care for recording medication administration data Antimicrobial Use and Healthcare Related Infection Reports. interface with susceptibility results and organisms, Discern (2) Pharmacy Inpatient for order catalog linkage to MAR/Point of Care Explorer, and AUR reporting extract subscription. Cerner MPages (3) Cerner Microbiology or discrete interface for structured microbiology and Resistance Reporting Relied upon software: Cerner PowerChart licensing with installation of version 5.2+ is optional for the susceptibility results associated Antimicrobial Stewardship Worklist. The certified reporting capabilities require up-front configuration to define antimicrobials and susceptibility results in Millennium Core Code Builder, and National Healthcare Safety Network (NHSN) location mapping. Operations processes must be implemented to support data loads for the reporting period, including historical data. Use of self-developed components/workflows beyond the scope of the standard reporting design assumptions may result in non-reportable data.

§ 170.315(g)(4) Establishes controls for and monitors No associated costs or fees Quality Management compliance with the quality standards under N/A System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A § 170.315(g)(5) Encompasses the processes by which the No associated costs or fees N/A Accessibility Centered accessibility standards employed in the Design development of the certified capabilities.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 4 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Electronic Lab Results See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are considered a Configuration of user accounts with associated security privileges, Authentication, Access authentication against unique user identifiers core component of the Health IT module itself, and no separate authentication parameters, and related access controls is required for use of Control, Authorization (i.e. username/password) to gain access to the licensing is required for the certified capability apart from the the certified capability. Electronic Lab Results application, and licensing required for the Health IT module. includes the ability to control the specific Use of any advanced authentication methodologies, such as biometrics or access and privilege rights a user is granted cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external Relied upon software: N/A authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities.

§ 170.315(d)(2) Supports event creation capabilities for No associated costs or fees – the security auditing capabilities Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting Auditable Events and processing and disclosure of ePHI by the provided by the Cerner Sentinel (Cloud Auditing) service are application requires Cerner Cloud account set up, which can be managed at Tamper-Resistance Electronic Lab Results application, including considered embedded with the licensing of the Health IT module an enterprise level. integrity protection of recorded audit logs. itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once Cures Update criterion certification available deployed and does not require or support management of specific events of as of product version 2021. interest to be logged as the big data foundation model follows an approach of always sending everything. Relied upon software: Cerner Sentinel (Cloud Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the audit Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting Audit Report(s) specific time frames, and based on specific reporting capabilities provided by the Cerner Sentinel (Cloud application requires Cerner Cloud account set up, which can be managed at parameters such as user ID, patient ID, type of Auditing) reporting application is available via licensing of the an enterprise level. action, etc. Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to Cures Update criterion certification available the Cerner Sentinel audit repository, which is uniquely accessible using the as of product version 2021. Cerner Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format from the Cerner Sentinel audit repository for incorporation into a Relied upon software: Cerner Sentinel (Cloud third-party application is enabled via Secure File Transfer Protocol (SFTP), but Auditing) may require additional customization or modification of the event formatting to align with inbound formatting requirements of the third-party.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – The capabilities are considered a Storage of data locally on end-user devices is not utilized by the applications End-user Device any persistent storage of electronic health core component of the Health IT module itself, and no separate and capabilities within scope of the certified product. Encryption capabilities Encryption information processed via the Electronic Lab licensing is required for the certified capability apart from the for server-side or data center hosting and ad hoc user actions to export ePHI Results application locally to end-user devices licensing required for the Health IT module. for local/personalized storage is beyond the scope of certification testing for (e.g. temp files, cookies, caches). the criterion.

Cerner 2015 Edition Certified Health IT V. 32 Page 5 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification is available as of product version 2021.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified-health-it for details on any supported MFA use-cases. Certification is available as of product version 2021.

Relied upon software: N/A § 170.315(f)(3) Enables creation and transmission of Required costs include software licenses for General Laboratory To enable the certified capability to be used, PathNet data feed must be Transmission to Public laboratory tests and results data for external and Microbiology (unique Microbiology license only required if configured for the submission of data to the Electronic Lab Results Health Agencies — reporting to public health agencies formatted discrete micro results are not supported via Gen Lab). Both set up application, and onboarding activities with local or state public health Reportable Laboratory according to the HL7 2.5.1 standards for fees and support services are also required for Electronic Lab jurisdiction completed, including registration of intent. LOINC and SNOMED- Electronic Laboratory Reporting to Public Results, along with LOINC and SNOMED-CT content for codified CT mapping for laboratory reportable conditions in Cerner Millennium is also Tests and Value/Results Health. result data. required.

Relied upon software: N/A Optional costs include professional services for LOINC code LOINC codes must be present at both orderable and result level in Cerner assignment and data services connections to additional public Millennium and a content package must be installed prior to implementation health agencies. for SNOMED-CT mappings. Any additional SNOMED-CT codes required by the public health registry for submission that are not included in the pre-requisite content package can be accommodated by Cerner via assignment in the Electronic Lab Results application directly.

§ 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 6 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

FirstNet (Clinical) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(a)(1) Includes the capability to electronically Required costs include software licenses for Emergency As part of the appropriate use of the certified capability, clients are expected to Computerized Physician record, change, and access a patient’s Medicine (FirstNet) and PowerOrders, and a Multum content maintain currency with Multum content updates to have accurate reflection of Order Entry (CPOE) – medication orders. subscription. Ongoing support costs are required based on the the current RxNorm code set. Use of Cerner-provided ancillary departmental Medications solution licenses. ordering conversations, such as are available within PharmNet, are not Relied upon software: N/A considered to be within scope of the certified capabilities.

Availability of medication orders for CPOE requires configuration and ongoing maintenance of a pharmacy order catalog and appropriate role-based security.

§ 170.315(a)(2) Includes the capability to electronically Required costs include software licenses for Emergency Use of Cerner-provided ancillary departmental ordering conversations, such as Computerized Physician record, change, and access a patient’s Medicine (FirstNet) and PowerOrders. Ongoing support costs are available within PathNet, are not considered to be within scope of the Order Entry (CPOE) – laboratory orders. are required based on the solution licenses. certified capabilities. Laboratory Relied upon software: N/A Availability of laboratory orders for CPOE requires configuration and ongoing maintenance of a laboratory order catalog and appropriate role-based security.

§ 170.315(a)(3) Includes the capability to electronically Required costs include software licenses for Emergency Use of Cerner-provided ancillary departmental ordering conversations, such as Computerized Physician record, change, and access a patient’s Medicine (FirstNet) and PowerOrders. Ongoing support costs are available within RadNet, are not considered to be within scope of the certified Order Entry (CPOE) – diagnostic imaging orders. are required based on the solution licenses. capabilities. Diagnostic Imaging Relied upon software: N/A Availability of diagnostic imaging orders for CPOE requires configuration and ongoing maintenance of an imaging order catalog and appropriate role-based security.

§ 170.315(a)(4) Includes the capability to detect and alert Required costs include software licenses for Emergency As part of the appropriate use of the certified capability, clients are expected to Drug-drug, Drug-Allergy end-users of drug-drug and drug-allergy Medicine (FirstNet) and PowerOrders, and a Multum content maintain currency with Multum content updates to have accurate reflection of Interaction Checks for interactions when placing medication orders, subscription for mCDS. the current RxNorm code set and drug-drug/drug/allergy interaction content, CPOE and the ability to manage the severity level including reference sources. Use of other Multum content is outside the scope of by which interaction alerts are triggered. the certified capabilities.

Relied upon software: N/A Successful implementation of the certified capabilities requires Multum content installation and enabling of preferences for drug-drug/drug-allergy interaction checking. Clients can configure preferences to fit their individual policies for alert levels (e.g. moderate, major, contraindicated, etc.). Drug-allergy interaction checking is not supported for inactive ingredients that may be included in medications (e.g., food-based ingredients) or IV solution base components (e.g., dextrose, sodium chloride, etc.). Full details are published in Cerner’s Managing Cerner Multum Content Reference Page. . § 170.315(a)(5) Includes the capability to electronically Required costs include a software license for Emergency Demographics response values are not required to be natively captured in Demographics record, change, and access certain patient Medicine (FirstNet). A software license for Cerner Practice registration conversations within Millennium, but mapping to defined standards demographics – including race & ethnicity, Management or Cerner Registration Management are optional must be in place regardless of the upstream data source. Existing registration preferred language, birth sex, and sexual costs as clients can also choose to utilize Millennium Core conversations may require updates to enable recording that a patient declines to orientation & gender identity – in accordance

Cerner 2015 Edition Certified Health IT V. 32 Page 7 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

with defined vocabulary standards & code Registration at no cost, or an inbound interface from a third- specify for applicable demographic elements, and multi-select capability for race sets. party registration system. and ethnicity.

Relied upon software: N/A The certified capabilities also assume that the Social History module is used to document Sexual Orientation and Gender Identity (SO/GI) information. However, it is up to the discretion of the client as to whether they will actively collect it. Sexual Orientation and Gender Identity (SO/GI) recording requires separate mapping of local responses to defined standards via Cerner Knowledge Index concepts, and standard functionality does not support inbound interfacing of SO/GI data from a third-party source system.

Successful implementation of the certified capabilities requires mapping of local Millennium response values to the defined standards for each demographic category using code value aliasing. Where a third-party registration system is used with an inbound interface, this depends on accurate inbound aliasing of response values upstream when interfaced from the source system. The ability of the source system to support use of the required code sets or to enable multi- select capability for race and ethnicity should also be assessed for any downstream impacts on the certified capabilities within Millennium.

§ 170.315(a)(9) Includes the capability to configure CDS Required costs include software licenses for Emergency Active use of the Infobutton retrieval capability requires integration of external Clinical Decision interventions inclusive of source attribute Medicine (FirstNet) and Cerner MPages. A software license for content that adheres to the URL-based implementation of the Infobutton Support (CDS) information to be presented to end-users either Discern Expert or PowerOrders, or a Quality Reporting standard, which may require contracting with third-party vendors. based on clinical data in the Electronic Health content subscription are also required to enable CDS Record (EHR), along with retrieval of intervention options that are considered valid within the Where applicable, clients are responsible for ensuring CDS interventions are diagnostic and therapeutic reference product’s certification. Integration of third-party source content enabled and maintained for the duration of any Meaningful Use/Promoting information using the Infobutton standard. for use with the Infobutton retrieval capability is optional and Interoperability reporting period. may be subject to additional third-party costs. Relied upon software: Cerner MPages Successful implementation of the certified capabilities requires installation of MPages version 6.3 or higher with the appropriate MPages components enabled. Appropriate configuration of rules logic, documentation and/or order templates, and any other components of selected CDS interventions is also required.

§ 170.315(a)(10) Includes the capability to automatically query Required costs include software licenses for Emergency If using Formulary & Benefit functionality included in Cerner ePrescribe, the Drug Formulary and for the existence of a drug formulary or Medicine (FirstNet), PowerOrders, Cerner ePrescribe, and a prescriber must be registered with Surescripts, obtain a Surescripts Provider ID Preferred Drug List preferred drug list for a particular patient and Multum content subscription. For client-hosted (CHO) clients, (SPI), and implement both the Pharmacy Directory, and formulary checking Checks medication. additional costs for a VPN solution to securely connect the functionality. Millennium domain to Cerner’s ePrescribing Hub may apply. Relied upon software: N/A It is assumed that formulary checking is enabled for all electronic prescribing workflows but associated objective measurement is dependent on validation that the check occurred based on evidence written to the electronic prescription activity data. Any introduction of self-developed ordering conversations for electronic prescribing is beyond the scope of certified capabilities.

In addition to Surescripts pre-requisites for Formulary & Benefit functionality, a provider’s demographic information (address, phone, fax, identifiers) must also be configured in the Millennium environment, and Millennium pharmacy order catalog (including Multum content updates) must also be maintained to reflect the commercial availability of prescription products. If using Millennium order catalog formulary status indicator functionality, a preference must be set to

Cerner 2015 Edition Certified Health IT V. 32 Page 8 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

enable formulary checking, and orderables in the order catalog must be flagged with the appropriate formulary status.

§ 170.315(a)(12) Includes the capability to electronically Required costs include a software license for Emergency The certified capabilities assume that recording is performed via the Millennium Family Health History record, change, and access a patient’s family Medicine (FirstNet) and a Cerner Controlled Medical Histories control; use of non-certified or custom components is outside the scope health history using SNOMED-CT vocabulary Terminology (CMT) content subscription for SNOMED-CT of the product’s certification and may limit availability of data for downstream for documented conditions. mapping. functionality.

Relied upon software: N/A Successful implementation of the certified capabilities may require mappings for the current form of capture of first-degree relations to the National Human Genome Research Institute code set values.

§ 170.315(a)(13) Includes the capability to suggest patient Required costs include software licenses for Emergency Active use of the Infobutton retrieval capability requires integration of external Patient-Specific education resources based on a patient’s Medicine (FirstNet) and Cerner MPages. Licensing of specific content that adheres to the URL-based implementation of the Infobutton Education documented problems and medications and third-party content for integration with the Infobutton retrieval standard, which may require contracting with third-party vendors. The workflow retrieved using the Infobutton standard. capability is an optional cost. MPages Patient Education Component or Patient Education Module are optional functionality enabling provision of additional non-Infobutton suggested education Relied upon software: Cerner MPages content for measurement. Use of workflows or self-developed components not enabled for electronic education suggestion are incompatible with associated objective measurement.

Successful implementation of the certified capabilities requires installation of MPages version 6.3 or higher with the appropriate MPages components enabled. A diagnosis/problem or medication is required to trigger suggestion of education, and any new or custom added education must be mapped to appropriate codes (SNOMED, ICD10) to effectively “suggest.” Content added to the Millennium environment via Cerner packages is pre-mapped, but additional mapping can occur manually.

§ 170.315(a)(14) Includes the capability to manage a list of a Required costs include software licenses for Emergency While utilization of barcode scanning to record and parse a UDI is not specified in Implantable Device List patient’s implantable devices, including Medicine (FirstNet). Supply Chain Point of Use or Departmental the certification criterion, it is recommended for use to provide for an optimal recording and parsing Unique Device Clinical Supply Chain for Surgery with Surgical Management and end-user workflow. Identifiers (UDI) and to support automated barcode scanner hardware are optional costs for automated retrieval of additional device attributes from recording/parsing of Unique Device Identifiers (UDI) via Successful implementation of the certified capabilities requires configuration of the Global Unique Device Identifier Database barcode scanning. the Implant History control and enabling of the GUDID query service. If the (GUDID). recommended barcode scanning capability is implemented, successful automated recording and parsing of the UDI via scan is dependent upon item reference data Relied upon software: N/A being pre-built in the Cerner Item Master at the manufacturer catalog item level with associated UPN Device Identifier (DI) defined. If barcode scanning is not implemented, recording and parsing of UDIs will require manual entry in the Implant History record, including the DI for GUDID querying.

Standardized interfacing of UDIs from a third-party system to the Cerner Implant History module, whether in parsed or un-parsed state, is not supported. If initial capture of UDIs for implantable devices occurs in a separate upstream software application, recording and parsing of the UDIs will require manual re-transcription into Cerner’s Implant History control.

Cerner 2015 Edition Certified Health IT V. 32 Page 9 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(b)(1) Includes the capability to create transition of Required costs include software licenses for Emergency Exchange using the product’s certified capability is based on use of the ONC Transitions of Care care documents in accordance with the HL7 Medicine (FirstNet), Cerner Direct HISP (*one-time set up fees Applicability Statement for Secure Health Transport; use of any other secure Consolidated Clinical Document Architecture also apply), and CAMM Digital Objects, a Cerner Controlled electronic transport formats or protocols is not a valid use of the certified (C-CDA) Release 2.1 standards inclusive of Medical Terminology (CMT) content subscription for SNOMED- capabilities. Based on Promoting Interoperability program measure definitions, required data element categories, and to CT, ICD-10, LOINC, HL7, CDC & OMB standard code sets for race other electronic transport methods may be used and qualify for measurement, subsequently exchange them using secure & ethnicity, RFC5646 standard for preferred language, UCUM, but such use-cases would fall outside the scope of the product’s certified Direct messaging standards. Also included is CPT-4, and HCPCS, and a Multum content subscription for capabilities. If not utilizing Cerner Direct HISP for secure clinical document, a the capability to receive and display RxNorm, CVX, and NDC. license with a third party HISP would be required along with a Cerner license for transition of care (ToC) C-CDA documents in AIS to enable XDR connectivity (*Cerner Direct HISP licensing also still required). human-readable format and to detect Optional costs include Advanced Interoperable Solutions (AIS) conformance errors. license and associated set up fees for XDR/XDM, and an Cerner Direct HISP messaging is isolated to verified exchange partners under the additional software license for Cerner Direct Web Inbox active DirectTrust Trust Bundles for bi-directional communication (send and Relied upon software: Cerner Direct HISP enabling exchange with a recipient community provider who receive), and National Association for Trusted Exchange (“NATE”) for does not otherwise have Direct messaging capabilities. If opting unidirectional communication (send only). Generally, exchange outside these for set up of a custom Direct messaging domain for the Cerner trusted networks is not needed, but should a client determine additional Direct Inbox (versus building as an extension of the primary exchange partners are necessary, a service request can be logged to Cerner Cerner Direct domain for the Millennium environment), an indicating the third-party HISP with which communication is desired, along with a additional software license is required. business contact from that third-party HISP to begin the process. Cerner will facilitate the initial and ongoing third-party contract maintenance, technology An additional software license may be required to enable Direct development, testing, and support required to maintain these one-off exchange communication with recipients beyond those connections. All third-party HISPs are required to sign Cerner’s connection serviced by HISPs participating in the active DirectTrust Trust agreement providing basic protections to both Cerner and our clients. There is no Bundles for bi-directional communication (send and receive), cost to the third-party HISP to participate in this agreement. Clients choosing this and National Association for Trusted Exchange (“NATE”) for additional connectivity inherit Direct communication capabilities with all unidirectional communication (send only). approved third-party HISPs submitted by other clients participating in the same software license.

Use of the certified capabilities requires Message Center, Clinical Reporting XR, and the Clinical Document Generator (CDG) service. Use of the Direct External Address Book, ToC Operations Job, MPages, Resonance (document exchange), and CommonWell are optional.

Personnel who are involved in the use of the certified system for clinical document exchange should have a Direct Messaging address that is serviced by the Cerner Direct HISP. Users must also ensure medical code sets for problems, medications, and medication allergies have been implemented to support codification for associated objective measurement requirements. Data conversion and mapping may be required for use of non-standard code sets. Use of non-standard data capture for problems, medications, and medication allergies is problematic for inclusion of those clinical data elements in meeting requirements for associated objective measure credit. For the Implantable Device List included in the Medical Equipment section of C-CDA documents, device entries with a UDI and a status of active (i.e. currently implanted) are included in the C-CDA. An additional enhancement to populate active Implant History entries without a UDI is also available for all certified code levels.

Cerner 2015 Edition Certified Health IT V. 32 Page 10 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

inpatient setting only) Discharge Summary document templates. Use of any non- certified capability for the recording of required structured clinical data to be included in ToC documents may not be compatible with the certified capabilities for ToC creation.

§ 170.315(b)(2) Includes the capability to accurately match a Required costs include software licenses for Emergency For reconciliation capabilities to perform optimally it is vital that clients stay Clinical Information received transition of care C-CDA document Medicine (FirstNet) and Cerner MPages, and content current on nomenclature content updates for allergies (Multum), problems (ICD- Reconciliation and to a local patient record and to reconcile subscriptions for Multum and Cerner Controlled Medical 10, SNOMED CT), and medications (Multum). Incorporation problems, medications, and medication Terminology (CMT). allergies data to produce a single Successful implementation of the certified capabilities requires installation of consolidated reconciled list in the patient’s MPages version 6.3 or higher with the Histories (problems), Home Medications, Electronic Health Record (EHR) that can be and Allergies Workflow components enabled and configured to allow for included in subsequently generated reconciliation of external/unverified data. transition of care C-CDA documents.

Relied upon software: Cerner MPages § 170.315(b)(3) Includes the capability to transmit and Required costs include software licenses for Emergency To transact on the Surescripts electronic prescribing network, prescribers must be Electronic Prescribing receive prescription messages according to Medicine (FirstNet), PowerOrders, Cerner ePrescribe, and a registered with Surescripts and obtain an SPI (Surescripts Provider ID). With National Council for Prescription Drug Multum content subscription. For client-hosted (CHO) clients, standard implementation, external Rx history data is available for outpatient Programs’ (NCPDP) 10.6 standard, for the additional costs for a VPN solution to securely connect the encounters and at discharge only for inpatient and emergency department New, Change, Cancel, Refill, Fill Status, and Millennium domain to Cerner’s ePrescribing Hub may apply. encounters. Availability of external Rx history data at admission for inpatient and Medication History transactions, along with emergency department encounters is subject to additional costs. enforcing leading/trailing zeros logic and mL Additionally, although out of scope for the criterion, dosing units for oral liquid medications. ePrescribing of Controlled Substances (EPCS) may require The certified capability includes notification alert messages to providers for additional licensing and costs if a client chooses to leverage that electronic prescription failures. If the transmission of a prescription order to a Cures Update criterion certification available capability. pharmacy fails for any reason, a routing error message will be sent to either the as of product version 2018 (requires a ordering provider's Message Center or their designate (pool). minimum sub-release of Cerner Millennium 2018.01.09). In addition to Surescripts pre-requisites, successful implementation and use of the certified capabilities requires that a provider’s demographic information Relied upon software: Cerner ePrescribe (address, phone, fax, identifiers) be configured in the Millennium environment. Millennium pharmacy order catalog (including Multum content updates) must also be maintained to reflect the commercial availability of prescription products.

§ 170.315(d)(1) Supports unique user identification, enables No required costs or fees – the capabilities are considered a Configuration of Millennium Core Security for user account security privileges, Authentication, Access authentication against unique user identifiers core component of the Health IT module itself, and no separate authentication parameters, and related access controls is required for use of the Control, Authorization (i.e. username/password) to gain access to licensing is required for the certified capability apart from the certified capability. As a part of standard implementation, defining and electronic health information, and includes licensing required for the Health IT module. administering users, security roles, authorization and authentication parameters, the ability to control the specific access and and the like is required. privilege rights a user is granted. Use of any advanced authentication methodologies, such as biometrics or Relied upon software: N/A cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities, but are not incompatible with their use.

§ 170.315(d)(2) Supports event creation capabilities for No required costs or fees – the capabilities are considered a Configuration of the Millennium Core Audit Service, including enabling of desired Auditable Events and security auditing of access to and actions on core component of the Health IT module itself, and no separate audit events for logging and hash algorithm for tamper detection of captured Tamper-Resistance ePHI via the FirstNet application, including audit data, must be completed for use of the certified capabilities.

Cerner 2015 Edition Certified Health IT V. 32 Page 11 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

integrity protection of recorded audit logs. licensing is required for the certified capability apart from the Auditing of access to health information via licensing required for the Health IT module. If a third-party audit reporting application is used, configuration of audit events Cerner’s Ignite Millennium API is separately to be securely transmitted from Millennium is required. Audit event data is certified under the 170.315(d)(10) criterion. Optional costs include the P2Sentinel Listener to enable audit captured and transmitted outbound to the audit log repository in XML format events to be sent from the Millennium platform on which the according to the Audit Trail and Node Authentication (ATNA) profile standard Cures Update criterion certification available certified product operates to an external third-party audit message structure and may be subject to customization or modification to as of product version 2018. reporting application. Additional services-related costs may conform to the inbound formatting requirements of any such third-party apply for configuration of outbound audit event data to meet application. Relied upon software: ntpd (Linux) the formatting constraints of any such third-party audit reporting application. § 170.315(d)(3) Enables creation of sortable audit reports for No required costs or fees – the capabilities are considered a Reporting capabilities for audit events and data from the certified product that Audit Report(s) specific time frames, and based on specific core component of the Health IT module itself, and no separate are captured via Millennium Core Audit Service require use of an external audit parameters such as user ID, patient ID, type licensing is required for the certified capability apart from the repository and reporting application to which audit data is securely transmitted of action, etc. licensing required for the Health IT module. Use of P2Sentinel after capture supporting physical separation of the audit log from the HIT module as the audit repository and reporting application is that is the subject of the audit in accordance with good security practices. Cures Update criterion certification available recommended and is subject to additional licensing costs if P2Sentinel is recommended as the audit reporting application, but third-party as of product version 2018. utilized. If a certified third-party audit reporting application applications may also be leveraged. (e.g. Fair Warning) is used in place of P2Sentinel, a license for Relied upon software: ntpd (Linux), Cerner the P2Sentinel Listener is recommended (but not required). Access to audit reports for access to health information via Cerner’s Ignite Sentinel (Cloud Auditing) Millennium API in the Cerner Sentinel (Cloud Auditing) reporting application Reporting capabilities for auditing of access to health requires Cerner Cloud account set up, which can be managed at an enterprise information via Cerner’s Ignite Millennium API are available level. within the Cerner Sentinel (Cloud Auditing) reporting application and are not subject to additional cost. If a third-party audit reporting application is used, implementation of the P2Sentinel Listener is highly recommended as best practice for interfacing data from the Millennium environment to the foreign application. Without it, there is potential for communication issues with residual impact on system performance in Millennium.

Audit data for access to health information via Cerner’s Ignite Millennium API is uniquely accessible using the Cerner Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format from the Cerner Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require additional customization or modification of the event data to align with inbound formatting requirements of the third-party application.

Consolidated audit reporting for events across the full scope of the Health IT module can be achieved either by using the Cerner Sentinel CSV export capability to import into P2Sentinel (or preferred third-party application), or by configuring the Millennium Auditing Outbound Server (SCP 71) to securely transmit Millennium audit data directly to the Cerner Sentinel audit repository.

§ 170.315(d)(4) Enables recording of an amendment to a No mandatory costs or fees – the capabilities are considered a It is assumed that client definition and use of amendment capabilities should be Amendments patient record based on a patient request, as core component of the Health IT module itself, and no separate flexible based on their form and manner of recording patient requested well as the patient requests for amendment licensing is required for the certified capability apart from the amendments. Amendments of ePHI maintained in non-certified systems is to their health record, including identification licensing required for the Health IT module. beyond the scope of Cerner's certified capability but Cerner recognizes they may of whether the amendment was approved or be in use for maintenance of ePHI beyond the scope of records maintained by the denied. To the extent there is desire to leverage existing certified system. documentation capabilities (e.g. PowerForms or Clinical

Cerner 2015 Edition Certified Health IT V. 32 Page 12 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A Documentation templates) to support documenting Documentation templates can be defined both for recording patient amendment requests, costs apply for licensing those requests/provider response and for the substance of the amendment request components for their broader purpose, but no distinct or content. Accepting the amendment request into the record may involve use of additional costs apply for their use in support of this capability. additional documentation tools to create and maintain medical record entries out of amendment requests, such as for documenting a patient's home medications or recording patient contributed health information, depending on its form.

§ 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – the capabilities are considered a Use of the certified capability requires configuration at the Millennium Automatic Access session after a specified period of inactivity core component of the Health IT module itself, and no separate application server level that is typically performed at a network administrator Time-out requiring re-authentication. licensing is required for the certified capability apart from the task for consistency across individual users and workstations. licensing required for the Health IT module. Relied upon software: N/A § 170.315(d)(6) Enables a limited set of specified users to No associated costs or fees – the capabilities are considered a Use of business continuity and disaster recovery techniques and tools are beyond Emergency Access access electronic health information in core component of the Health IT module itself, and no separate the scope of the intent of emergency access capabilities within the certified emergency scenarios. licensing is required for the certified capability apart from the product but are relevant for HIPAA Security compliance and overall security risk licensing required for the Health IT module. assessment processes. Relied upon software: N/A To enable the certified capability to be used, configuration of user positions with privilege to invoke the emergency access relationship type must be defined. This capability allows for override of restrictions on a user's ability to access records beyond the organization they are associated to, of encounter records marked as subject to confidentiality levels and based upon the access rights that may be defined for the emergency mode of access relationship type.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – the capabilities are considered a Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health core component of the Health IT module itself, and no separate capabilities within scope of the certified product. Encryption capabilities for Encryption information accessed in the FirstNet licensing is required for the certified capability apart from the server-side or data center hosting and ad hoc user actions to export ePHI for application locally to end-user devices (e.g. licensing required for the Health IT module. local/personalized storage is beyond the scope of certification testing for the temp files, cookies, caches). criterion.

Relied upon software: N/A § 170.315(d)(8) Enables verification that health information Required costs beyond the licensing required for the Health IT Integrity protection is enabled principally for secure transport of clinical Integrity exchanged electronically (both outbound and module include a software license for the Cerner Direct HISP. information between entities for those end points and transacting capabilities inbound) has not been altered during intended for use with the certified Health IT module. Unsecure transport transmit via use of message digests produced *NOTE Cerner Direct HISP is already a required license for the methods for exchange of ePHI between entities may lead to security vulnerability by hash algorithms of SHA-2 or greater Health IT module by virtue of its support for the 170.315(h)(1) risks and is not recommended. strength. criterion Use of the certified capability requires full implementation and onboarding of the Relied upon software: N/A Cerner Direct HISP for the given Millennium environment.

§ 170.315(d)(9) Enables the secure encryption and integrity- No associated costs or fees – the capabilities are considered a For secure data exchange in the context of patient health information capture Trusted Connection protection of electronic health information core component of the Health IT module itself, and no separate (170.315(e)(3)), full successful implementation is dependent upon Websphere transmitted to external applications via API licensing is required for the certified capability apart from the application server (WAS) configuration including TLS v1.2 communications for patient access, and contribution of data licensing required for the Health IT module. security and digital certificates with SHA-2 support. In the case of transmission to to Millennium from external applications for external applications via API for patient access (170.315(g)(7)-(9)), secure patient health information capture. exchange is inherent with a full implementation of the Ignite Millennium API.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 13 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(d)(10) Supports event creation capabilities for No associated costs or fees – auditing of access to health Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting Auditing Actions on security auditing of access to health information via Cerner’s Ignite Millennium API provided by the application requires Cerner Cloud account set up, which can be managed at an Health Information information via the Ignite Millennium API, Cerner Sentinel (Cloud Auditing) service is considered enterprise level. including integrity protection of recorded embedded with the licensing of the Health IT module itself and audit logs. Auditing of access to ePHI via is not subject to additional cost. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once FirstNet is certified separately under the deployed and does not require or support management of specific events of 170.315(d)(2) criterion. interest to be logged as the big data foundation model follows an approach of always sending everything. Cures Update criterion certification available as of product version 2018.

Relied upon software: Cerner Sentinel (Cloud Auditing), ntpd (Linux) 170.315(d)(12) Identifies whether the certified product N/A N/A Encrypt Authentication enables FIPS 140-2 compliant encryption or Credentials cryptographic hashing of end-user credentials stored within the product. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2018.

Relied upon software: N/A § 170.315(e)(3) Includes the capability for patients or their Required costs include software licenses for Emergency The product’s certification for Patient Health Information Capture is compatible Patient Health authorized representatives to securely and Medicine (FirstNet) and Advanced Care Documentation with the use of third-party patient portals or similar patient-facing applications as Information Capture electronically provide health information (PowerForms) for capture of hyperlinks to patient-provided a data contribution source from which patients (or their authorized from non-clinical settings to providers and health information in the EHR. The Messaging REST service representatives) can securely and electronically share health information with care team members for incorporation into through which data is transmitted inbound to Millennium is their providers in Millennium. Due to the open nature of the Messaging REST their health record. embedded with Cerner Millennium at no additional cost. service through which data is transmitted inbound to Millennium, no specific contract or agreement is required between Cerner and any third-party Relied upon software: N/A application developers to enable connection.

Capture of patient-provided hyperlinks to patient health information is performed via use of a select PowerForm.

Successful implementation of the certified capabilities requires up-front code installation and configuration of the Messaging REST service (RESTful API). For a

Cerner 2015 Edition Certified Health IT V. 32 Page 14 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

third-party application (e.g. patient portal, mobile health app, etc) to be compatible as a data contribution source, it must be capable of calling an API over Hypertext Transfer Protocol Secure (HTTPS). Additional pre-requisite configurations requiring technical knowledge for the implementation also apply. Services are available for initial setup of the REST service to be called by a chosen third-party application, but further development specifics are dependent on unique implementation considerations for the particular third-party application.

Authentication and authorization from third-party applications accessing the REST service requires OAuth, for which configuration is an additional pre- requisite for client-hosted (CHO) clients. To positively identify and associate contributed data with a unique patient, a method for transmitting a patient identifier from Cerner to the third-party application to be passed back into Cerner with the data submissions is a pre-requisite for certified functionality.

For credit on the associated objective measurement, patient-provided health information must be stored to the patient’s record by saving the message to their chart.

*HealtheLife is also certified to the criterion and allows for a formal contribution method dependent on licensing and use of the HealtheLife patient portal’s messaging feature.

§ 170.315(g)(2) Enables calculation of numerator and Required costs include software licenses for Emergency Standard functional reports for automated measure calculation are designed to Automated Measure denominator values for the following Stage 3 Medicine (FirstNet) and Business Objects. work in coordination with certified product capabilities and workflows. Calculation Promoting Interoperability (PI) measures for Information on the design assumptions of the reports is available in Cerner performance/reporting year 2019+: Reference Pages documentation. Medicare PI • e-Prescribing (EH/CAH & EC) Use of self-developed components or workflows that are beyond the scope of the • *Verify Opioid Treatment design assumptions of the standard reporting may not result in measurement Agreement (EH/CAH & EC) consideration. Use of self-developed reporting or process to compile numerator • *Support Electronic Referral and denominator data from different sources than the certified product is outside Loops by Sending Health the scope of Cerner's certified capabilities. Information (EH/CAH & EC) • Support Electronic Referral Loops To enable the certified capability to be used configuration in the Cerner Bedrock by Receiving and Incorporating wizard for definition of denominator populations and for measure definitions is Health Information (EH/CAH & EC) required. Operations processes must also be implemented to support data loads • Provide Patients Electronic Access for the reporting period. If reporting requirements change because of CMS policy to Their Health Information clarifications or due to identification of error correction needs in reporting logic, (EH/CAH & EC) this can require historical loads of data to assure proper measure calculation and *Measures officially recognized as certified credit. for EH/CAH as of August 8, 2019 and for EC as of November 8, 2019

Medicaid PI (EP only) • Clinical Information Reconciliation • Computerized Physician Order Entry (CPOE) • ePrescribing • Patient Education

Cerner 2015 Edition Certified Health IT V. 32 Page 15 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

• Patient Generated Health Data • Provide Patients Electronic Access to Their Health Information • Receive and Incorporate • Secure Messaging • Support Electronic Referral Loops by Sending Health Information • View, Download, Transmit

Relied upon software: N/A § 170.315(g)(3) Defines user-centered design processes and No associated costs or fees N/A Safety Enhanced Design assessments for applicable certified capabilities within the certified product’s scope.

Relied upon software: N/A § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A § 170.315(g)(6) Enables the creation of a standards- Required costs include software licenses for Emergency The C-CDA creation performance capabilities are supported as per ONC policy C-CDA Creation conformant Consolidated Clinical Document Medicine (FirstNet) and CAMM Digital Objects, a Cerner with certification of 170.315(b)(1), 170.315(b)(2), 170.315(b)(4), and Performance Architecture (C-CDA) document, including Controlled Medical Terminology (CMT) content subscription for 170.315(b)(6) criteria for creation of a C-CDA documents. Appropriate Common Clinical Data Set (CCDS) SNOMED-CT, ICD-10, LOINC, HL7, CDC & OMB standard code implementation and maintenance of medical code sets for vocabulary constraints representation. sets for race & ethnicity, RFC5646 standard for preferred and mapping of demographics data elements to defined standards is a pre- language, UCUM, CPT-4, and HCPCS, and a Multum content requisite for conformant C-CDA generation. Use of any non-certified capability for Relied upon software: N/A subscription for RxNorm, CVX, and NDC. the recording of required structured clinical data to be included in C-CDA documents may not be compatible with certified capabilities.

Use of the certified capabilities requires Message Center, Clinical Reporting XR, and the Clinical Document Generator (CDG) service. For the Implantable Device List included in the Medical Equipment section of C-CDA documents, device entries with a UDI and a status of active (i.e. currently implanted) are included in the C-CDA. An additional enhancement to populate active Implant History entries without a UDI is also available for all certified code levels. The scope is limited to the C-CDA Continuity of Care Document (CCD), Referral Note, and (inpatient setting only) Discharge Summary document templates.

§ 170.315(g)(7) Includes the capability to uniquely match and Required costs include a software license for Emergency To be considered “fully implemented” as required under EHR Incentive Program Application Access – authenticate a request for access to health Medicine (FirstNet) and an annual subscription and one-time regulations, the API for API-based access and an Identity Provider (IdP) are Patient Selection information from an external application of set up fee for Ignite Millennium API (the API). For clients that required. Cerner provides Cerner Health as the default IdP available for clients

Cerner 2015 Edition Certified Health IT V. 32 Page 16 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

the patient’s choice via the Ignite Millennium host their own infrastructure (CHO), an additional one-time and/or their third-party patient access solutions to integrate with. Options for IdP API to the correct Millennium patient record. setup cost for additional infrastructure is required, and include: (1) Cerner Health IdP used for HealtheLife and the API, or (2) a third- supplemental costs for RedHat Licenses, VMWare licenses, and party/client specified IdP able to be integrated with HealtheLife and the API, or Relied upon software: Ignite Millennium API ESX Host hardware may apply. Cerner Sentinel (Cloud Auditing) (3) a third-party/client specified IdP used for consumer identity management plus § 170.315(g)(8) Includes the capability to respond to is required for security audit purposes, but is not subject to Cerner Health IdP separately for the API. Application Access – authenticated requests for health additional cost (see 170.315(d)(10) criterion). Data Category Request information via the Ignite Millennium API at Clients will be responsible ensuring patient identity proofing occurs before an individual data category level for data In most cases, initial implementation of the API within the enabling access to health data electronically via the API, and that the identity types included in the Common Clinical Data client's environment will be covered under the client’s setup proofing systems are integrated with the API. Clients will also be responsible for Set (CCDS), including accommodation of license, but there may be cases of implementation complexity integrating applications with the API and ensuring patient identity proofing specific dates/date ranges. or volume where additional costs would be incurred. Potential occurs when the third-party applications call the API. interface services may be necessary at a cost to interface Relied upon software: Ignite Millennium API credentials and/or relationship information into Millennium for Additional usage-based limitations also apply. The base contract includes a usage- § 170.315(g)(9) Includes the capability to respond to authorized representatives not otherwise known to the system based limitation that will incur additional costs when usage limits are met. Application Access – All authenticated requests for health until specified by the patient for ability to leverage the patient’s Data Request information via the Ignite Millennium API consumer access. Connection of a third-party/client specified IdP with the API requires that the IdP with the full Common Clinical Data Set (CCDS) support Security Assertion Markup Language (SAML) authentication standards for using the C-CDA Continuity of Care If a third-party Identity Provider (IdP) is being used for integration with the Cerner-hosted security services. Document (CCD) template, including consumer access, a one-time cost will be associated with set up accommodation of specific dates/date for either integrating the IdP with the API or for Cerner Health Cerner maintains ontology mappings on clients’ behalf and baseline mappings ranges. IdP setup for the API. Developers or clients implementing direct that expose a majority of clinical data in required terminologies are included by to consumer applications (and therefore consumers default with a standard implementation. However, through the course of Relied upon software: Ignite Millennium API themselves) will not be charged connection or usage-based application adoptions, content mapping gaps may be discovered. In such cases, fees. Applications integrating with the API may have costs unto clients will need to submit a request to Cerner to add additional mappings that a themselves that are required by the application developer of particular application being implemented may require. any given consumer application. The API can be leveraged by non-certified applications to provide View, Download, and Transmit-type functions aligning with the 170.315(e)(1) criterion, but is not directly certified for those capabilities.

§ 170.315(h)(1) Includes the capability to exchange health Required costs include software licenses for Emergency Use of Cerner Direct HISP requires that clients complete a current Cerner Direct Direct Project information with external entities using the Medicine (FirstNet), Cerner Direct HISP (*one-time set up fees Messaging certificate request containing required Trust Framework contents that Direct Project standards for Secure Health also apply). Optional costs include licensing of Advanced establish and validate Clients’ authenticity and parameters under which they may Transport. Interoperable Solutions (AIS) for Edge Protocol (XDR/XDM). participate in Direct exchange.

Relied upon software: Cerner Direct HISP Use of the certified capability is limited to exchange with known, trusted users who have Direct accounts. Transacting with non-Direct users is outside the scope of the certified capability. Use of this capability by providers for transitions of care is optional as CMS permits other methods of electronic transacting for objective measurement. However, possession of the certified capability for this criterion is required as part of the CEHRT definition.

Cerner 2015 Edition Certified Health IT V. 32 Page 17 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

FirstNet (CQMs) See Appendix A for certified versions and CHPL listing information; see Certified Quality Measures (applies to 170.315(c)(1)-(3) criteria): CMS2: Preventive Care and Screening: Screening for Depression and Follow-Up Plan; CMS9: Exclusive Breast Milk Feeding; CMS22: Preventive Care and Screening: Screening for High Blood Pressure and Follow-Up Documented; CMS26: Home Management Plan of Care (HMPC) Document Given to Patient/Caregiver; CMS31: Hearing Screening Prior To Hospital Discharge; CMS32: Median Time from ED Arrival to ED Departure for Discharged ED Patients; CMS50: Closing the Referral Loop: Receipt of Specialist Report; CMS53: Primary PCI Received Within 90 Minutes of Hospital Arrival; CMS55: Median Time from ED Arrival to ED Departure for Admitted ED Patients; CMS68: Documentation of Current Medications in the Medical Record; CMS69: Preventive Care and Screening: Body Mass Index (BMI) Screening and Follow-Up Plan; CMS71: Anticoagulation Therapy for Atrial Fibrillation/Flutter; CMS72: Antithrombotic Therapy By End of Hospital Day 2; CMS74: Primary Caries Prevention Intervention as Offered by Primary Care Providers, including Dentists; CMS75: Children Who Have Dental Decay or Cavities; CMS90: Functional Status Assessments for Congestive Heart Failure; CMS102: Assessed for Rehabilitation; CMS104: Discharged on Antithrombotic Therapy; CMS105: Discharged on Statin Medication; CMS107: Stroke Education; CMS108: Venous Thromboembolism Prophylaxis; CMS111: Median Admit Decision Time to ED Departure Time for Admitted Patients; CMS113: Elective Delivery; CMS117: Childhood Immunization Status; CMS122: Diabetes: Hemoglobin A1c (HbA1c) Poor Control (> 9%); CMS124: Cervical Cancer Screening; CMS125: Breast Cancer Screening ; CMS127: Pneumococcal Vaccination Status for Older Adults; CMS130: Colorectal Cancer Screening; CMS131: Diabetes: Eye Exam; CMS134: Diabetes: Medical Attention for Nephropathy; CMS135: Heart Failure (HF): Angiotensin-Converting Enzyme (ACE) Inhibitor or Angiotensin Receptor Blocker (ARB) Therapy for Left Ventricular Systolic Dysfunction (LVSD); CMS137: Initiation and Engagement of Alcohol and Other Drug Dependence Treatment; CMS138: Preventive Care and Screening: Tobacco Use: Screening and Cessation Intervention; CMS139: Falls: Screening for Future Fall Risk; CMS144: Heart Failure (HF): Beta-Blocker Therapy for Left Ventricular Systolic Dysfunction (LVSD); CMS145: Coronary Artery Disease (CAD): Beta-Blocker Therapy-Prior Myocardial Infarction (MI) or Left Ventricular Systolic Dysfunction (LVEF <40%); CMS146: Appropriate Testing for Children with Pharyngitis; CMS147: Preventive Care and Screening: Influenza Immunization; CMS149: Dementia: Cognitive Assessment; CMS153: Chlamydia Screening for Women; CMS154: Appropriate Treatment for Children with Upper Respiratory Infection (URI); CMS155: Weight Assessment and Counseling for Nutrition and Physical Activity for Children and Adolescents; CMS156: Use of High-Risk Medications in the Elderly; CMS157: Oncology: Medical and Radiation - Pain Intensity Quantified; CMS159: Depression Remission at Twelve Months; CMS161: Adult Major Depressive Disorder (MDD): Suicide Risk Assessment; CMS165: Controlling High Blood Pressure; CMS177: Child and Adolescent Major Depressive Disorder (MDD): Suicide Risk Assessment; CMS190: Intensive Care Unit Venous Thromboembolism Prophylaxis; CMS 506: Safe Use of Opioids - Concurrent Prescribing Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(c)(1) Includes the capability to record the data Required costs include a Quality Reporting content The Quality Clearinghouse (QCH) is a centrally maintained clearinghouse that is CQMs – Record & Export required for Clinical Quality Measure (CQM) subscription and software licenses for the following: embedded with the subscription to Cerner Quality Reporting – it is solely calculations in a codified manner appropriate Emergency Medicine (FirstNet); SAP Business Objects for compatible with the electronic health record maintained in Cerner Millennium as for the measures to which the product is Lighthouse (or HealtheEDW or PowerInsight EDW or a source clinical system and is not intended for use as a separate data certified, and the ability for an authorized user PowerInsight Explorer); PowerOrders; Advanced Care warehouse. Use of on-demand generation and export of QRDA data files is to generate QRDA Category I and QRDA Documentation (PowerForms); Cerner HIM (or Abstracted intended for distinct use-cases, such as making data available to a third-party Category III data files for export. Data Incoming) eSubmission vendor or registry capable of receiving QRDA data files and is distinct from electronic report submission capabilities and use-cases under Relied upon software: Cerner Quality 170.315(c)(3). On-demand generation and export is also not typically intended Reporting for interactive data review/management purposes as real-time dashboard views are available within the system for such purposes.

Pre-requisites for generation and export of QRDA data files include the following implementation and configuration tasks: establishing a QCH connection for your Millennium environment and provisioning access for authorized users (one- time); package installation for eCQM and QRDA specification updates from CMS (annual + monthly releases); eCQM set up and validation (annual); eCQM data extraction/transfer from Millennium to the QCH (one-time or variable depending upon needs).

Generation and export of QRDA data files is available on-demand in the QCH for appropriately licensed clients where all pre-requisite implementation and configuration tasks have been completed. Only eCQM data that has been extracted from the connected Millennium environment and transferred to the

Cerner 2015 Edition Certified Health IT V. 32 Page 18 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

QCH will qualify for QRDA data file generation. Recommended set up includes configuration of an automated daily refresh of eCQM data available in the QCH (processing time for these daily extractions varies, but will typically complete within 2-3 days). eCQM data refreshes can also be performed on an ad hoc basis if preferred, but would require an extra step to initiate the extraction/transfer process manually for each refresh.

On-demand QRDA data files are available for the current and immediate previous calendar year on a rolling basis. File generation is supported for dates that fall within the calendar year to which the measure specifications and QRDA file specifications apply. For example, date ranges within CY 2019 are available for generation using the applicable measure and QRDA file specifications for CY 2019. Export of QRDA data files where the date range differs from the measure and QRDA file specification year are considered beyond scope of the certified capabilities and require additional developer assistance.

Detailed specifications for eCQM data loads is published in Cerner’s Overview of 2015 Edition Certification Criteria for Clinical Quality Measures Reference Page.

*For clients under Cerner’s hosted/ASP models, pre-requisite tasks are typically performed by Cerner acting in the role of a user on behalf of the client as a part of the services agreement. Under these models, a service request must be logged for data extraction/transfer in all instances of QRDA export, whether as part of a recurring schedule of exports or ad hoc. *Detailed guidance for pre-requisite implementation and configuration tasks is published in Cerner’s Overview of 2015 Edition Certification Criteria for Clinical Quality Measures Reference Page.

§ 170.315(c)(2) Includes the capability for an authorized user to Required costs include a Quality Reporting content QRDA data file import is intended most typically for the integration of data from CQMs – Import & import QRDA Category I data files and perform subscription and software licenses for the following: third-party clinical source systems for Quality Reporting purposes particularly to Calculate Clinical Quality Measure (CQM) calculations for Emergency Medicine (FirstNet); SAP Business Objects for support consolidation of quality measurement data when clients transition from the data for the measures to which the product Lighthouse (or HealtheEDW or PowerInsight EDW or a third party EHR to Cerner mid-reporting period for one reporting submission. is certified. PowerInsight Explorer); PowerOrders; Advanced Care Import functionality does not create new medical record entries in the electronic Documentation (PowerForms); Cerner HIM (or Abstracted health record maintained in Millennium and is not intended to be used as an Relied upon software: Cerner Quality Data Incoming) alternative for foreign systems interfacing of source medical record data into the Reporting EHR as would be performed for medical record conversion across EHR systems.

Pre-requisites for import of QRDA data files include the following implementation and configuration tasks: establishing a QCH connection for your Millennium environment and provisioning access for authorized users (one- time); eCQM and QRDA import package installation for CMS specification updates (annual + monthly releases); eCQM set up and validation (annual); setup of QRDA Shell Script and execution authorization for appropriate users (one- time).

Cerner 2015 Edition Certified Health IT V. 32 Page 19 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

file import is processed successfully, additional steps are required for extraction of data to the QCH to enable inclusion in on-demand QRDA data file generation and export, or with electronic report submission. QRDA data file import capabilities support annual specifications for the current and immediate prior year on a rolling basis and are specific to the CMS and HL7 specifications for the same reporting year.

Import of QRDA data files is available only for patients with an existing person record within the Cerner Millennium domain to which the file is being imported. QRDA data file and existing Millennium person ID are matched through an alias on the file that exists on the person record, or through a manual process of defining each link between QRDA data file and Millennium person record.

Imported eCQM data is stored to the Quality Reporting schema in the Millennium environment, which is separate from the Millennium environment’s clinical EHR database. Accordingly, while de-duplication of data for matching person identifiers is enabled across individual imported QRDA data files, de- duplication is not performed against the local Millennium EHR’s patient records. De-duplication against local Millennium records would require interfacing of source clinical data to the Millennium clinical EHR database directly, which is out of scope for this criterion.

*For clients under Cerner’s hosted/ASP models, QRDA import is performed by Cerner acting in the role of a user as part of the clients’ services agreement *For clients under Cerner’s hosted/ASP models, pre-requisite tasks are typically performed by Cerner acting in the role of a user on behalf of the client as a part of the services agreement *Detailed guidance for pre-requisite implementation and configuration tasks is published in Cerner’s Overview of 2015 Edition Certification Criteria for Clinical Quality Measures Reference Page.

§ 170.315(c)(3) Includes the capability to create QRDA Required costs include a Quality Reporting content FirstNet (CQMs) supports eSubmission for regulatory programs (e.g. CMS or TJC CQMs – Report Category I and III data files for reporting subscription and software licenses for the following: eCQMs). For those clients using Cerner as their data submission vendor, and who submission for the measures to which the Emergency Medicine (FirstNet); SAP Business Objects for rely on services to support that eSubmission, specific timeline requirements product is certified. Lighthouse (or HealtheEDW or PowerInsight EDW or apply for registration of intent to use Cerner as a data submissions vendor and PowerInsight Explorer); PowerOrders; Advanced Care for making data available from the source clinical system(s). These are published Cures Update criterion certification available as Documentation (PowerForms); Cerner HIM (or Abstracted on Cerner’s Eligible Provider Quality Reporting Reference Page for Ambulatory of product version 2018. Data Incoming) clients, and on Cerner’s Meaningful Use Hospital eCQM Reference Page for Hospital clients. Pre-requisite implementation and configuration tasks also apply Relied upon software: Cerner Quality and include the following: establishing a QCH connection for your Millennium Reporting environment and provisioning access for authorized users (one-time); package installation for eCQM and QRDA specification updates from CMS (annual + monthly releases); eCQM set up and validation (annual); eCQM data extraction/transfer from Millennium to the QCH (one-time per submission)

Generation of QRDA data files for eSubmission is performed by Cerner on behalf of all clients who have registered intent to use Cerner as their data submission vendor. Generation of QRDA data files for purpose of making data available to a third-party vendor for eSubmission or ancillary purpose is not a use-case within

Cerner 2015 Edition Certified Health IT V. 32 Page 20 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

scope of this criterion and is instead enabled via use of capabilities under 170.315(c)(1).

eSubmission of QRDA data files is available for appropriately licensed clients with registered intent and requires extraction/transfer of data from the source Millennium environment to the QCH (pre-requisite connection of the source Millennium environment to the QCH must be in place). QRDA data files are generated from the QCH by Cerner for eSubmission and data qualification is constrained to the data loaded in Millennium for the chosen measures and associated reporting period.

§ 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are considered N/A Authentication, Access authentication against unique identifiers (i.e. a core component of the Health IT module itself, and no Control, Authorization username/password) to gain access to separate licensing is required for the certified capability apart electronic health information in FirstNet and from the licensing required for the Health IT module. the Quality Clearinghouse, and includes the ability to control the specific access and privileges a user is granted.

Relied upon software: N/A § 170.315(d)(2) Supports event creation capabilities for security No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting Auditable Events and auditing of access to and actions on ePHI within capabilities provided by the Cerner Sentinel (Cloud Auditing) application requires Cerner Cloud account set up, which can be managed at an Tamper-Resistance the Quality Clearinghouse, including integrity service are considered embedded with the licensing of the enterprise level. The Cerner Sentinel (Cloud Auditing) service is not able to be protection of recorded audit logs. Health IT module itself. disabled once deployed and does not require or support management of specific events of interest to be logged as the big data foundation model follows an Cures Update criterion certification available as approach of always sending everything. of product version 2018.

Relied upon software: Cerner Sentinel (Cloud Auditing), ntpd (Linux) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the audit Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting Audit Report(s) specific time frames, and based on specific reporting capabilities provided by the Cerner Sentinel (Cloud application requires Cerner Cloud account set up, which can be managed at an parameters such as user ID, patient ID, type of Auditing) reporting application is available via licensing of the enterprise level. action, etc. Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cures Update criterion certification available as Cerner Sentinel audit repository, which is uniquely accessible using the Cerner of product version 2018. Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format from the Cerner Sentinel audit repository for incorporation into a third- Relied upon software: Cerner Sentinel (Cloud party application is enabled via Secure File Transfer Protocol (SFTP) but may Auditing), ntpd (Linux) require additional customization or modification of the event formatting to align with inbound formatting requirements of the third-party.

§ 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – The capabilities are considered The automatic time-out capability is enabled by default and set to execute at a Automatic Access session in the Quality Clearinghouse after a a core component of the Health IT module itself, and no standard inactivity period for all clients/users. Time-out specified period of inactivity separate licensing is required for the certified capability apart from the licensing required for the Health IT module. Relied upon software: N/A 170.315(d)(12) Identifies whether the certified product N/A N/A enables FIPS 140-2 compliant encryption or cryptographic hashing of end-user credentials

Cerner 2015 Edition Certified Health IT V. 32 Page 21 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Encrypt Authentication stored within the product. This criterion is Credentials intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2018.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases. Certification available as of product version 2018.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 22 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

FirstNet (Immunizations) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are Configuration of Millennium Core Security for user account security privileges, Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT module authentication parameters, and related access controls is required for use of the Control, Authorization username/password) to gain access to itself, and no separate licensing is required for the certified certified capability. As a part of standard implementation, defining and electronic health information, and includes capability apart from the licensing required for the Health administering users, security roles, authorization and authentication parameters, the ability to control the specific access and IT module. and the like is required. privilege rights a user is granted. Use of any advanced authentication methodologies, such as biometrics or Relied upon software: N/A cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities, but are not incompatible with their use.

§ 170.315(d)(2) Supports event creation capabilities for No required costs or fees – the capabilities are considered Configuration of the Millennium Core Audit Service, including enabling of desired Auditable Events and security auditing of access to and actions on a core component of the Health IT module itself, and no audit events for logging and hash algorithm for tamper detection of captured audit Tamper-Resistance ePHI within FirstNet for activities related to separate licensing is required for the certified capability data, must be completed for use of the certified capabilities. immunizations reporting, including integrity apart from the licensing required for the Health IT module. protection of recorded audit logs. If a third-party audit reporting application is used, configuration of audit events to Optional costs include the P2Sentinel Listener to enable be securely transmitted from Millennium is required. Audit event data is captured Cures Update criterion certification available audit events to be sent from the Millennium platform on and transmitted outbound to the audit log repository in XML format according to as of product version 2018. which the certified product operates to an external third- the Audit Trail and Node Authentication (ATNA) profile standard message structure party audit reporting application. Additional services- and may be subject to customization or modification to conform to the inbound Relied upon software: N/A related costs may apply for configuration of outbound formatting requirements of any such third-party application. audit data to meet the formatting constraints of any such third-party audit reporting application. § 170.315(d)(3) Enables creation of sortable audit reports for Required costs include a software license for Emergency Reporting capabilities for audit events and data from the certified product that are Audit Report(s) specific time frames, and based on specific Medicine (FirstNet). Use of P2Sentinel as the audit captured via Millennium Core Audit Service require use of an external audit parameters such as user ID, patient ID, type of repository and reporting application is recommended and repository and reporting application to which audit data is securely transmitted action, etc. is subject to additional licensing costs. If a certified third- after capture supporting physical separation of the audit log from the HIT module party audit reporting application (e.g. Fair Warning) is used that is the subject of the audit in accordance with good security practices. Cures Update criterion certification available in place of P2Sentinel, a license for the P2Sentinel Listener P2Sentinel is the recommended audit reporting application, but third-party as of product version 2018. is recommended (but not required). applications may also be leveraged.

Relied upon software: N/A If a third-party audit reporting application is used, implementation of the P2Sentinel Listener is highly recommended as best practice for interfacing data from the Millennium environment to the foreign application. Without it, there is potential for communication issues with residual impact on system performance in Millennium.

§ 170.315(d)(7) The certified product is designed to prevent No required costs or fees – the capabilities are considered Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health a core component of the Health IT module itself, and no capabilities within scope of the certified product. Encryption capabilities for server- Encryption information processed via FirstNet locally to separate licensing is required for the certified capability side or data center hosting and ad hoc user actions to export ePHI for end-user devices (e.g. temp files, caches). apart from the licensing required for the Health IT module. local/personalized storage is beyond the scope of certification testing for the criterion. Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 23 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

170.315(d)(12) Identifies whether the certified product N/A N/A Encrypt Authentication enables FIPS 140-2 compliant encryption or Credentials cryptographic hashing of end-user credentials stored within the product. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2018.

Relied upon software: N/A § 170.315(f)(1) Includes the ability to record immunizations Required costs include software licenses for Emergency For interfacing with the external immunization registry, specific configuration Transmission to data codified using National Drug Code (NDC) Medicine (FirstNet), Medication Administration Record, requirements are necessary. The interfacing can be configured as either a direct Immunization Registries identifiers for administered vaccines and CAMM Digital Objects, and Cerner Hub – Immunizations or point-to-point connection through Foreign System Interfaces and the reporting Codes for Vaccines Administered (CVX) Vaccinations Outgoing Interface. registry OR configured as a connection through Cerner Hub services for reporting identifiers for historical vaccines, with immunization data to the registry. Connecting via the Hub for immunization query subsequent creation of immunization Optional costs include the following: Cerner Point of Care capabilities is highly recommended to accommodate variances and unique messages formatted according to HL7 and and/or CareAware Connect for automated documentation connection dependencies across individual IIS registries, but it is also acceptable for CDC standards, along with the ability to query of vaccine administration (including recording of NDC a client to create their own transport mechanism via an interface engine or other for and access/display a patient’s codes) via barcode scanning, Cerner MPages for use of the means capable of satisfying their IIS registry's requirements. immunizations history and forecast according Immunizations Workflow component, and Cerner to HL7 and CDC standards. Immunizations Registry Query (Hub) for registry query For the Millennium 2018.01 release platform, USB-connected scanners are required connection. If choosing to leverage barcode medication if the optional Medication Administration Wizard (MAW) is used for automated Relied upon software: Cerner Medication administration capabilities for recording vaccine documentation of vaccine administration via barcode scanning (PS/2 scanner Administration Record (MAR), Cerner Hub – administration with capture of National Drug Code (NDC), connections will not be compatible). Immunizations OR Vaccinations Outgoing additional costs may apply for handheld scanner hardware. Interface Successful implementation of the certified capabilities requires configuration of the Workflow MPages Immunizations component or the Immunization Schedule for charting of historical vaccines. For charting of new vaccine administrations and recording of the administered NDC, vaccine pharmacy formulary details and supply chain locations where vaccines are stocked should be configured, along with enabling Lot selection in the medication administration window. Registry Import must be configured for querying the external registry to access immunization history and display forecast. Configuring the Immunization Ad Hoc preference to disable charting from Immunization Schedule is recommended, but not required.

Other considerations include the following: if charting immunizations ad-hoc directly from Immunization Schedule, the system will not capture the NDC code as required

Cerner 2015 Edition Certified Health IT V. 32 Page 24 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

for reporting; if enabling lot selection preference, the system does not allow the user to modify vaccine details after charting an administration and (user must un- chart/re-chart the administration); if a direct modification is necessary, the lot selection preference can be disabled, but Cerner intends for the preference to be enabled for inventory integration.

§ 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 25 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

HealtheAnalytics: Promoting Interoperability See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(g)(2) Enables calculation of numerator and Required costs include a subscription for HealtheAnalytics. Standard functional reports for automated measure calculation are designed to Automated Measure denominator values for the following Stage 3 work in coordination with Cerner certified module capabilities and workflows. Calculation Promoting Interoperability (PI) measures for Information on the design assumptions of the reports is available in Cerner performance/reporting year 2019+: Reference Pages documentation. Medicare PI • ePrescribing (EH/CAH & EC) Use of self-developed components or use of workflows that are beyond the scope of • Verify Opioid Treatment the design assumptions of the standard reporting may not result in measurement Agreement (EH/CAH & EC) consideration. Use of self-developed reporting or process to compile numerator and • Support Electronic Referral Loops denominator data from different sources than Cerner certified modules is outside by Sending Health Information the scope of the certified capabilities. A data agreement for cloud storage of (EH/CAH & EC) reporting data must also be in place for use of the certified capabilities. • Support Electronic Referral Loops by Receiving and Incorporating To enable the certified capability to be used configuration in the Cerner Bedrock Health Information (EH/CAH & EC) wizard for definition of denominator populations and for measure definitions is • Provide Patients Electronic Access required. Operations processes must also be implemented to support data to Their Health Information processing from the applicable Cerner Millennium environment to the (EH/CAH & EC) HealtheAnalytics platform. This requires a one-time onboarding process that must Medicaid PI (EP only) be performed by Cerner at no additional cost to the client. • *Clinical Information Reconciliation • *Computerized Physician Order Due to potentially large data volumes, timeout limitations may occasionally be Entry (CPOE) encountered. In some instances where data volume is especially high, resolution • ePrescribing could require separation of data into multiple files for processing. • *Patient Education The current and one previous version of the following browsers are supported: • *Patient Generated Health Data Apple Safari, Google Chrome, Microsoft Internet Explorer, Microsoft Edge, Mozilla • Provide Patients Electronic Access Firefox. to Their Health Information

• *Receive and Incorporate • *Secure Messaging • Support Electronic Referral Loops by Sending Health Information • *View, Download, Transmit *Measures officially recognized as certified as of July 7, 2020

Relied upon software: N/A § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 26 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(g)(5) Encompasses the processes by which the No associated costs or fees N/A Accessibility Centered accessibility standards employed in the Design development of the certified capabilities.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 27 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

HealtheLife See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(a)(13) Includes the capability to enable patient- Required costs include software licenses for the HealtheLife Active use of the certified capability requires integration of external content that Patient-specific specific education resources to be suggested patient portal and PowerChart (or PowerChart Ambulatory adheres to the URL-based implementation of the Infobutton standard, which may Education for patients within their HealtheLife portal or PowerChart ASP) or Emergency Medicine (FirstNet). require contracting with third-party vendors. Cerner does not provide or license based on documented problems and/or Licensing of specific third-party content for integration with patient education content independently. medications. Education retrieval is context- the Infobutton retrieval capability is an optional cost. aware for patient specificity and performed IBM WebSphere Application Server (WAS) version 8.5+ and a according to the Infobutton standard. minimum Java Runtime Environment (JRE) level of Java 5 are required for the Infobutton Enterprise Appliance REST service. Relied upon software: Cerner PowerChart or FirstNet § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are N/A Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT module Control, Authorization username/password) to gain access to itself, and no separate licensing is required for the certified electronic health information in the capability apart from the licensing required for the Health HealtheLife portal, and includes the ability to IT module. control the specific access and privilege rights a user is granted.

Relied upon software: N/A § 170.315(d)(2) Support event creation capabilities for security No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and auditing of access to and actions on ePHI capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance within the HealtheLife portal, including Auditing) service are considered embedded with the integrity protection of recorded audit logs. licensing of the Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed and does not require or support management of specific events of interest to be Cures Update criterion certification available logged as the big data foundation model follows an approach of always sending as of product version 2021. everything.

Relied upon software: Cerner Sentinel (Cloud Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the audit Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames, and based on specific reporting capabilities provided by the Cerner Sentinel requires Cerner Cloud account set up, which can be managed at an enterprise level. parameters such as user ID, patient ID, type of (Cloud Auditing) reporting application is available via action, etc. licensing of the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner Sentinel audit repository, which is uniquely accessible using the Cerner Cures Update criterion certification available Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format as of product version 2021. from the Cerner Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require Relied upon software: Cerner Sentinel (Cloud additional customization or modification of the event data to align with inbound Auditing) formatting requirements of the third-party application.

§ 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – The capabilities are The automatic time-out capability is subject to the specific Identity Provider (IdP) in Automatic Access session after a specified period of inactivity considered a core component of the Health IT module use with the HealtheLife patient portal. When the default Cerner Health IdP is in Time-out requiring re-authentication. itself, and no separate licensing is required for the certified use, automatic access time-out is enabled by default and set to a standard inactivity

Cerner 2015 Edition Certified Health IT V. 32 Page 28 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A capability apart from the licensing required for the Health period 20 minutes for all clients/users. Time-out settings may vary if a custom or IT module. third-party IdP is in use.

§ 170.315(d)(6) Enables a limited set of specified users to Required costs beyond the licensing required for the Health Use of business continuity and disaster recovery techniques and tools are beyond Emergency Access access electronic health information in IT module include a software license for PowerChart (or the scope of the intent of emergency access capabilities within the certified product emergency scenarios. As emergency access is PowerChart Ambulatory or PowerChart ASP) or Emergency but are relevant for HIPAA Security compliance and overall security risk assessment irrelevant for consumer users, emergency Medicine (FirstNet). processes. access capability is available to users in the integrated Cerner Millennium PowerChart The HealtheLife patient portal application itself does not enable emergency access and/or FirstNet solutions (not to the to ePHI. Instead, emergency access capabilities are isolated to the integrated Cerner HealtheLife portal directly). Millennium PowerChart and/or FirstNet applications.

Relied upon software: Cerner PowerChart or To enable the certified capability to be used, configuration of user positions with FirstNet privilege to invoke the emergency access relationship type need to be defined. This capability allows for override of restrictions on a user's ability to access records beyond the organization they are associated to, of encounter records marked as subject to confidentiality levels and based upon the access rights that may be defined for the emergency mode of access relationship type.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – The capabilities are The HealtheLife patient portal prevents ePHI from being stored locally to end-user End-user Device any persistent storage of electronic health considered a core component of the Health IT module devices via “no-cache” and “no-store” headers. Use of non-recommended browsers Encryption information accessed in the HealtheLife portal itself, and no separate licensing is required for the certified that do not respect these headers may negatively impact the capabilities. locally to end-user devices (e.g. temp files, capability apart from the licensing required for the Health cookies, caches). IT module.

Relied upon software: N/A § 170.315(d)(9) Enables the secure encryption and integrity- Required costs beyond the licensing required for the Health The trusted connection capabilities are included with a standard implementation of Trusted Connection protection of electronic health information IT module include a license for Cerner Direct HISP to enable the HealtheLife patient portal and unsecure transport methods for exchange of ePHI transmitted to and from the HealtheLife message-level trusted connection for secure transmit of are not intended to be used or supported (except in the case of the required portal, including secure messages between health information to a 3rd party. capability for a patient or authorized representative to transmit to any e-mail patients and their provider, contribution of address of the patient’s choice under the 170.315(e)(1) criterion). data for patient health information capture, *NOTE Cerner Direct HISP is already a required license for and secure transmit of health information to a the Health IT module by virtue of its support for the For secure data exchange in the context of patient health information capture 3rd party. 170.315(e)(1) criterion (170.315(e)(3)) and secure messaging (170.315(e)(2)), full successful implementation is dependent upon Websphere application server (WAS) Relied upon software: Cerner Direct HISP configuration including TLS v1.2 communications security and digital certificates with SHA-2 support. In the case of secure transmit of health information to a 3rd party (170.315(e)(1)), configuration of the Cerner Direct HISP in the integrated Cerner Millennium environment would be required for a full successful implementation.

Cerner 2015 Edition Certified Health IT V. 32 Page 29 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified-health-it for details on any supported MFA use-cases. Certification available as of product version 2021.

Relied upon software: N/A § 170.315(e)(1) Includes the capability for patients and their Required costs include software licenses for the HealtheLife User access provisioning and authentication in HealtheLife requires an Identity View, Download, and authorized representatives to access their patient portal, PowerChart (or PowerChart Ambulatory or Provider (IdP). The default IdP is Cerner Health; use of a custom or third-party IdP is Transmit to 3rd Party health information electronically, and PowerChart ASP) or Emergency Medicine (FirstNet), subject to pre-requisites and must conform to documented specifications available download and transmit it to a 3rd party (via CareAware MultiMedia (CAMM) Digital Objects, and Cerner in Cerner’s HealtheLife SAML 2.0 Specification Reference Page. both secure encrypted and unencrypted Direct HISP. methods) in a C-CDA format using the A mechanism for provisioning users with the IdP via invitation for patients to access Continuity of Care Document (CCD) template. Optional costs include licensing for the following: Advanced to their health information in the HealtheLife portal must also be established. Use of Also includes the ability to view health Interoperable Solutions (AIS) for XDR/XDM secure Cerner registration applications is recommended and enables direct integration. If a information associated with a specific date exchange; Cerner Registration Management or Practice foreign registration system is utilized, additional interfacing will be required for and/or date range and access a detailed Management for provision of access to patients and support of the invitation process. activity history log of actions in their authorized representatives; Radiology Management for HealtheLife portal. enabling access to diagnostic imaging results; General The following pre-requisite configurations must be in place to support view, Laboratory for enabling access to laboratory results. download, and transmit to 3rd party capabilities via HealtheLife: Millennium OAuth, Relied upon software: Cerner PowerChart or CareAware OAuth, CareAware MultiMedia (CAMM), Enterprise Appliance (EA) FirstNet; Cerner Direct HISP Millennium services installation (*needs may differ for client-hosted vs. remote- hosted clients), and Cerner Direct HISP (including a unique messaging address for the HealtheLife patient portal). Continuity of Care Document (CCD) template(s) for patient access must also be configured in Millennium to populate all data elements required for the 170.315(e)(1) criterion, and subsequently configured as the source template(s) in the HealtheLife Administration Tool.

Laboratory results (and associated Labs CLIA information) interfaced inbound to Millennium from a foreign Laboratory Information System (LIS) or reference lab and diagnostic imaging results interfaced inbound from a foreign radiology/imaging system must align with standard Millennium clinical event posting to accurately populate in C-CDA documents for patient access. Availability of lab results for patient access in the HealtheLife portal should be configured with consideration of applicable state laws in addition to Promoting Interoperability program requirements.

§ 170.315(e)(2) Includes the capability to for patients and Required costs include software licenses for the HealtheLife Provider-facing messaging capabilities require use of Message Center, which is Secure Messaging their authorized representatives to securely patient portal, PowerChart (or PowerChart Ambulatory or available as an embedded feature within the Cerner Millennium PowerChart and exchange electronic messages with their PowerChart ASP) or Emergency Medicine (FirstNet). FirstNet applications. Patient and authorized representative messaging capabilities provider and care team members. require use of the HealtheLife patient portal Messaging feature.

Cerner 2015 Edition Certified Health IT V. 32 Page 30 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: Cerner PowerChart or Additional secure messaging workflows such as use of Message Center pools, FirstNet Dynamic Worklist Broadcast Messaging, Health Maintenance Invitations, and the Consumer Message Operations Job for hospitals leverage the same capabilities as the primary Message Center workflow and are optional to implement and use for any associated objective measurement. Use of any other messaging services or methods other than the secure exchange between Cerner Millennium and HealtheLife certified to this criterion are not considered valid for use and messages exchanged using them will not be credited for any associated objective measurement.

Messages are exchanged between HealtheLife and the integrated Cerner Millennium environment via Cerner’s Messaging REST service (RESTful API), which requires up-front code installation and configuration.

To enable messaging capabilities for individual users, providers must be set up with a messaging feature associated to their Millennium HNA user account, and patients/authorized representatives must have an active HealtheLife patient portal account. Clinical relevance of messages for associated objective measures credit is determined based on the message having been saved to the patient’s record for future reference.

§ 170.315(e)(3) Includes the capability for patients or their Required costs include software licenses for the HealtheLife The HealtheLife patient portal’s certification for Patient Health Information Capture Patient Health authorized representatives to securely and patient portal, PowerChart (or PowerChart Ambulatory or is intended for use of HealtheLife secure messaging as the method used by patients Information Capture electronically provide health information from PowerChart ASP) or Emergency Medicine (FirstNet), and (or their authorized representatives) to securely and electronically share health non-clinical settings to providers and care Advanced Care Documentation (PowerForms) for capture information with their providers. Providers are then able to identify the shared team members for incorporation into their of hyperlinks to patient-provided health information in the information upon receipt in Millennium Message Center and record it to the health record. EHR. patient’s record for subsequent access and reference. Use of a patient portal or application other than HealtheLife as the contributing source would not be Relied upon software: Cerner PowerChart or considered valid under HealtheLife’s certification. FirstNet Capture of patient-provided hyperlinks to patient health information is performed directly in Millennium PowerChart and/or FirstNet using a select PowerForm.

Messages containing patient-provided health information are exchanged between HealtheLife and the integrated Cerner Millennium environment via Messaging REST services (RESTful API), which require up-front code installation and configuration.

To enable messaging capabilities for individual users, providers must be set up with a messaging feature associated to their Millennium HNA user account, and patients/authorized representatives must have an active HealtheLife patient portal account. For credit on the associated objective measurement, patient-provided health information must be stored to the patient’s record by saving the message to their chart.

*PowerChart (Clinical) and FirstNet (Clinical) are also certified to the criterion and enable connecting with patient portals and applications other than HealtheLife as contributing sources

Cerner 2015 Edition Certified Health IT V. 32 Page 31 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(g)(2) Enables calculation of numerator and Required costs include software licenses for the HealtheLife Standard functional reports for automated measure calculation are designed to Automated Measure denominator values for the following Stage 3 patient portal, PowerChart (or PowerChart Ambulatory or work in coordination with certified product capabilities and workflows. Information Calculation Promoting Interoperability (PI) measures for PowerChart ASP) or Emergency Medicine (FirstNet), and on the design assumptions of the reports is available in Cerner Reference Pages performance/reporting year 2019+: Business Objects. documentation. Medicare PI • Provide Patients Electronic Access Use of self-developed components or use of workflows that are beyond the scope of to Their Health Information the design assumptions of the standard reporting may not result in measurement (EH/CAH & EC) consideration. Use of self-developed reporting or process to compile numerator and Medicaid PI (EP only) denominator data from different sources than the certified product is outside the • Patient Electronic Access scope of Cerner's certified capabilities. • Patient Education • View, Download, Transmit To enable the certified capability to be used configuration in the Cerner Bedrock • Secure Messaging wizard for definition of denominator populations and for measure definitions is • Patient Generated Health Data required. Operations processes must also be implemented to support data loads for the reporting period. If reporting requirements change because of CMS policy Relied upon software: N/A clarifications or due to identification of error correction needs in reporting logic, this can require historical loads of data to assure proper measure calculation and credit.

Relied upon software: N/A § 170.315(g)(6) Enables the creation of a standards- Required costs beyond the licensing required for the Health The C-CDA creation performance capabilities are supported as per ONC policy with C-CDA Creation conformant Consolidated Clinical Document IT module include a software license for PowerChart (or the 170.315(e)(1) certification for creation of a C-CDA document for patient view, Performance Architecture (C-CDA) document, including PowerChart Ambulatory or PowerChart ASP) or Emergency download, and transmit of health information using the CCD template. Capabilities Common Clinical Data Set (CCDS) Medicine (FirstNet). native to PowerChart and FirstNet in Cerner Millennium are leveraged as relied representation. upon software for the C-CDA generation.

Relied upon software: N/A Appropriate implementation and maintenance of medical code sets for vocabulary constraints and mapping of demographics data elements to defined standards is a pre-requisite for conformant C-CDA generation. For the Implantable Device List included in the Medical Equipment section of C-CDA documents, device entries with a UDI and a status of active (i.e. currently implanted) are included in the C-CDA. An additional enhancement to populate active Implant History entries without a UDI is also available for all certified code levels.

Cerner 2015 Edition Certified Health IT V. 32 Page 32 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Cerner 2015 Edition Certified Health IT V. 32 Page 33 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

HealthSentry See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are considered Configuration of user accounts with associated security privileges, authentication Authentication, Access authentication against unique identifiers (i.e. a core component of the Health IT module itself, and no parameters, and related access controls is required for use of the certified Control, Authorization username/password) to gain access to the separate licensing is required for the certified capability capability. HealthSentry application, and includes the apart from the licensing required for the Health IT module. ability to control the specific access and Use of any advanced authentication methodologies, such as biometrics or privilege rights a user is granted. cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external authentication methods Relied upon software: N/A that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities.

§ 170.315(d)(2) Support event creation capabilities for No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and security auditing of processing and disclosure capabilities provided by the Cerner Sentinel (Cloud Auditing) requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance of ePHI by the HealthSentry application, service are considered embedded with the licensing of the including integrity protection of recorded Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once audit logs. deployed and does not require or support management of specific events of interest to be logged as the big data foundation model follows an approach of Cures Update criterion certification available always sending everything. as of product version 2021.

Relied upon software: Cerner Sentinel (Cloud Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the audit Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames, and based on specific reporting capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. parameters such as user ID, patient ID, type of Auditing) reporting application is available via licensing of action, etc. the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner Sentinel audit repository, which is uniquely accessible using the Cerner Cures Update criterion certification available Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format as of product version 2021. from the Cerner Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require Relied upon software: Cerner Sentinel (Cloud additional customization or modification of the event formatting to align with Auditing) inbound formatting requirements of the third-party.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – The capabilities are considered Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health a core component of the Health IT module itself, and no capabilities within scope of the certified product. Encryption capabilities for server- Encryption information processed via the HealthSentry separate licensing is required for the certified capability side or data center hosting and ad hoc user actions to export ePHI for application locally to end-user devices (e.g. apart from the licensing required for the Health IT module. local/personalized storage is beyond the scope of certification testing for the temp files, cookies, caches). criterion.

Cerner 2015 Edition Certified Health IT V. 32 Page 34 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2021.

Relied upon software: N/A § 170.315(f)(2) Enables creation and transmission of public Required costs include a data subscription for HealthSentry HealthSentry will continue to support both Modified Stage 2 and Stage 3 reporting Transmission to Public health surveillance data to external public and professional data services. Optional costs include data for existing clients, but does not support requirements beyond the PHIN Messaging Health Agencies — health agencies formatted according to the services connections to additional public health agencies. Guide for Syndromic Surveillance (Release 2.0) National standard dataset (such as Syndromic Surveillance HL7 2.5.1 standards for Syndromic optional data elements or submissions more frequently than once every 24 hours) Surveillance. and is no longer available for new footprint implementations. If you would like to pursue Syndromic Surveillance reporting and are not currently live on HealthSentry, Relied upon software: N/A the new architecture option under product name Syndromic Surveillance must be pursued.

Successful implementation of the certified capability requires configuration of a data feed for data extraction from Cerner Millennium to HealthSentry, and completion of onboarding activities with local or state public health jurisdiction, including registration of intent. If a third-party registration system is in use, data must be discretely interfaced to Cerner Millennium for the subsequent data feed extraction to HealthSentry.

§ 170.315(f)(3) Enables creation and transmission of Required costs include a data subscription for HealthSentry HealthSentry will continue to support both Modified Stage 2 and Stage 3 reporting Transmission to Public laboratory tests and results data to external and software licenses for General Laboratory and for existing clients, but does not support requirements beyond the HL7 2.5.1 Health Agencies — public health agencies formatted according to Microbiology, or third-party lab system. Professional data Electronic Laboratory Reporting to Public Health Implementation Guide (Release 1) Reportable Laboratory the HL7 2.5.1 standards for Electronic services costs are also required. National standard dataset (such as optional data elements or submissions more Laboratory Reporting to Public Health. frequently than once every 24 hours) and is no longer available for new footprint Tests and Value/Results Optional costs include data services connections to implementations. If you would like to pursue Electronic Laboratory Results Relied upon software: N/A additional public health agencies. reporting and are not currently live on HealthSentry, the new architecture option under product name Electronic Lab Results must be pursued.

Successful implementation of the certified capability requires configuration of a data feed for data extraction from Cerner Millennium to HealthSentry, and completion of onboarding activities with local or state public health jurisdiction, including registration of intent. If a third-party LIS is used, data must be discretely interfaced to Cerner Millennium for the subsequent data feed extraction to HealthSentry.

Cerner 2015 Edition Certified Health IT V. 32 Page 35 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 36 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Message Center See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables Required costs beyond the licensing required for the Cerner’s Millennium OpenID Provider is utilized to securely integrate Millennium user Authentication, Access authentication against unique identifiers (i.e. Health IT module include a software license for identities (HNA accounts with associated credentials and security privileges) to the Control, Authorization username/password) to gain access to PowerChart (or PowerChart Ambulatory or PowerChart Message Center application’s cloud-based architecture. Given the Millennium OpenID electronic health information, and includes the ASP). Provider’s unique integration with the underlying Millennium credentials, use of any ability to control the specific access and third-party or custom identity management service is not enabled. privilege rights a user is granted. Configuration of user accounts with associated security privileges, authentication Relied upon software: Cerner PowerChart parameters, and related access controls is required for use of the certified capability.

The Millennium OpenID Provider requires pre-requisite configurations, including installation of the Millennium Identity server and OAuth registration. Additional network dependencies detailed on Cerner’s Millennium OpenID Provider Overview Reference Page may apply. Individual devices used for accessing the Message Center application must also be provisioned through Cerner’s Device Access framework using a unique access code generated by IT staff for the initial login. Without a valid provision, users cannot access the application.

Use of any advanced authentication methodologies, such as biometrics or cryptographic methods used in two-factor authentication, are beyond the scope of certified product capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities.

§ 170.315(d)(2) Supports event creation capabilities for No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and security auditing of access to and actions on capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance ePHI within the Message Center application, Auditing) service are considered embedded with the including integrity protection of recorded licensing of the Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed audit logs. and does not require or support management of specific events of interest to be logged as the big data foundation model follows an approach of always sending Relied upon software: Cerner Sentinel (Cloud everything. Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames, and based on specific audit reporting capabilities provided by the Cerner requires Cerner Cloud account set up, which can be managed at an enterprise level. parameters such as user ID, patient ID, type of Sentinel (Cloud Auditing) reporting application is available action, etc. via licensing of the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner Sentinel audit repository, which is uniquely accessible using the Cerner Relied upon software: Cerner Sentinel (Cloud Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format Auditing) from the Cerner Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require additional customization or modification of the event data to align with inbound formatting requirements of the third-party application.

Cerner 2015 Edition Certified Health IT V. 32 Page 37 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – the capabilities are Cerner mobile applications invoke automatic log-off at a session inactivity period of Automatic Access session after a specified period of inactivity considered a core component of the Health IT module 900 seconds (15 minutes) by default. This setting can be modified to a value less than Time-out requiring re-authentication. itself, and no separate licensing is required for the or equal to the maximum session duration as desired and can also can be configured certified capability apart from the licensing required for to differ for personal and shared provisions. Relied upon software: N/A the Health IT module. § 170.315(d)(9) Enables the secure encryption and integrity- No associated costs or fees – the capabilities are The trusted connection capabilities are included with a standard implementation of Trusted Connection protection of electronic health information considered a core component of the Health IT module the Message Center application and unsecure transport methods for exchange of transmitted to and from the HealtheLife itself, and no separate licensing is required for the ePHI are not intended to be used or supported. Full successful implementation is portal, including secure messages between certified capability apart from the licensing required for dependent upon Websphere application server (WAS) configuration including TLS patients and their provider, contribution of the Health IT module. v1.2 communications security and digital certificates with SHA-2 support. data for patient health information capture, and secure transmit of health information to a 3rd party.

Relied upon software: N/A § 170.315(e)(2) Includes the capability for patients or their Required costs include software licenses for Mobility The certified capabilities for secure messaging are uniquely isolated to exchange Secure Messaging authorized representatives to securely Extension for Physician (PowerChart Touch), the between clinicians in the Message Center application and patients (and their exchange electronic messages with their HealtheLife patient portal, and PowerChart (or authorized representatives) in the HealtheLife patient portal. Any attempt to use the provider and care team members. PowerChart Ambulatory or PowerChart ASP). Message Center application for message exchange with third-party patient portal or other consumer-facing applications are not considered a valid use of the certified Relied upon software: HealtheLife capabilities and may not be eligible for credit towards associated objective measurements. *NOTE The Message Center application represented by this certified product is a Messages are exchanged between the Message Center application and the cloud-based module deployed as a mobile integrated HealtheLife patient portal via Cerner’s Messaging REST service (RESTful application distinct from the traditional API), which requires up-front code installation and configuration in the connected Message Center component accessed as an Millennium environment. embedded feature of the PowerChart and FirstNet applications on the Millennium To enable messaging capabilities for individual users, providers must be set up with a desktop. This certified product listing is messaging feature associated to their Millennium HNA user account, and intended for the purpose of enabling reporting patients/authorized representatives must have an active HealtheLife patient portal credit for associated objective measurements account. Clinical relevance of messages for associated objective measures credit is and does not replace functionality of determined based on the message having been saved to the patient’s record for traditional Message Center relied upon by future reference. other certified product listings. § 170.315(g)(2) Enables calculation of numerator and Required costs include software licenses for the Standard functional reports for automated measure calculation are designed to work Automated Measure denominator values for the following Stage 3 HealtheLife patient portal, PowerChart (or PowerChart in coordination with certified product capabilities and workflows. Information on the Calculation Promoting Interoperability (PI) measures for Ambulatory or PowerChart ASP) or Emergency Medicine design assumptions of the reports is available in Cerner Reference Pages performance/reporting year 2019: (FirstNet), and Business Objects. documentation. Medicaid PI (EP only) • Secure Messaging Use of self-developed components or use of workflows that are beyond the scope of the design assumptions of the standard reporting may not result in measurement Relied upon software: N/A consideration. Use of self-developed reporting or process to compile numerator and denominator data from different sources than the certified product is outside the scope of Cerner's certified capabilities.

To enable the certified capability to be used configuration in the Cerner Bedrock wizard for definition of denominator populations and for measure definitions is required. Operations processes must also be implemented to support data loads for the reporting period. If reporting requirements change because of CMS policy

Cerner 2015 Edition Certified Health IT V. 32 Page 38 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

clarifications or due to identification of error correction needs in reporting logic, this can require historical loads of data to assure proper measure calculation and credit.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 39 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

P2 Sentinel See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(3) Enables creation of sortable audit reports for Required costs include license rights for P2Sentinel. For P2Sentinel is intended for use with Cerner Millennium-based clinical systems but non- Audit Report(s) specific time frames, and based on specific the Software as a Service (SaaS) model, license rights are Cerner source clinical solutions (including non-certified systems and applications) can parameters such as user ID, patient ID, type of subscription-based and recurring fees are subject to also send audit data to P2Sentinel if leveraging the traditional installed software action, etc. increase if data ingestion volume exceeds contracted solution model. Non-Millennium data sources are not currently supported on the amount. If transitioning from traditional installed software P2Sentinel SaaS model. Cures Update criterion certification available solution model to SaaS, optional services for migration of as of product version 2021. audit trail data are subject to additional fees. Standard reporting capabilities of P2Sentinel are included for all clients. Any other reporting capabilities desired beyond those enabled via the standard reporting may Relied upon software: N/A Optional costs may apply for inbound configuration of be subject to client configuration or assistance by Cerner Consulting Associates. audit events to post to P2Sentinel that may come from non-Cerner source systems. § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 40 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart (Clinical) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(a)(1) Includes the capability to electronically record, Required costs include software licenses for As part of the appropriate use of the certified capability, clients are expected to maintain Computerized Physician change, and access a patient’s medication PowerChart (or PowerChart Ambulatory or currency with Multum content updates to have accurate reflection of the current RxNorm Order Entry (CPOE) – orders. PowerChart ASP) and PowerOrders, and a Multum code set. Use of Cerner-provided ancillary departmental ordering conversations, such as Medications content subscription. Ongoing support costs are are available within PharmNet, are not considered to be within scope of the certified Relied upon software: N/A required based on the solution licenses. capabilities.

Availability of medication orders for CPOE requires configuration and ongoing maintenance of a pharmacy order catalog and appropriate role-based security.

§ 170.315(a)(2) Includes the capability to electronically record, Required costs include software licenses for Use of Cerner-provided ancillary departmental ordering conversations, such as are Computerized Physician change, and access a patient’s laboratory PowerChart (or PowerChart Ambulatory or available within PathNet, are not considered to be within scope of the certified Order Entry (CPOE) – orders. PowerChart ASP) and PowerOrders. Ongoing support capabilities. Laboratory costs are required based on the solution licenses. Relied upon software: N/A Availability of laboratory orders for CPOE requires configuration and ongoing maintenance of a laboratory order catalog and appropriate role-based security.

§ 170.315(a)(3) Includes the capability to electronically record, Required costs include software licenses for Use of Cerner-provided ancillary departmental ordering conversations, such as are Computerized Physician change, and access a patient’s diagnostic PowerChart (or PowerChart Ambulatory or available within RadNet, are not considered to be within scope of the certified Order Entry (CPOE) – imaging orders. PowerChart ASP) and PowerOrders. Ongoing support capabilities. Diagnostic Imaging costs are required based on the solution licenses. Relied upon software: N/A Availability of diagnostic imaging orders for CPOE requires configuration and ongoing maintenance of an imaging order catalog and appropriate role-based security.

§ 170.315(a)(4) Includes the capability to detect and alert end- Required costs include software licenses for As part of the appropriate use of the certified capability, clients are expected to maintain Drug-drug, Drug-Allergy users of drug-drug and drug-allergy PowerChart (or PowerChart Ambulatory or currency with Multum content updates to have accurate reflection of the current RxNorm Interaction Checks for interactions when placing medication orders, PowerChart ASP) and PowerOrders, and a Multum code set and drug-drug/drug/allergy interaction content, including reference sources. and the ability to manage the severity level by content subscription for mCDS. Use of other Multum content is outside the scope of the certified capabilities. CPOE which interaction alerts are triggered. Successful implementation of the certified capabilities requires Multum content Relied upon software: N/A installation and enabling of preferences for drug-drug/drug-allergy interaction checking. Clients can configure preferences to fit their individual policies for alert levels (e.g. moderate, major, contraindicated, etc.). Drug-allergy interaction checking is not supported for inactive ingredients that may be included in medications (e.g., food-based ingredients) or IV solution base components (e.g., dextrose, sodium chloride, etc.). Full details are published in Cerner’s Managing Cerner Multum Content Reference Page.

§ 170.315(a)(5) Includes the capability to electronically record, Required costs include a software license for Demographics response values are not required to be natively captured in registration Demographics change, and access certain patient PowerChart (or PowerChart Ambulatory or conversations within Millennium, but mapping to defined standards must be in place demographics – including race & ethnicity, PowerChart ASP). A software license for Cerner regardless of the upstream data source. Existing registration conversations may require preferred language, birth sex, and sexual Practice Management or Cerner Registration updates to enable recording that a patient declines to specify for applicable demographic orientation & gender identity – in accordance Management are optional costs as clients can also elements, and multi-select capability for race and ethnicity. with defined vocabulary standards & code choose to utilize Millennium Core Registration at no sets. cost, or an inbound interface from a third-party The certified capabilities also assume that the Social History module is used to document registration system. Sexual Orientation and Gender Identity (SO/GI) information. However, it is up to the

Cerner 2015 Edition Certified Health IT V. 32 Page 41 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A discretion of the client as to whether they will actively collect it. Sexual Orientation and Gender Identity (SO/GI) recording requires separate mapping of local responses to defined standards via Cerner Knowledge Index concepts, and standard functionality does not support inbound interfacing of SO/GI data from a third-party source system.

Successful implementation of the certified capabilities requires mapping of local Millennium response values to the defined standards for each demographic category using code value aliasing. Where a third-party registration system is used with an inbound interface, this depends on accurate inbound aliasing of response values upstream when interfaced from the source system. The ability of the source system to support use of the required code sets or to enable multi-select capability for race and ethnicity should also be assessed for any downstream impacts on the certified capabilities within Millennium.

§ 170.315(a)(9) Includes the capability to configure CDS Required costs include software licenses for Active use of the Infobutton retrieval capability requires integration of external content Clinical Decision Support interventions inclusive of source attribute PowerChart (or PowerChart Ambulatory or that adheres to the URL-based implementation of the Infobutton standard, which may (CDS) information to be presented to end-users PowerChart ASP) and Cerner MPages. A software require contracting with third-party vendors. based on clinical data in the Electronic Health license for either Discern Expert or PowerOrders, or a Record (EHR), along with retrieval of Quality Reporting content subscription are also Where applicable, clients are responsible for ensuring CDS interventions are enabled and diagnostic and therapeutic reference required to enable CDS intervention options that are maintained for the duration of any Meaningful Use/Promoting Interoperability reporting information using the Infobutton standard. considered valid within the product’s certification. period. Integration of third-party source content for use with Relied upon software: Cerner MPages the Infobutton retrieval capability is optional and may Successful implementation of the certified capabilities requires installation of MPages be subject to additional third-party costs. version 6.3 or higher with the appropriate MPages components enabled. Appropriate configuration of rules logic, documentation and/or order templates, and any other components of selected CDS interventions is also required.

§ 170.315(a)(10) Includes the capability to automatically query Required costs include software licenses for If using Formulary & Benefit functionality included in Cerner ePrescribe, the prescriber Drug Formulary and for the existence of a drug formulary or PowerChart (or PowerChart Ambulatory or must be registered with Surescripts, obtain a Surescripts Provider ID (SPI), and implement Preferred Drug List preferred drug list for a particular patient and PowerChart ASP), PowerOrders, Cerner ePrescribe, both the Pharmacy Directory, and formulary checking functionality. Checks medication. and a Multum content subscription. For client-hosted (CHO) clients, additional costs for a VPN solution to It is assumed that formulary checking is enabled for all electronic prescribing workflows Relied upon software: N/A securely connect the Millennium domain to Cerner’s but associated objective measurement is dependent on validation that the check ePrescribing Hub may apply. occurred based on evidence written to the electronic prescription activity data. Any introduction of self-developed ordering conversations for electronic prescribing is beyond the scope of certified capabilities.

If using Millennium order catalog formulary status indicator functionality, a preference must be set to enable formulary checking, and orderables in the Order Catalog must be flagged with the appropriate formulary status.

§ 170.315(a)(12) Includes the capability to electronically record, Required costs include a software license for The certified capabilities assume that recording is performed via the Millennium Histories Family Health History change, and access a patient’s family health PowerChart (or PowerChart Ambulatory or control; use of non-certified or custom components is outside the scope of the product’s history using SNOMED-CT vocabulary for PowerChart ASP) and a Cerner Controlled Medical certification and may limit availability of data for downstream functionality. documented conditions.

Cerner 2015 Edition Certified Health IT V. 32 Page 42 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Terminology (CMT) content subscription for SNOMED- Successful implementation of the certified capabilities may require mappings for the Relied upon software: N/A CT mapping. current form of capture of first-degree relations to the National Human Genome Research Institute code set values.

§ 170.315(a)(13) Includes the capability to suggest patient Required costs include software licenses for Active use of the Infobutton retrieval capability requires integration of external content Patient-Specific education resources based on a patient’s PowerChart (or PowerChart Ambulatory or that adheres to the URL-based implementation of the Infobutton standard, which may Education documented problems and medications and PowerChart ASP) and Cerner MPages. Licensing of require contracting with third-party vendors. retrieved using the Infobutton standard. specific third-party content for integration with the Infobutton retrieval capability is an optional cost. The workflow MPages Patient Education Component or Patient Education Module are Relied upon software: Cerner MPages optional functionality enabling provision of additional non-Infobutton suggested education content for measurement. Use of workflows or self-developed components not enabled for electronic education suggestion are incompatible with associated objective measurement.

§ 170.315(a)(14) Includes the capability to manage a list of a Required costs include software licenses for While utilization of barcode scanning to record and parse a UDI is not specified in the Implantable Device List patient’s implantable devices, including PowerChart (or PowerChart Ambulatory or certification criterion, it is recommended for use to provide for an optimal end-user recording and parsing Unique Device PowerChart ASP). Supply Chain Point of Use or workflow. Identifiers (UDI) and to support automated Departmental Clinical Supply Chain for Surgery with retrieval of additional device attributes from Surgical Management and barcode scanner hardware Successful implementation of the certified capabilities requires configuration of the the Global Unique Device Identifier Database are optional costs for automated recording/parsing of Implant History control and enabling of the GUDID query service. If the recommended (GUDID). Unique Device Identifiers (UDI) via barcode scanning. barcode scanning capability is implemented, successful automated recording and parsing of the UDI via scan is dependent upon item reference data being pre-built in the Cerner Relied upon software: N/A Item Master at the manufacturer catalog item level with associated UPN Device Identifier (DI) defined. If barcode scanning is not implemented, recording and parsing of UDIs will require manual entry in the Implant History record, including the DI for GUDID querying.

§ 170.315(b)(1) Includes the capability to create transition of Required costs include software licenses for Exchange using the product’s certified capability is based on use of the ONC Applicability Transitions of Care care documents in accordance with the HL7 PowerChart (or PowerChart Ambulatory or Statement for Secure Health Transport; use of any other secure electronic transport Consolidated Clinical Document Architecture PowerChart ASP), Cerner Direct HISP (*one-time set formats or protocols is not a valid use of the certified capabilities. Based on Promoting (C-CDA) Release 2.1 standards inclusive of up fees also apply), and CAMM Digital Objects, a Interoperability program measure definitions, other electronic transport methods may be required data element categories, and to Cerner Controlled Medical Terminology (CMT) used and qualify for measurement, but such use-cases would fall outside the scope of the subsequently exchange them using secure content subscription for SNOMED-CT, ICD-10, LOINC, product’s certified capabilities. If not utilizing Cerner Direct HISP for secure clinical Direct messaging standards. Also included is HL7, CDC & OMB standard code sets for race & document, a license with a third party HISP would be required along with a Cerner license the capability to receive and display transition ethnicity, RFC5646 standard for preferred language, for AIS to enable XDR connectivity (*Cerner Direct HISP licensing also still required). of care (ToC) C-CDA documents in human- UCUM, CPT-4, and HCPCS, and a Multum content readable format and to detect conformance subscription for RxNorm, CVX, and NDC. Cerner Direct HISP messaging is isolated to verified exchange partners under the active errors. DirectTrust Trust Bundles for bi-directional communication (send and receive), and

Cerner 2015 Edition Certified Health IT V. 32 Page 43 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Optional costs include Advanced Interoperable National Association for Trusted Exchange (“NATE”) for unidirectional communication Relied upon software: Cerner Direct HISP Solutions (AIS) license and associated set up fees for (send only). Generally, exchange outside these trusted networks is not needed, but XDR/XDM, and an additional software license for should a client determine additional exchange partners are necessary, a service request Cerner Direct Web Inbox enabling exchange with a can be logged to Cerner indicating the third-party HISP with which communication is recipient community provider who does not desired, along with a business contact from that third-party HISP to begin the process. otherwise have Direct messaging capabilities. If opting Cerner will facilitate the initial and ongoing third-party contract maintenance, technology for set up of a custom Direct messaging domain for development, testing, and support required to maintain these one-off connections. All the Cerner Direct Inbox (versus building as an third-party HISPs are required to sign Cerner’s connection agreement providing basic extension of the primary Cerner Direct domain for the protections to both Cerner and our clients. There is no cost to the third-party HISP to Millennium environment), an additional software participate in this agreement. Clients choosing this additional connectivity inherit Direct license is required. communication capabilities with all approved third-party HISPs submitted by other clients participating in the same software license. An additional software license may be required to enable Direct exchange communication with Use of the certified capabilities requires Message Center, Clinical Reporting XR, and the recipients beyond those serviced by HISPs Clinical Document Generator (CDG) service. Use of the Direct External Address Book, ToC participating in the active DirectTrust Trust Bundles Operations Job, MPages, Resonance (document exchange), and CommonWell are for bi-directional communication (send and receive), optional. and National Association for Trusted Exchange (“NATE”) for unidirectional communication (send Personnel who are involved in the use of the certified system for clinical document only). exchange should have a Direct Messaging address that is serviced by the Cerner Direct HISP. Users must also ensure medical code sets for problems, medications, and medication allergies have been implemented to support codification for associated objective measurement requirements. Data conversion and mapping may be required for use of non-standard code sets. Use of non-standard data capture for problems, medications, and medication allergies is problematic for inclusion of those clinical data elements in meeting requirements for associated objective measure credit. For the Implantable Device List included in the Medical Equipment section of C-CDA documents, device entries with a UDI and a status of active (i.e. currently implanted) are included in the C-CDA. An additional enhancement to populate active Implant History entries without a UDI is also available for all certified code levels.

The certified product receives and validates C-CDA documents formatted to both Release 1.1 and 2.1; use of any other C-CDA release would be outside scope of the certified capabilities. For C-CDA creation, the scope of this criterion is limited to the C-CDA Continuity of Care Document (CCD), Referral Note, and (for the inpatient setting only) Discharge Summary document templates. Use of any non-certified capability for the recording of required structured clinical data to be included in ToC documents may not be compatible with the certified capabilities for ToC creation.

§ 170.315(b)(2) Includes the capability to accurately match a Required costs include software licenses for For reconciliation capabilities to perform optimally it is vital that clients stay current on Clinical Information received transition of care C-CDA document to PowerChart (or PowerChart Ambulatory or nomenclature content updates for allergies (Multum), problems (ICD-10, SNOMED CT), Reconciliation and a local patient record and to reconcile PowerChart ASP) and Cerner MPages, and content and medications (Multum). Incorporation problems, medications, and medication subscriptions for Multum and Cerner Controlled allergies data to produce a single consolidated Medical Terminology (CMT). Successful implementation of the certified capabilities requires installation of MPages reconciled list in the patient’s Electronic version 6.3 or higher with the Histories (problems), Home Medications, and Allergies Health Record (EHR) that can be included in Workflow components enabled and configured to allow for reconciliation of subsequently generated transition of care C- external/unverified data. CDA documents.

Relied upon software: Cerner MPages

Cerner 2015 Edition Certified Health IT V. 32 Page 44 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(b)(3) Includes the capability to transmit and receive Required costs include software licenses for To transact on the Surescripts electronic prescribing network, prescribers must be Electronic Prescribing prescription messages according to National PowerChart (or PowerChart Ambulatory or registered with Surescripts and obtain an SPI (Surescripts Provider ID). With standard Council for Prescription Drug Programs’ PowerChart ASP), PowerOrders, Cerner ePrescribe, implementation, external Rx history data is available for outpatient encounters and at (NCPDP) 10.6 standard for the New, Change, and a Multum content subscription. For client-hosted discharge only for inpatient and emergency department encounters. Availability of Cancel, Refill, Fill Status, and Medication (CHO) clients, additional costs for a VPN solution to external Rx history data at admission for inpatient and emergency department History transactions, along with enforcing securely connect the Millennium domain to Cerner’s encounters is subject to additional costs. leading/trailing zeros logic and mL dosing units ePrescribing Hub may apply. for oral liquid medications. The certified capability includes notification alert messages to providers for electronic Additionally, although out of scope for the criterion, prescription failures. If the transmission of a prescription order to a pharmacy fails for Cures Update criterion certification available ePrescribing of Controlled Substances (EPCS) may any reason, a routing error message will be sent to either the ordering provider's as of product version 2018 (requires a require additional licensing and costs if a client Message Center or their designate (pool). minimum sub-release of Cerner Millennium chooses to leverage that capability. 2018.01.09). In addition to Surescripts pre-requisites, successful implementation and use of the certified capabilities requires that a provider’s demographic information (address, phone, Relied upon software: Cerner ePrescribe fax, identifiers) be configured in the Millennium environment. Millennium pharmacy order catalog (including Multum content updates) must also be maintained to reflect the commercial availability of prescription products.

§ 170.315(d)(1) Support unique user identification, enables No required costs or fees – the capabilities are Configuration of Millennium Core Security for user account security privileges, Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT module authentication parameters, and related access controls is required for use of the certified Control, Authorization username/password) to gain access to itself, and no separate licensing is required for the capability. As a part of standard implementation, defining and administering users, electronic health information, and includes certified capability apart from the licensing required security roles, authorization and authentication parameters, and the like is required. the ability to control the specific access and for the Health IT module. privilege rights a user is granted. Use of any advanced authentication methodologies, such as biometrics or cryptographic methods used in two-factor authentication, are beyond the scope of certified product Relied upon software: N/A capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities, but are not incompatible with their use.

§ 170.315(d)(2) Supports event creation capabilities for No required costs or fees – the capabilities are Configuration of the Millennium Core Audit Service, including enabling of desired audit Auditable Events and security auditing of access to and actions on considered a core component of the Health IT module events for logging and hash algorithm for tamper detection of captured audit data, must Tamper-Resistance ePHI via the PowerChart application, including itself, and no separate licensing is required for the be completed for use of the certified capabilities. integrity protection of recorded audit logs. certified capability apart from the licensing required Auditing of access to health information via for the Health IT module. If a third-party audit reporting application is used, configuration of audit events to be Cerner’s Ignite Millennium API is separately securely transmitted from Millennium is required. Audit event data is captured and certified under the 170.315(d)(10) criterion. Optional costs include the P2Sentinel Listener to transmitted outbound to the audit log repository in XML format according to the Audit enable audit events to be sent from the Millennium Trail and Node Authentication (ATNA) profile standard message structure and may be Cures Update criterion certification available platform on which the certified product operates to subject to customization or modification to conform to the inbound formatting as of product version 2018. an external third-party audit reporting application. requirements of any such third-party application. Additional services-related costs may apply for Relied upon software: ntpd (Linux) configuration of outbound audit event data to meet the formatting constraints of any such third-party audit reporting application. § 170.315(d)(3) Enables creation of sortable audit reports for No required costs or fees – the capabilities are Reporting capabilities for audit events and data from the certified product that are Audit Report(s) specific time frames, and based on specific considered a core component of the Health IT module captured via Millennium Core Audit Service require use of an external audit repository parameters such as user ID, patient ID, type of itself, and no separate licensing is required for the and reporting application to which audit data is securely transmitted after capture action, etc. certified capability apart from the licensing required supporting physical separation of the audit log from the HIT module that is the subject of for the Health IT module. Use of P2Sentinel as the the audit in accordance with good security practices. P2Sentinel is recommended as the audit repository and reporting application is audit reporting application, but third-party applications may also be leveraged.

Cerner 2015 Edition Certified Health IT V. 32 Page 45 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Cures Update criterion certification available recommended and is subject to additional licensing as of product version 2018. costs if utilized. If a certified third-party audit Access to audit reports for access to health information via Cerner’s Ignite Millennium API reporting application (e.g. Fair Warning) is used in in the Cerner Sentinel (Cloud Auditing) reporting application requires Cerner Cloud Relied upon software: ntpd (Linux), Cerner place of P2Sentinel, a license for the P2Sentinel account set up, which can be managed at an enterprise level. Sentinel (Cloud Auditing) Listener is recommended (but not required). If a third-party audit reporting application is used, implementation of the P2Sentinel Reporting capabilities for auditing of access to health Listener is highly recommended as best practice for interfacing data from the Millennium information via Cerner’s Ignite Millennium API are environment to the foreign application. Without it, there is potential for communication available within the Cerner Sentinel (Cloud Auditing) issues with residual impact on system performance in Millennium. reporting application and are not subject to additional cost. Audit data for access to health information via Cerner’s Ignite Millennium API is uniquely accessible using the Cerner Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format from the Cerner Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require additional customization or modification of the event data to align with inbound formatting requirements of the third-party application.

§ 170.315(d)(4) Enables recording of an amendment to a No mandatory costs or fees – the capabilities are It is assumed that client definition and use of amendment capabilities should be flexible Amendments patient record based on a patient request, as considered a core component of the Health IT module based on their form and manner of recording patient requested amendments. well as the patient requests for amendment to itself, and no separate licensing is required for the Amendments of ePHI maintained in non-certified systems is beyond the scope of Cerner's their health record, including identification of certified capability apart from the licensing required certified capability but Cerner recognizes they may be in use for maintenance of ePHI whether the amendment was approved or for the Health IT module. beyond the scope of records maintained by the certified system. denied. To the extent there is desire to leverage existing Documentation templates can be defined both for recording patient requests/provider Relied upon software: N/A documentation capabilities (e.g. PowerForms or response and for the substance of the amendment request content. Accepting the Clinical Documentation templates) to support amendment request into the record may involve use of additional documentation tools documenting amendment requests, costs apply for to create and maintain medical record entries out of amendment requests, such as for licensing those components for their broader documenting a patient's home medications or recording patient contributed health purpose, but no distinct or additional costs apply for information, depending on its form. their use in support of this capability. § 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – the capabilities are Use of the certified capability requires configuration at the Millennium application server Automatic Access session after a specified period of inactivity considered a core component of the Health IT module level that is typically performed at a network administrator task for consistency across Time-out requiring re-authentication. itself, and no separate licensing is required for the individual users and workstations. certified capability apart from the licensing required Relied upon software: N/A for the Health IT module. § 170.315(d)(6) Enables a limited set of specified users to No associated costs or fees – the capabilities are Use of business continuity and disaster recovery techniques and tools are beyond the Emergency Access access electronic health information in considered a core component of the Health IT module scope of the intent of emergency access capabilities within the certified product but are emergency scenarios. itself, and no separate licensing is required for the relevant for HIPAA Security compliance and overall security risk assessment processes. certified capability apart from the licensing required Relied upon software: N/A for the Health IT module. To enable the certified capability to be used, configuration of user positions with privilege to invoke the emergency access relationship type must be defined. This capability allows for override of restrictions on a user's ability to access records beyond the organization they are associated to, of encounter records marked as subject to confidentiality levels

Cerner 2015 Edition Certified Health IT V. 32 Page 46 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

and based upon the access rights that may be defined for the emergency mode of access relationship type.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – the capabilities are Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health considered a core component of the Health IT module capabilities within scope of the certified product. Encryption capabilities for server-side Encryption information processed in the PowerChart itself, and no separate licensing is required for the or data center hosting and ad hoc user actions to export ePHI for local/personalized application locally to end-user devices (e.g. certified capability apart from the licensing required storage is beyond the scope of certification testing for the criterion. temp files, cookies, caches). for the Health IT module.

Relied upon software: N/A § 170.315(d)(8) Enables verification that health information Required costs beyond the licensing required for the Integrity protection is enabled principally for secure transport of clinical information Integrity exchanged electronically (both outbound and Health IT module include a software license for the between entities for those end points and transacting capabilities intended for use with inbound) has not been altered during transmit Cerner Direct HISP. the certified Health IT module. Unsecure transport methods for transport of ePHI via use of message digests produced by hash between entities may lead to risk of security vulnerability and are not recommended. algorithms of SHA-2 or greater strength. *NOTE Cerner Direct HISP is already a required license for the Health IT module by virtue of its support for Use of the certified capability requires full implementation and onboarding of the Cerner Relied upon software: N/A the 170.315(h)(1) criterion Direct HISP for the given Millennium environment.

§ 170.315(d)(9) Enables the secure encryption and integrity- No associated costs or fees – the capabilities are For secure data exchange in the context of patient health information capture Trusted Connection protection of electronic health information considered a core component of the Health IT module (170.315(e)(3)), full successful implementation is dependent upon Websphere application transmitted to external applications via API for itself, and no separate licensing is required for the server (WAS) configuration including TLS v1.2 communications security and digital patient access, and contribution of data to certified capability apart from the licensing required certificates with SHA-2 support. In the case of transmission to external applications via Millennium from external applications for for the Health IT module. API for patient access (170.315(g)(7)-(9)), secure exchange is inherent with a full patient health information capture. implementation of the Ignite Millennium API.

Relied upon software: N/A § 170.315(d)(10) Enables security auditing capabilities for Auditing of access to health information via Cerner’s Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditing Actions on access to health information via the Ignite Ignite Millennium API provided by the Cerner Sentinel requires Cerner Cloud account set up, which can be managed at an enterprise level. Health Information Millennium API, including integrity protection (Cloud Auditing) service is considered embedded with of recorded audit logs. Auditing of access to the licensing of the Health IT module itself and is not The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed and ePHI via PowerChart is certified separately subject to additional cost. does not require or support management of specific events of interest to be logged as under the 170.315(d)(2) criterion. the big data foundation model follows an approach of always sending everything.

Cures Update criterion certification available as of product version 2018.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 47 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A § 170.315(e)(3) Includes the capability for patients or their Required costs include software licenses for The product’s certification for Patient Health Information Capture is compatible with the Patient Health authorized representatives to securely and PowerChart (or PowerChart Ambulatory or use of third-party patient portals or similar patient-facing applications as a data Information Capture electronically provide health information from PowerChart ASP) and Advanced Care Documentation contribution source from which patients (or their authorized representatives) can non-clinical settings to providers and care (PowerForms) for capture of hyperlinks to patient- securely and electronically share health information with their providers in Millennium. team members for incorporation into their provided health information in the EHR. The Due to the open nature of the Messaging REST service through which data is transmitted health record. Messaging REST service through which data is inbound to Millennium, no specific contract or agreement is required between Cerner transmitted inbound to Millennium is embedded with and any third-party application developers to enable connection. Relied upon software: N/A Cerner Millennium at no additional cost. Capture of patient-provided hyperlinks to patient health information is performed via use of a select PowerForm.

Successful implementation of the certified capabilities requires up-front code installation and configuration of the Messaging REST service (RESTful API). For a third-party application (e.g. patient portal, mobile health app, etc) to be compatible as a data contribution source, it must be capable of calling an API over Hypertext Transfer Protocol Secure (HTTPS). Additional pre-requisite configurations requiring technical knowledge for the implementation also apply. Services are available for initial setup of the REST service to be called by a chosen third-party application, but further specifics are dependent on unique implementation considerations for the particular third-party application.

Authentication and authorization from third-party applications accessing the REST service requires OAuth, for which configuration is an additional pre-requisite for client-hosted (CHO) clients. To positively identify and associate contributed data with a unique patient, a method for transmitting a patient identifier from Cerner to the third-party application to be passed back into Cerner with the data submissions is a pre-requisite for certified functionality. For credit on the associated objective measurement, patient-provided health information must be stored to the record by saving the message to chart.

*HealtheLife is also certified to the criterion and allows for a formal contribution method dependent on licensing and use of the HealtheLife patient portal’s messaging feature.

§ 170.315(g)(2) Enables calculation of numerator and Required costs include software licenses for Standard functional reports for automated measure calculation are designed to work in Automated Measure denominator values for the following Stage 3 PowerChart (or PowerChart Ambulatory or coordination with certified product capabilities and workflows. Information on the design Calculation Promoting Interoperability (PI) measures for PowerChart ASP) and Business Objects. assumptions of the reports is available in Cerner Reference Pages documentation. performance/reporting year 2019+: Medicare PI Use of self-developed components or use of workflows that are beyond the scope of the • e-Prescribing (EH/CAH & EC) design assumptions of the standard reporting may not result in measurement consideration. Use of self-developed reporting or process to compile numerator and

Cerner 2015 Edition Certified Health IT V. 32 Page 48 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

• *Verify Opioid Treatment denominator data from different sources than the certified product is outside scope of Agreement (EH/CAH & EC) Cerner's certified capabilities. • *Support Electronic Referral Loops by Sending Health Information To enable the certified capability to be used configuration in the Cerner Bedrock wizard (EH/CAH & EC) for definition of denominator populations and for measure definitions is required. • Support Electronic Referral Loops Operations processes must also be implemented to support data loads for the reporting by Receiving and Incorporating period. If reporting requirements change because of CMS policy clarifications or due to Health Information (EH/CAH & EC) identification of error correction needs in reporting logic, this can require historical loads • Provide Patients Electronic Access of data to assure proper measure calculation and credit. to Their Health Information (EH/CAH & EC) *Measures officially recognized as certified for EH/CAH as of August 8, 2019 and for EC as of November 8, 2019

Medicaid PI (EP only) • Clinical Information Reconciliation • Computerized Physician Order Entry (CPOE) • ePrescribing • Patient Education • Patient Generated Health Data • Provide Patients Electronic Access to Their Health Information • Receive and Incorporate • Secure Messaging • Support Electronic Referral Loops by Sending Health Information • View, Download, Transmit

Relied upon software: N/A § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 49 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(g)(6) Enables the creation of a standards- Required costs include software licenses for The C-CDA creation performance capabilities are supported as per ONC policy with C-CDA Creation conformant Consolidated Clinical Document PowerChart (or PowerChart Ambulatory or certification of 170.315(b)(1), 170.315(b)(2), 170.315(b)(4), and 170.315(b)(6) criteria for Performance Architecture (C-CDA) document, including PowerChart ASP) and CAMM Digital Objects, a Cerner creation of a C-CDA documents. Appropriate implementation and maintenance of Common Clinical Data Set (CCDS) Controlled Medical Terminology (CMT) content medical code sets for vocabulary constraints and mapping of demographics data representation. subscription for SNOMED-CT, ICD-10, LOINC, HL7, CDC elements to defined standards is a pre-requisite for conformant C-CDA generation. Use of & OMB standard code sets for race & ethnicity, any non-certified capability for the recording of required structured clinical data to be Relied upon software: N/A RFC5646 standard for preferred language, UCUM, included in C-CDA documents may not be compatible with certified capabilities. CPT-4, and HCPCS, and a Multum content subscription for RxNorm, CVX, and NDC. Use of the certified capabilities requires Message Center, Clinical Reporting XR, and the Clinical Document Generator (CDG) service. For the Implantable Device List included in the Medical Equipment section of C-CDA documents, device entries with a UDI and a status of active (i.e. currently implanted) are included in the C-CDA. An additional enhancement to populate active Implant History entries without a UDI is also available for all certified code levels. Criterion scope is limited to the CCD, Referral Note, and Discharge Summary C-CDA templates.

§ 170.315(g)(7) Includes the capability to uniquely match and Required costs include a software license for To be considered “fully implemented” as required under EHR Incentive Program Application Access – authenticate a request for access to health PowerChart (or PowerChart Ambulatory or regulations, the API for API-based access and an Identity Provider (IdP) are required. Patient Selection information from an external application of PowerChart ASP) and an annual subscription and one- Cerner provides Cerner Health as the default IdP available for clients and/or their third- the patient’s choice via the Ignite Millennium time set up fee for Ignite Millennium API (the API). For party patient access solutions to integrate with. Options for IdP include: (1) Cerner Health API to the correct Millennium patient record. clients that host their own infrastructure (CHO), an IdP used for HealtheLife and the API, or (2) a third-party/client specified IdP able to be additional one-time setup cost for additional integrated with HealtheLife and the API, or (3) a third-party/client specified IdP used for Relied upon software: Ignite Millennium API infrastructure is required, and supplemental costs for consumer identity management plus Cerner Health IdP separately for the API. § 170.315(g)(8) Includes the capability to respond to RedHat Licenses, VMWare licenses, and ESX Host Application Access – authenticated requests for health information hardware may apply. Cerner Sentinel (Cloud Auditing) Clients will be responsible ensuring patient identity proofing occurs before enabling Data Category Request via the Ignite Millennium API at an individual is required for security audit purposes, but is not access to health data electronically via the API, and that the identity proofing systems are data category level for data types included in subject to additional cost (see 170.315(d)(10) integrated with the API. Clients will also be responsible for integrating applications with the Common Clinical Data Set (CCDS), criterion). the API and ensuring patient identity proofing occurs when the third-party applications including accommodation of specific call the API. dates/date ranges. In most cases, initial implementation of the API within the client's environment will be covered under the Additional usage-based limitations also apply. The base contract includes a usage-based Relied upon software: Ignite Millennium API client’s setup license, but there may be cases of limitation that will incur additional costs when usage limits are met. § 170.315(g)(9) Includes the capability to respond to implementation complexity or volume where Application Access – All authenticated requests for health information additional costs would be incurred. Potential interface Connection of a third-party/client specified IdP with the API requires that the IdP support Data Request via the Ignite Millennium API with the full services may be necessary at a cost to interface Security Assertion Markup Language (SAML) authentication standards for integration Common Clinical Data Set (CCDS) using the C- credentials and/or relationship information into with the Cerner-hosted security services. CDA Continuity of Care Document (CCD) Millennium for authorized representatives not template, including accommodation of specific otherwise known to the system until specified by the Cerner maintains ontology mappings on clients’ behalf and baseline mappings that dates/date ranges. patient for ability to leverage the patient’s consumer expose a majority of clinical data in required terminologies are included by default with a access. standard implementation. However, through the course of application adoptions, content Relied upon software: Ignite Millennium API mapping gaps may be discovered. In such cases, clients will need to submit a request to If a third-party Identity Provider (IdP) is being used for Cerner to add additional mappings that a particular application being implemented may consumer access, a one-time cost will be associated require. with set up for either integrating the IdP with the API or for Cerner Health IdP setup for the API. Developers The API can be leveraged by non-certified applications to provide View, Download, and or clients implementing direct to consumer Transmit-type functions aligning with the 170.315(e)(1) criterion, but is not directly applications (and therefore consumers themselves) certified for those capabilities. will not be charged connection or usage-based fees. Applications integrating with the API may have costs

Cerner 2015 Edition Certified Health IT V. 32 Page 50 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

unto themselves that are required by the application developer of any given consumer application.

§ 170.315(h)(1) Includes the capability to exchange health Required costs include software licenses for Use of Cerner Direct HISP requires that clients complete a current Cerner Direct Direct Project information with external entities using the PowerChart (or PowerChart Ambulatory or Messaging certificate request containing required Trust Framework contents that Direct Project standards for Secure Health PowerChart ASP), Cerner Direct HISP (*one-time set establish and validate Clients’ authenticity and parameters under which they may Transport. up fees also apply). Optional costs include licensing of participate in Direct exchange. Advanced Interoperable Solutions (AIS) for Edge Relied upon software: Cerner Direct HISP Protocol (XDR/XDM). Use of the certified capability is limited to exchange with known, trusted users who have Direct accounts. Transacting with non-Direct users is outside the scope of the certified capability. Use of this capability by providers for transitions of care is optional as CMS permits other methods of electronic transacting for objective measurement. However, possession of the certified capability for this criterion is required as part of the CEHRT definition.

Cerner 2015 Edition Certified Health IT V. 32 Page 51 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart (CQMs) See Appendix A for certified versions and CHPL listing information Certified Quality Measures (applies to 170.315(c)(1)-(3) criteria): CMS2: Preventive Care and Screening: Screening for Depression and Follow-Up Plan; CMS9: Exclusive Breast Milk Feeding; CMS22: Preventive Care and Screening: Screening for High Blood Pressure and Follow-Up Documented; CMS26: Home Management Plan of Care (HMPC) Document Given to Patient/Caregiver; CMS31: Hearing Screening Prior To Hospital Discharge; CMS32: Median Time from ED Arrival to ED Departure for Discharged ED Patients; CMS50: Closing the Referral Loop: Receipt of Specialist Report; CMS53: Primary PCI Received Within 90 Minutes of Hospital Arrival; CMS55: Median Time from ED Arrival to ED Departure for Admitted ED Patients; CMS68: Documentation of Current Medications in the Medical Record; CMS69: Preventive Care and Screening: Body Mass Index (BMI) Screening and Follow-Up Plan; CMS71: Anticoagulation Therapy for Atrial Fibrillation/Flutter; CMS72: Antithrombotic Therapy By End of Hospital Day 2; CMS74: Primary Caries Prevention Intervention as Offered by Primary Care Providers, including Dentists; CMS75: Children Who Have Dental Decay or Cavities; CMS90: Functional Status Assessments for Congestive Heart Failure; CMS102: Assessed for Rehabilitation; CMS104: Discharged on Antithrombotic Therapy; CMS105: Discharged on Statin Medication; CMS107: Stroke Education; CMS108: Venous Thromboembolism Prophylaxis; CMS111: Median Admit Decision Time to ED Departure Time for Admitted Patients; CMS113: Elective Delivery; CMS117: Childhood Immunization Status; CMS122: Diabetes: Hemoglobin A1c (HbA1c) Poor Control (> 9%); CMS124: Cervical Cancer Screening; CMS125: Breast Cancer Screening; CMS127: Pneumococcal Vaccination Status for Older Adults; CMS130: Colorectal Cancer Screening; CMS131: Diabetes: Eye Exam; CMS134: Diabetes: Medical Attention for Nephropathy; CMS135: Heart Failure (HF): Angiotensin- Converting Enzyme (ACE) Inhibitor or Angiotensin Receptor Blocker (ARB) Therapy for Left Ventricular Systolic Dysfunction (LVSD); CMS137: Initiation and Engagement of Alcohol and Other Drug Dependence Treatment; CMS138: Preventive Care and Screening: Tobacco Use: Screening and Cessation Intervention; CMS139: Falls: Screening for Future Fall Risk; CMS144: Heart Failure (HF): Beta-Blocker Therapy for Left Ventricular Systolic Dysfunction (LVSD); CMS145: Coronary Artery Disease (CAD): Beta-Blocker Therapy-Prior Myocardial Infarction (MI) or Left Ventricular Systolic Dysfunction (LVEF <40%); CMS146: Appropriate Testing for Children with Pharyngitis; CMS147: Preventive Care and Screening: Influenza Immunization; CMS149: Dementia: Cognitive Assessment; CMS153: Chlamydia Screening for Women; CMS154: Appropriate Treatment for Children with Upper Respiratory Infection (URI); CMS155: Weight Assessment and Counseling for Nutrition and Physical Activity for Children and Adolescents; CMS156: Use of High-Risk Medications in the Elderly; CMS157: Oncology: Medical and Radiation - Pain Intensity Quantified; CMS159: Depression Remission at Twelve Months; CMS161: Adult Major Depressive Disorder (MDD): Suicide Risk Assessment; CMS165: Controlling High Blood Pressure; CMS177: Child and Adolescent Major Depressive Disorder (MDD): Suicide Risk Assessment; CMS190: Intensive Care Unit Venous Thromboembolism Prophylaxis; CMS 506: Safe Use of Opioids - Concurrent Prescribing Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(c)(1) Includes the capability to record the data Required costs include a Quality Reporting content The Quality Clearinghouse (QCH) is a centrally maintained clearinghouse that is CQMs – Record & Export required for Clinical Quality Measure (CQM) subscription and software licenses for the following: embedded with the subscription to Cerner Quality Reporting – it is solely compatible with calculations in a codified manner appropriate PowerChart (or PowerChart Ambulatory or the electronic health record maintained in Cerner Millennium as a source clinical system for the measures to which the product is PowerChart ASP); SAP Business Objects for Lighthouse and is not intended for use as a separate data warehouse. Use of on-demand generation certified, and the ability for an authorized user (or HealtheEDW or PowerInsight EDW or PowerInsight and export of QRDA data files is intended for distinct use-cases, such as making data to generate QRDA Category I and QRDA Explorer); PowerOrders; Advanced Care available to a third-party eSubmission vendor or registry capable of receiving QRDA data Category III data files for export. Documentation (PowerForms); Cerner HIM (or files and is distinct from electronic report submission capabilities and use-cases under Abstracted Data Incoming) 170.315(c)(3). On-demand generation and export is also not typically intended for Relied upon software: Cerner Quality interactive data review/management purposes as real-time dashboard views are Reporting available within the system for such purposes.

Pre-requisites for generation and export of QRDA data files include the following implementation and configuration tasks: establishing a QCH connection for your Millennium environment and provisioning access for authorized users (one-time); package installation for eCQM and QRDA specification updates from CMS (annual + monthly releases); eCQM set up and validation (annual); eCQM data extraction/transfer from Millennium to the QCH (one-time or variable depending upon needs).

Cerner 2015 Edition Certified Health IT V. 32 Page 52 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

eCQM data available in the QCH (processing time for these daily extractions varies, but will typically complete within 2-3 days). eCQM data refreshes can also be performed on an ad hoc basis if preferred, but would require an extra step to initiate the extraction/transfer process manually for each refresh.

On-demand QRDA data files are available for the current and immediate previous calendar year (CY) on a rolling basis. File generation is supported for dates that fall within the CY to which the measure and QRDA file specifications apply. For example, date ranges within CY 2019 are available for generation using the applicable measure and QRDA file specifications for CY 2019. Export of QRDA data files where the date range differs from the measure and QRDA file specification year are considered beyond scope of the certified capabilities and require additional developer assistance.

Detailed specifications for eCQM data loads is published in Cerner’s Overview of 2015 Edition Certification Criteria for Clinical Quality Measures Reference Page.

§ 170.315(c)(2) Includes the capability for an authorized user Required costs include a Quality Reporting content QRDA data file import is intended most typically for the integration of data from third- CQMs – Import & to import QRDA Category I data files and subscription and software licenses for the following: party clinical source systems for Quality Reporting purposes particularly to support Calculate perform Clinical Quality Measure (CQM) PowerChart (or PowerChart Ambulatory or consolidation of quality measurement data when clients transition from a third party EHR calculations for the data for the measures to PowerChart ASP); SAP Business Objects for Lighthouse to Cerner mid-reporting period for one reporting submission. Import functionality does which the product is certified. (or HealtheEDW or PowerInsight EDW or PowerInsight not create new medical record entries in the electronic health record maintained in Explorer); PowerOrders; Advanced Care Millennium and is not intended to be used as an alternative for foreign systems Relied upon software: Cerner Quality Documentation (PowerForms); Cerner HIM (or interfacing of source medical record data into the EHR as would be performed for medical Reporting Abstracted Data Incoming) record conversion across EHR systems.

Pre-requisites for import of QRDA data files include the following implementation and configuration tasks: establishing a QCH connection for your Millennium environment and provisioning access for authorized users (one-time); eCQM and QRDA import package installation for CMS specification updates (annual + monthly releases); eCQM set up and validation (annual); setup of QRDA Shell Script and execution authorization for appropriate users (one-time).

The capability to import QRDA data files from an external third-party source system is available for appropriately licensed clients with pre-requisite configuration and implementation tasks completed. Imports are processed via script execution in the Cerner Millennium domain to load the data and require appropriate user authorization and authentication to perform. Once QRDA data file import is processed successfully, additional steps are required for extraction of data to the QCH to enable inclusion in on- demand QRDA data file generation and export, or with electronic report submission. QRDA data file import capabilities support annual specifications for the current and

Cerner 2015 Edition Certified Health IT V. 32 Page 53 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

immediate prior year on a rolling basis and are specific to the CMS and HL7 specifications for the same reporting year.

Imported eCQM data is stored to the Quality Reporting schema in the Millennium environment, which is separate from the Millennium environment’s clinical EHR database. Accordingly, while de-duplication of data for matching person identifiers is enabled across individual imported QRDA data files, de-duplication is not performed against the local Millennium EHR’s patient records. De-duplication against local Millennium records would require interfacing of source clinical data to the Millennium clinical EHR database directly, which is out of scope for this criterion.

*For clients under Cerner’s hosted/ASP models, QRDA import is performed by Cerner acting in the role of a user on behalf of the client as a part of the services agreement *For clients under Cerner’s hosted/ASP models, pre-requisite tasks are typically performed by Cerner acting in the role of a user on behalf of the client as a part of the services agreement *Detailed guidance for pre-requisite implementation and configuration tasks is published in Cerner’s Overview of 2015 Edition Certification Criteria for Clinical Quality Measures Reference Page.

§ 170.315(c)(3) Includes the capability to create QRDA Required costs include a Quality Reporting content PowerChart (CQMs) supports eSubmission for regulatory programs (e.g. CMS or TJC CQMs – Report Category I and III data files for reporting subscription and software licenses for the following: eCQMs). For those clients using Cerner as their data submission vendor, and who rely on submission for the measures to which the PowerChart (or PowerChart Ambulatory or services to support that eSubmission, specific timeline requirements apply for registration product is certified. PowerChart ASP); SAP Business Objects for Lighthouse of intent to use Cerner as a data submissions vendor and for making data available from (or HealtheEDW or PowerInsight EDW or PowerInsight the source clinical system(s). These are published on Cerner’s Eligible Provider Quality Cures Update criterion certification available Explorer); PowerOrders; Advanced Care Reporting Reference Page for Ambulatory clients, and on Cerner’s Meaningful Use as of product version 2018. Documentation (PowerForms); Cerner HIM (or Hospital eCQM Reference Page for Hospital clients. Pre-requisite implementation and Abstracted Data Incoming) configuration tasks also apply and include the following: establishing a QCH connection Relied upon software: Cerner Quality for your Millennium environment and provisioning access for authorized users (one-time); Reporting package installation for eCQM and QRDA specification updates from CMS (annual + monthly releases); eCQM set up and validation (annual); eCQM data extraction/transfer from Millennium to the QCH (one-time per submission)

Cerner 2015 Edition Certified Health IT V. 32 Page 54 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

eSubmission and data qualification is constrained to the data loaded in Millennium for the chosen measures and associated reporting period.

§ 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are N/A Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT module Control, Authorization username/password) to gain access to itself, and no separate licensing is required for the electronic health information in Cerner certified capability apart from the licensing required Millennium PowerChart and the Quality for the Health IT module. Clearinghouse, and includes the ability to control the specific access and privileges a user is granted.

Relied upon software: N/A § 170.315(d)(2) Supports event creation capabilities for No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and security auditing of access to and actions on capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance ePHI within the Quality Clearinghouse, Auditing) service are considered embedded with the including integrity protection of recorded licensing of the Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed and audit logs. does not require or support management of specific events of interest to be logged as the big data foundation model follows an approach of always sending everything. Cures Update criterion certification available as of product version 2018.

Relied upon software: Cerner Sentinel (Cloud Auditing), ntpd (Linux) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames. audit reporting capabilities provided by the Cerner requires Cerner Cloud account set up, which can be managed at an enterprise level. Sentinel (Cloud Auditing) reporting application is Cures Update criterion certification available available via licensing of the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner as of product version 2018. Sentinel audit repository, which is uniquely accessible using the Cerner Sentinel (Cloud Auditing) reporting application. Export of audit data in CSV format from the Cerner Relied upon software: Cerner Sentinel (Cloud Sentinel audit repository for incorporation into a third-party application is enabled via Auditing), ntpd (Linux) Secure File Transfer Protocol (SFTP), but may require additional customization or modification of the event formatting to align with inbound formatting requirements of the third-party.

§ 170.315(d)(5) Enables automatic termination of a user No associated costs or fees – The capabilities are The automatic time-out capability is enabled by default and set to execute at a standard Automatic Access session in the Quality Clearinghouse after a considered a core component of the Health IT module inactivity period for all clients/users. Time-out specified period of inactivity itself, and no separate licensing is required for the certified capability apart from the licensing required Relied upon software: N/A for the Health IT module. 170.315(d)(12) Identifies whether the certified product N/A N/A Encrypt Authentication enables FIPS 140-2 compliant encryption or Credentials cryptographic hashing of end-user credentials stored within the product. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2018.

Cerner 2015 Edition Certified Health IT V. 32 Page 55 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 56 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart (Health Care Surveys) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are Configuration of user accounts with associated security privileges, authentication Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT module parameters, and related access controls is required for use of the certified capability. Control, Authorization username/password) to gain access to itself, and no separate licensing is required for the electronic health information, and includes certified capability apart from the licensing required Use of any advanced authentication methodologies, such as biometrics or cryptographic the ability to control the specific access and for the Health IT module. methods used in two-factor authentication, are beyond the scope of certified product privilege rights a user is granted. capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user Relied upon software: Cerner PowerChart account/credential management are beyond the scope of the certified capabilities.

§ 170.315(d)(2) Supports event creation capabilities for No required costs or fees – the capabilities are Configuration of the Millennium Core Audit Service, including enabling of desired audit Auditable Events and security auditing of processing and disclosure considered a core component of the Health IT module events for logging and hash algorithm for tamper detection of captured audit data, must Tamper-Resistance of ePHI by the PowerChart application for itself, and no separate licensing is required for the be completed for use of the certified capabilities. generating and submission of National Health certified capability apart from the licensing required Care Surveys (NHCS) reports, including for the Health IT module. If a third-party audit reporting application is used, configuration of audit events to be integrity protection of recorded audit logs. securely transmitted from Millennium is required. Audit event data is captured and Optional costs include the P2Sentinel Listener to transmitted outbound to the audit log repository in XML format according to the Audit Cures Update criterion certification available enable audit events to be sent from the Millennium Trail and Node Authentication (ATNA) profile standard message structure and may be as of product version 2018. platform on which the certified product operates to subject to customization or modification to conform to the inbound formatting an external third-party audit reporting application. requirements of any such third-party application. Relied upon software: Cerner PowerChart Additional services-related costs may apply for configuration of outbound audit event data to meet the formatting constraints of any such third-party audit reporting application. § 170.315(d)(3) Enables creation of sortable audit reports for No required costs or fees – the capabilities are Reporting capabilities for audit events and data from the certified product that are Audit Report(s) specific time frames, and based on specific considered a core component of the Health IT module captured via Millennium Core Audit Service require use of an external audit repository parameters such as user ID, patient ID, type of itself, and no separate licensing is required for the and reporting application to which audit data is securely transmitted after capture action, etc. certified capability apart from the licensing required supporting physical separation of the audit log from the HIT module that is the subject of for the Health IT module. Use of P2Sentinel as the the audit in accordance with good security practices. P2Sentinel is recommended as the Cures Update criterion certification available audit repository and reporting application is audit reporting application, but third-party applications may also be leveraged. as of product version 2018. recommended and is subject to additional licensing costs. If a certified third-party audit reporting If a third-party audit reporting application is used, implementation of the P2Sentinel Relied upon software: Cerner PowerChart application (e.g. Fair Warning) is used in place of Listener is highly recommended as best practice for interfacing data from the Millennium P2Sentinel, a license for the P2Sentinel Listener is environment to the foreign application. Without it, there is potential for communication recommended (but not required). issues with residual impact on system performance in Millennium.

§ 170.315(d)(7) The certified product is designed to prevent No required costs or fees – the capabilities are Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health considered a core component of the Health IT module capabilities within scope of the certified product. Encryption capabilities for server-side Encryption information processed via the PowerChart itself, and no separate licensing is required for the or data center hosting and ad hoc user actions to export ePHI for local/personalized application locally to end-user devices (e.g. certified capability apart from the licensing required storage is beyond the scope of certification testing for the criterion. temp files, cookies, caches). for the Health IT module.

Relied upon software: Cerner PowerChart 170.315(d)(12) Identifies whether the certified product N/A N/A enables FIPS 140-2 compliant encryption or

Cerner 2015 Edition Certified Health IT V. 32 Page 57 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Encrypt Authentication cryptographic hashing of end-user credentials Credentials stored within the product. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. Certification available as of product version 2018.

Relied upon software: N/A § 170.315(f)(7) Enables creation of health care survey Required costs include software licenses for The certified capabilities are exclusively intended for purpose of submission to the Center Transmission to Public information formatted according to the HL7 PowerChart (or PowerChart Ambulatory or for Disease Control’s (CDC) National Center for Health Statistics (NCHS) NHCS registry. Health Agencies — Clinical Document Architecture (CDA) PowerChart ASP), and CAMM Digital Objects, and a Any use for ancillary purpose would be outside the scope of the certified criterion. Health Care Surveys standards for National Health Care Surveys Cerner Controlled Medical Terminology (CMT) content Participation in the NHCS registry is subject to CDC selection and request for active (NHCS) – specifically, version 1.2 of the subscription for vocabulary standards mapping. submission. Implementation Guide (IG). A one-time fee for implementation services is The scope of this certification is also isolated to the creation of conformant NHCS Clinical Relied upon software: N/A recommended to ensure proper configuration of Document Architecture (CDA) documents and does not include actual transmission of the templates and data sources, but not required. data for submission to the registry. Emergency Medicine (FirstNet) software license is also a recommended cost; if Cerner’s FirstNet system is To enable the certified capability to be used, accurate population of required elements in not used in the Emergency Department (ED), the NHCS CDA templates is dependent on the activity and reference data being available additional costs may be incurred for inbound in the appropriate location and format in the Cerner Millennium database. This may interfacing of data required for ED encounters from require adoption of new or modified end-user workflows. For Emergency Department third-party system to support applicable NHCS (ED) encounters required to be submitted for specific Survey classifications, this may reporting submissions. require additional inbound interfacing of clinical event data if Cerner’s FirstNet ED system is not in use. § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 58 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart (Immunizations) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are Configuration of Millennium Core Security for user account security privileges, Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT authentication parameters, and related access controls is required for use of the certified Control, Authorization username/password) to gain access to module itself, and no separate licensing is required capability. As a part of standard implementation, defining and administering users, electronic health information, and includes the for the certified capability apart from the licensing security roles, authorization and authentication parameters, and the like is required. ability to control the specific access and required for the Health IT module. privilege rights a user is granted. Use of any advanced authentication methodologies, such as biometrics or cryptographic methods used in two-factor authentication, are beyond the scope of certified product Relied upon software: N/A capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user account/credential management are beyond the scope of the certified capabilities, but are not incompatible with their use.

§ 170.315(d)(2) Supports event creation capabilities for security No required costs or fees – the capabilities are Configuration of the Millennium Core Audit Service, including enabling of desired audit Auditable Events and auditing of access to and actions on ePHI within considered a core component of the Health IT events for logging and hash algorithm for tamper detection of captured audit data, must Tamper-Resistance PowerChart for activities related to module itself, and no separate licensing is required be completed for use of the certified capabilities. immunizations reporting, including integrity for the certified capability apart from the licensing protection of recorded audit logs. required for the Health IT module. If a third-party audit reporting application is used, configuration of audit events to be securely transmitted from Millennium is required. Audit event data is captured and Cures Update criterion certification available as Optional costs include the P2Sentinel Listener to transmitted outbound to the audit log repository in XML format according to the Audit of product version 2018. enable audit events to be sent from the Millennium Trail and Node Authentication (ATNA) profile standard message structure and may be platform on which the certified product operates to subject to customization or modification to conform to the inbound formatting Relied upon software: N/A an external third-party audit reporting application. requirements of any such third-party application. Additional services-related costs may apply for configuration of outbound audit data to meet the formatting constraints of any such third-party audit reporting application. § 170.315(d)(3) Enables creation of sortable audit reports for Required costs include a software license for Reporting capabilities for audit events and data from the certified product that are Audit Report(s) specific time frames, and based on specific PowerChart (or PowerChart Ambulatory or captured via Millennium Core Audit Service require use of an external audit repository parameters such as user ID, patient ID, type of PowerChart ASP). Use of P2Sentinel as the audit and reporting application to which audit data is securely transmitted after capture action, etc. repository and reporting application is supporting physical separation of the audit log from the HIT module that is the subject of recommended and is subject to additional licensing the audit in accordance with good security practices. P2Sentinel is recommended as the Cures Update criterion certification available as costs. If a certified third-party audit reporting audit reporting application, but third-party applications may also be leveraged. of product version 2018. application (e.g. Fair Warning) is used in place of P2Sentinel, a license for the P2Sentinel Listener is If a third-party audit reporting application is used, implementation of the P2Sentinel Relied upon software: N/A recommended (but not required). Listener is highly recommended as best practice for interfacing data from the Millennium environment to the foreign application. Without it, there is potential for communication issues with residual impact on system performance in Millennium.

§ 170.315(d)(7) The certified product is designed to prevent No required costs or fees – the capabilities are Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health considered a core component of the Health IT capabilities within scope of the certified product. Encryption capabilities for server-side Encryption information processed via PowerChart locally module itself, and no separate licensing is required or data center hosting and ad hoc user actions to export ePHI for local storage is beyond to end-user devices (e.g. temp files, caches). for the certified capability apart from the licensing the scope of the criterion. required for the Health IT module.

Cerner 2015 Edition Certified Health IT V. 32 Page 59 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases. Certification available as of product version 2018.

Relied upon software: N/A § 170.315(f)(1) Includes the ability to record immunizations Required costs include software licenses for For interfacing with the external immunization registry, specific configuration Transmission to data codified using National Drug Code (NDC) PowerChart (or PowerChart Ambulatory or requirements are necessary. The interfacing can be configured as either a direct point-to- Immunization Registries identifiers for administered vaccines and Codes PowerChart ASP), Medication Administration Record, point connection through Foreign System Interfaces and the reporting registry OR for Vaccines Administered (CVX) identifiers for CAMM Digital Objects, and Cerner Hub – configured as a connection through Cerner Hub services for reporting immunization data historical vaccines, with subsequent creation of Immunizations or Vaccinations Outgoing Interface. to the registry. Connecting via the Hub for immunization query capabilities is highly immunization messages formatted according to recommended to accommodate variances and unique connection dependencies across HL7 and CDC standards, along with the ability Optional costs include the following: Cerner Point of individual IIS registries, but it is also acceptable for a client to create their own transport to query for and access/display a patient’s Care and/or CareAware Connect for automated mechanism via an interface engine or other means capable of satisfying their IIS registry's immunizations history and forecast according documentation of vaccine administration (including requirements. to HL7 and CDC standards. recording of NDC codes) via barcode scanning, Cerner MPages for use of the Immunizations For the Millennium 2018.01 release platform, USB-connected scanners are required if the Relied upon software: Cerner Medication Workflow component, and Cerner Immunizations optional Medication Administration Wizard (MAW) is used for automated documentation Administration Record (MAR), Cerner Hub – Registry Query (Hub) for registry query connection. If of vaccine administration via barcode scanning (PS/2 scanner connections will not be Immunizations OR Vaccinations Outgoing choosing to leverage barcode medication compatible). Interface administration capabilities for recording vaccine administration with capture of National Drug Code Successful implementation of the certified capabilities requires configuration of the (NDC), additional costs may apply for handheld Workflow MPages Immunizations component or the Immunization Schedule for charting scanner hardware. of historical vaccines. For charting of new vaccine administrations and recording of the administered NDC, vaccine pharmacy formulary details and supply chain locations where vaccines are stocked should be configured, along with enabling Lot selection in the medication administration window. Registry Import must be configured for querying the external registry to access immunization history and display forecast. Configuring the Immunization Ad Hoc preference to disable charting from Immunization Schedule is recommended, but not required.

Cerner 2015 Edition Certified Health IT V. 32 Page 60 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Other considerations include the following: if charting immunizations ad-hoc directly from Immunization Schedule, the system will not capture the NDC code as required for reporting; if enabling lot selection preference, the system does not allow the user to modify vaccine details after charting an administration and (user must un-chart/re-chart the administration); if a direct modification is necessary, the lot selection preference can be disabled, but Cerner intends for the preference to be enabled for inventory integration.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 61 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart Touch See Appendix A for certified versions and CHPL listing information NOTE: Beginning in Q2 2019, mobile devices used to access the PowerChart Touch application must upgrade to Apple iOS release 12.1+ for maintenance of full functional capabilities. Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(a)(1) Includes the capability to electronically record, Required costs include software licenses for Mobility As part of the appropriate use of the certified capability, clients are expected to maintain Computerized Physician change, and access a patient’s medication Extension for Physician (PowerChart Touch), currency with Multum content updates to have accurate reflection of the current Order Entry (CPOE) – orders. PowerChart (or PowerChart Ambulatory or RxNorm code set. Use of Cerner-provided ancillary department ordering conversations, PowerChart ASP) and PowerOrders, and a Multum such as are available within PharmNet, are not considered to be within scope of the Medications Relied upon software: Cerner PowerChart content subscription. Ongoing support costs are certified capabilities. required based on the solution licenses. Availability of medication orders for CPOE requires configuration and ongoing maintenance of a pharmacy order catalog and appropriate role-based security on the connected Millennium desktop environment.

§ 170.315(a)(2) Includes the capability to electronically record, Required costs include software licenses for Mobility Use of Cerner-provided ancillary departmental ordering conversations, such as are Computerized Physician change, and access a patient’s laboratory Extension for Physician (PowerChart Touch), available within PathNet, are not considered to be within scope of the certified Order Entry (CPOE) – orders. PowerChart (or PowerChart Ambulatory or capabilities. PowerChart ASP) and PowerOrders. Ongoing support Laboratory Relied upon software: Cerner PowerChart costs are required based on the solution licenses. Availability of laboratory orders for CPOE requires configuration and ongoing maintenance of a laboratory order catalog and appropriate role-based security on the connected Millennium desktop environment.

§ 170.315(a)(3) Includes the capability to electronically record, Required costs include software licenses for Mobility Use of Cerner-provided ancillary departmental ordering conversations, such as are Computerized Physician change, and access a patient’s diagnostic Extension for Physician (PowerChart Touch), available within RadNet, are not considered to be within scope of the certified Order Entry (CPOE) – imaging orders. PowerChart (or PowerChart Ambulatory or capabilities. Diagnostic Imaging PowerChart ASP) and PowerOrders. Ongoing support Relied upon software: Cerner PowerChart costs are required based on the solution licenses. Availability of diagnostic imaging orders for CPOE requires configuration and ongoing maintenance of an imaging order catalog and appropriate role-based security.

§ 170.315(a)(4) Includes the capability to detect and alert end- Required costs include software licenses for Mobility As part of the appropriate use of the certified capability, clients are expected to maintain Drug-drug, Drug-Allergy users of drug-drug and drug-allergy interactions Extension for Physician (PowerChart Touch), currency with Multum content updates to have accurate reflection of the current Interaction Checks for when placing medication orders, and the ability PowerChart (or PowerChart Ambulatory or RxNorm code set and drug-drug/drug/allergy interaction content, including reference to manage the severity level by which PowerChart ASP) and PowerOrders, and a Multum sources. Use of other Multum content is outside the scope of the certified capabilities. CPOE interaction alerts are triggered. content subscription for mCDS. Successful implementation of the certified capabilities requires Multum content Relied upon software: N/A installation and enabling of preferences for drug-drug/drug-allergy interaction checking. Clients can configure preferences to fit their individual policies for alert levels (e.g. moderate, major, contraindicated, etc.). Drug-allergy interaction checking is not supported for inactive ingredients that may be included in medications (e.g., food-based ingredients) or IV solution base components (e.g., dextrose, sodium chloride, etc.). Full details are published in Cerner’s Managing Cerner Multum Content Reference Page.

§ 170.315(a)(10) Includes the capability to automatically query Required costs include software licenses for Mobility If using Formulary & Benefit functionality included in Cerner ePrescribe, the prescriber Drug Formulary and for the existence of a drug formulary or Extension for Physician (PowerChart Touch), must be registered with Surescripts, obtain a Surescripts Provider ID (SPI), and implement Preferred Drug List preferred drug list for a particular patient and PowerChart (or PowerChart Ambulatory or both the Pharmacy Directory, and formulary checking functionality. Checks medication. PowerChart ASP), PowerOrders, Cerner ePrescribe, and a Multum content subscription. For client-

Cerner 2015 Edition Certified Health IT V. 32 Page 62 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: Cerner PowerChart hosted (CHO) clients, additional costs for a VPN It is assumed that formulary checking is enabled for all electronic prescribing workflows solution to securely connect the connected but associated objective measurement is dependent on validation that the check Millennium desktop environment to Cerner’s occurred based on evidence written to the electronic prescription activity data. Any ePrescribing Hub may apply. introduction of self-developed ordering conversations for electronic prescribing is beyond the scope of certified capabilities.

If using Millennium order catalog formulary status indicator functionality, a preference must be set to enable formulary checking, and orderables in the order catalog must be flagged with the appropriate formulary status.

§ 170.315(b)(3) Includes the capability to transmit and receive Required costs include software licenses for Mobility To transact on the Surescripts electronic prescribing network, prescribers must be Electronic Prescribing prescription messages according to National Extension for Physician (PowerChart Touch), registered with Surescripts and obtain an SPI (Surescripts Provider ID). Council for Prescription Drug Programs’ PowerChart (or PowerChart Ambulatory or (NCPDP) 10.6 standard, including for New, PowerChart ASP), PowerOrders, Cerner ePrescribe, The certified capability includes notification alert messages to providers for electronic Change, Cancel, Refill, Fill Status, and and a Multum content subscription. For client- prescription failures. If the transmission of a prescription order to a pharmacy fails, a Medication History transaction, along with hosted (CHO) clients, additional costs for a VPN routing error message is sent to either the ordering provider's Message Center or their enforcing leading/trailing zeros logic and mL solution to securely connect the desktop Millennium designate (pool). dosing units for oral liquid medications. environment to Cerner’s ePrescribing Hub may apply. In addition to Surescripts pre-requisites, successful implementation and use of the Relied upon software: Cerner PowerChart, certified capabilities requires that a provider’s demographic information (address, phone, Cerner ePrescribe fax, identifiers) be configured in the Millennium environment. Millennium pharmacy order catalog (including Multum content updates) must also be maintained to reflect the commercial availability of prescription products.

ePrescribe transactions supported natively from the PowerChart Touch application are isolated to New and Cancel Prescription message types. All additional message types require use of workflows within PowerChart on the connected Millennium desktop environment. PowerChart Touch also supports ePrescribing for Ambulatory encounters exclusively; support for Inpatient encounters requires use of PowerChart workflows on the connected Millennium desktop environment.

§ 170.315(d)(1) Supports unique user identification, enables Required costs beyond the licensing required for the Cerner’s Millennium OpenID Provider is utilized to securely integrate Millennium user Authentication, Access authentication against unique identifiers (i.e. Health IT module include a software license for identities (HNA accounts with associated credentials and security privileges) to the Control, Authorization username/password) to gain access to PowerChart (or PowerChart Ambulatory or PowerChart Touch application’s cloud-based architecture. Given the Millennium OpenID electronic health information in the PowerChart ASP). Provider’s unique integration with the underlying Millennium credentials, use of any PowerChart Touch application, and includes the third-party or custom identity management service is not enabled. ability to control the specific access and privilege rights a user is granted. Configuration of user accounts with associated security privileges, authentication parameters, and related access controls is required for use of the certified capability. Relied upon software: Cerner PowerChart The Millennium OpenID Provider requires pre-requisite configurations, including installation of the Millennium Identity server and OAuth registration. Additional network dependencies detailed on Cerner’s Millennium OpenID Provider Overview Reference Page may apply. Individual devices used for accessing the PowerChart Touch application must

Cerner 2015 Edition Certified Health IT V. 32 Page 63 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

also be provisioned through Cerner’s Device Access framework using a unique access code generated by IT staff for the initial login. Without a valid provision, users cannot access the application.

§ 170.315(d)(2) Supports event creation capabilities for security No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and auditing of access to and actions on ePHI within capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance the PowerChart Touch application, including Auditing) service are considered embedded with the integrity protection of recorded audit logs. licensing of the Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed and does not require or support management of specific events of interest to be logged as Cures Update criterion certification available as the big data foundation model follows an approach of always sending everything. of product version 4.

Relied upon software: Cerner Sentinel (Cloud Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames, and based on specific audit reporting capabilities provided by the Cerner requires Cerner Cloud account set up, which can be managed at an enterprise level. parameters such as user ID, patient ID, type of Sentinel (Cloud Auditing) reporting application is action, etc. available via licensing of the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner Sentinel audit repository, which is uniquely accessible using the Cerner Sentinel (Cloud Cures Update criterion certification available as Auditing) reporting application. Export of audit data in CSV format from the Cerner of product version 4. Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require additional customization or Relied upon software: Cerner Sentinel (Cloud modification of the event data to align with inbound formatting requirements of the Auditing) third-party application.

§ 170.315(d)(4) Enables recording of patient requests for Required costs beyond the licensing required for the Use of capabilities within the connected Millennium desktop environment for which the Amendments amendment to their health record, including Health IT module include a software license for PowerChart (Clinical) module is certified for enable the capabilities for this criterion. It is identification of whether the amendment was PowerChart (or PowerChart Ambulatory or assumed that client definition and use of amendment capabilities should be flexible approved or denied. PowerChart ASP). based on their form and manner of recording patient requested amendments. Amendments of ePHI maintained in non-certified systems is beyond the scope of Cerner's Relied upon software: Cerner PowerChart certified capability but Cerner recognizes they may be in use for maintenance of ePHI beyond the scope of records maintained by the certified system.

Documentation templates can be defined both for recording patient requests/provider response and for the substance of the amendment request content. Accepting the amendment request into the record may involve use of additional documentation tools to create and maintain medical record entries out of amendment requests, such as for documenting a patient's home medications or recording patient contributed health information, depending on its form.

Cerner 2015 Edition Certified Health IT V. 32 Page 64 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A for the certified capability apart from the licensing required for the Health IT module.

§ 170.315(d)(6) Enables a limited set of specified users to Required costs beyond the licensing required for the Use of capabilities within the connected Millennium desktop environment for which the Emergency Access access electronic health information in Health IT module include a software license for PowerChart (Clinical) product is certified for enable the capabilities for this criterion. Use emergency scenarios. PowerChart (or PowerChart Ambulatory or of business continuity and disaster recovery techniques and tools are beyond the scope PowerChart ASP). of the intent of emergency access capabilities within the certified product but are Relied upon software: Cerner PowerChart relevant for HIPAA Security compliance and overall security risk assessment processes.

To enable the certified capability to be used, configuration of user positions with privilege to invoke the emergency access relationship type must be defined. This capability allows for override of restrictions on a user's ability to access records beyond the organization they are associated to, of encounter records marked as subject to confidentiality levels and based upon the access rights that may be defined for the emergency mode of access relationship type.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – the capabilities are Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health considered a core component of the Health IT capabilities within scope of the certified product. Encryption capabilities for server-side Encryption information accessed in the PowerChart Touch module itself, and no separate licensing is required or data center hosting and ad hoc user actions to export ePHI for local/personalized application locally to end-user devices (e.g. for the certified capability apart from the licensing storage is beyond the scope of certification testing for the criterion. temp files, cookies, caches). required for the Health IT module.

Relied upon software: N/A § 170.315(d)(8) Enables verification that health information Required costs beyond the licensing required for the Use of capabilities within the connected Millennium desktop environment for which the Integrity exchanged electronically (both outbound and Health IT module include software licenses for PowerChart (Clinical) product is certified for enable the capabilities for this criterion. inbound) has not been altered during transmit PowerChart (or PowerChart Ambulatory or via use of message digests produced by hash PowerChart ASP) and Cerner Direct HISP. Integrity protection is enabled principally for secure transport of clinical information algorithms of SHA-2 or greater strength. between entities for those end points and transacting capabilities intended for use with *NOTE Cerner Direct HISP is already a required the certified Health IT module. Unsecure transport methods for ePHI between entities Relied upon software: Cerner PowerChart license for the PowerChart (Clinical) Health IT may lead to risk of security vulnerability and are not recommended. module relied upon for this criterion by virtue of its support for the 170.315(h)(1) criterion Use of the certified capability requires full implementation and onboarding of the Cerner Direct HISP for the given Millennium environment.

Cerner 2015 Edition Certified Health IT V. 32 Page 65 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases. Certification available as of product version 4.

Relied upon software: N/A § 170.315(g)(2) Enables calculation of numerator and Required costs include software licenses for Mobility Standard functional reports for automated measure calculation are designed to work in Automated Measure denominator values for the following Stage 3 Extension for Physician (PowerChart Touch), coordination with certified product capabilities and workflows. Information on the design Calculation Promoting Interoperability (PI) measures for PowerChart (or PowerChart Ambulatory or assumptions of the reports is available in Cerner Reference Pages documentation. performance/reporting year 2019+: PowerChart ASP), and Business Objects. Medicare PI Use of self-developed components or use of workflows that are beyond the scope of the • e-Prescribing (EH/CAH & EC) design assumptions of the standard reporting may not result in measurement • Verify Opioid Treatment Agreement consideration. Use of self-developed reporting or process to compile numerator and (EH/CAH only) denominator data from different sources than the certified product is outside scope of Medicaid PI (EP only) Cerner's certified capabilities. • ePrescribing • CPOE To enable the certified capability to be used configuration in the Cerner Bedrock wizard for definition of denominator populations and for measure definitions is required. Relied upon software: Cerner PowerChart Operations processes must also be implemented to support data loads for the reporting period. If reporting requirements change because of CMS policy clarifications or due to identification of error correction needs in reporting logic, this can require historical loads of data to assure proper measure calculation and credit.

§ 170.315(g)(3) Defines user-centered design processes and No associated costs or fees N/A Safety Enhanced Design assessments for applicable certified capabilities within the certified product’s scope.

Relied upon software: N/A § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 66 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Syndromic Surveillance See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Supports unique user identification, enables No associated costs or fees – The capabilities are Configuration of user accounts with associated security privileges, authentication Authentication, Access authentication against unique identifiers (i.e. considered a core component of the Health IT parameters, and related access controls is required for use of the certified capability. Control, Authorization username/password) to gain access to module itself, and no separate licensing is required electronic health information, and includes the for the certified capability apart from the licensing Use of any advanced authentication methodologies, such as biometrics or cryptographic ability to control the specific access and required for the Health IT module. methods used in two-factor authentication, are beyond the scope of certified product privilege rights a user is granted. capabilities. Similarly, use of any external authentication methods that are pass-through to the certified product's security services or external directory services for user Relied upon software: N/A account/credential management are beyond the scope of the certified capabilities.

§ 170.315(d)(2) Supports event creation capabilities for security No associated costs or fees – the security auditing Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Auditable Events and auditing of processing and disclosure of ePHI by capabilities provided by the Cerner Sentinel (Cloud requires Cerner Cloud account set up, which can be managed at an enterprise level. Tamper-Resistance the Syndromic Surveillance application, Auditing) service are considered embedded with the including integrity protection of recorded audit licensing of the Health IT module itself. The Cerner Sentinel (Cloud Auditing) service is not able to be disabled once deployed, logs. and does not require or support management of specific events of interest to be logged as the big data foundation model follows an approach of always sending everything. Cures Update criterion certification available as of product version 2021.

Relied upon software: Cerner Sentinel (Cloud Auditing) § 170.315(d)(3) Enables creation of sortable audit reports for No associated costs or fees – access to and use of the Access to audit reports in the Cerner Sentinel (Cloud Auditing) reporting application Audit Report(s) specific time frames, and based on specific audit reporting capabilities provided by the Cerner requires Cerner Cloud account set up, which can be managed at an enterprise level. parameters such as user ID, patient ID, type of Sentinel (Cloud Auditing) reporting application is action, etc. available via licensing of the Health IT module itself. Audit data logged via the Cerner Sentinel (Cloud Auditing) service is stored to the Cerner Sentinel audit repository, which is uniquely accessible using the Cerner Sentinel (Cloud Cures Update criterion certification available as Auditing) reporting application. Export of audit data in CSV format from the Cerner of product version 2021. Sentinel audit repository for incorporation into a third-party application is enabled via Secure File Transfer Protocol (SFTP), but may require additional customization or Relied upon software: Cerner Sentinel (Cloud modification of the event formatting to align with inbound formatting requirements of Auditing) the third-party.

§ 170.315(d)(7) The certified product is designed to prevent No associated costs or fees – The capabilities are Storage of data locally on end-user devices is not utilized by the applications and End-user Device any persistent storage of electronic health considered a core component of the Health IT capabilities within scope of the certified product. Encryption capabilities for server-side Encryption information processed via the Syndromic module itself, and no separate licensing is required or data center hosting and ad hoc user actions to export ePHI for local/personalized Surveillance application locally to end-user for the certified capability apart from the licensing storage is beyond the scope of certification testing for the criterion. devices (e.g. temp files, cookies, caches). required for the Health IT module.

Relied upon software: N/A 170.315(d)(12) Identifies whether the certified product N/A N/A Encrypt Authentication enables FIPS 140-2 compliant encryption or Credentials cryptographic hashing of end-user credentials stored within the product. This criterion is intended exclusively for market transparency purposes and there is no requirement to

Cerner 2015 Edition Certified Health IT V. 32 Page 67 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

implement or use any relevant capabilities. Certification available as of product version 2021.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases. Certification available as of product version 2021.

Relied upon software: N/A § 170.315(f)(2) Enables creation and transmission of public Required costs include software licenses for To enable the certified capability to be used, a data feed must be configured for Transmission to Public health surveillance data to external public PowerChart or Emergency Medicine (FirstNet) and interfacing from Cerner Millennium to the Syndromic Surveillance product application. If Health Agencies — health agencies formatted according to the HL7 Cerner Enterprise Registration or Revenue Cycle, or Admission/Discharge/Transfer (ADT) or observation result unsolicited interfaces from a Syndromic Surveillance 2.5.1 standards for Syndromic Surveillance. an Interface from a third-party registration system, third-party registration system into Cerner Millennium are being utilized, they are required costs. Both set up fees and support must include all required data elements as outlined by Centers for Disease Control and Relied upon software: N/A services are also required for Syndromic Surveillance. Prevention implementation guides for Cerner to begin the Syndromic Surveillance build. Additionally, A01, A03, A04, and A08 ADT triggers must be enabled. Optional costs include custom quotes for ADT Pass Through configuration for clients using a third-party registration system and data services connections to additional public health agencies. § 170.315(g)(4) Establishes controls for and monitors No associated costs or fees N/A Quality Management compliance with the quality standards under System which the included certified capabilities are developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 68 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Soarian Clinicals Certified Health IT Modules

Soarian Clinicals See Appendix A for certified versions and CHPL listing information The Soarian Clinicals certified module consists of software branded as Soarian Clinicals, Pharmacy, Med Administration Check, ePrescribing, Advanced Interoperability Service (AIS), Cerner OPENLink, Ignite Soarian API, Health Services Analytics (Soarian Quality Reporting Service (SQRS) or Healthcare Intelligence- Clinical Intelligence (CI) and Healthcare Intelligence- Quality Measures Intelligence (QMI) or Decision Support Solutions (DSS) and Soarian Quality Measures (SQM) and Healthcare Query (HQ)).

Certified Quality Measures (applies to 170.315(c)(1)-(3) criteria): CMS9: Exclusive Breast Milk Feeding; CMS26: Home Management Plan of Care (HMPC) Document Given to Patient/Caregiver; CMS31: Hearing Screening Prior To Hospital Discharge; CMS32: Median Time from ED Arrival to ED Departure for Discharged ED Patients; CMS53: Primary PCI Received Within 90 Minutes of Hospital Arrival; CMS55: Median Time from ED Arrival to ED Departure for Admitted ED Patients; CMS71: Anticoagulation Therapy for Atrial Fibrillation/Flutter; CMS72: Antithrombotic Therapy By End of Hospital Day 2; CMS102: Assessed for Rehabilitation; CMS104: Discharged on Antithrombotic Therapy; CMS105: Discharged on Statin Medication; CMS107: Stroke Education; CMS108: Venous Thromboembolism Prophylaxis; CMS111: Median Admit Decision Time to ED Departure Time for Admitted Patients; CMS113: Elective Delivery; CMS190: Intensive Care Unit Venous Thromboembolism Prophylaxis; CMS 506: Safe Use of Opioids - Concurrent Prescribing Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(a)(1) CPOE Medications (Order, Change, and Access) A Soarian Clinicals software license and standard As to the intended use of certified capability it is assumed that clients are expected to CPOE Medications applies to the ONC 2015 Edition certification First Data Bank (FDB) content (which is included) is maintain currency with software and content updates. criterion utilized by a variety of federal and required. To enable the certified capability to be state programs. Includes the capability to used, standard CPOE implementation including Standard implementation for medication orders includes Pharmacy implementation but electronically record, change, and access a configuration of medication orders is required to this is out of scope of the certified capability for order entry. Use of transactions with patient’s medication orders. enable order entry. Costs may apply for optional departmental/ancillary systems are part of standard ordering implementation but are implementation services. not considered within scope of certified capability. Relied upon software: To utilize RxNorm code set for ordered medications in other capabilities such as eCQM calculation, a license for FDB’s Enhanced Interoperability Module is required. § 170.315(a)(2) CPOE Laboratory (Order, Change, and Access) This is included in the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to CPOE Laboratory applies to the ONC 2015 Edition certification module. A Soarian Clinicals software license is maintain software currency. criterion utilized by a variety of federal and required. To enable the certified capability to be state programs. Includes the capability to used, standard CPOE implementation including Standard implementation for orders may include interface implementation with ancillary electronically record, change, and access a configuration of laboratory orders is required to systems but this is out of scope of the certified capability for order entry. Use of patient’s laboratory orders. enable order entry. Costs may apply for optional transactions with departmental/ancillary systems are part of standard order implementation services. implementation but are not considered within scope of certified capability. Relied upon software: N/A Implementation of specific code sets for ordered tests for use in other capabilities such as eCQM calculation may be required outside the scope of order entry. § 170.315(a)(3) CPOE Diagnostic Imaging (Order, Change, and This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to CPOE Diagnostic Imaging Access) applies to the ONC 2015 Edition modules. A Soarian Clinicals software license is maintain software currency. certification criterion utilized by a variety of required. To enable the certified capability to be federal and state. Includes the capability to used, standard CPOE implementation including Standard implementation for orders may include interface implementation with ancillary electronically record, change, and access a configuration of diagnostic imaging orders is systems but this is out of scope of the certified capability for order entry. Use of patient’s diagnostic imaging orders. required to enable order entry. Costs may apply for transactions with departmental/ancillary systems are part of standard order optional implementation services. implementation but are not considered within scope of certified capability. Relied upon software: N/A Implementation of specific code sets for ordered tests for use in other capabilities such as eCQM calculation may be required outside the scope of order entry.

Cerner 2015 Edition Certified Health IT V. 32 Page 69 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(a)(4) Drug-Drug, Drug-Allergy (DD/DA) Interaction A Soarian Clinicals software license and standard As to the intended use of certified capability it is assumed that clients are expected to CPOE Drug-Drug, Drug- Checks applies to the ONC 2015 Edition First Data Bank (FDB) content (which is included) is maintain currency with software and content updates. Allergy Interaction certification criterion utilized by a variety of required. To enable the certified capability to be Checks federal and state programs including clinical used, drug-drug/drug-allergy interaction checking is Use of FDB content integrated with CPOE for drug-drug/drug-allergy interaction checking decision support for interaction checking configurable by the client to fit their policy for the - use of other content is outside the scope of certified product capability. Drug- during CPOE Medications. Includes the level of alerting (e.g. low, high). Costs may apply for drug/drug-allergy interaction checking during clinical information reconciliation requires capability to detect and alert end-users of optional implementation services. a license for FDB’s Enhanced Interoperability Module for use of RxNorm coded content; drug-drug and drug-allergy interactions when this capability is outside the scope of this certification criterion. placing medication orders, and the ability to manage the severity level by which interaction alerts are triggered.

Relied upon software: N/A § 170.315(a)(5) Demographics applies to the ONC 2015 Edition This is included with the Soarian Clinicals certified To enable the certified capability to be used, mapping may be required to go from local Demographics certification criterion utilized by a variety of modules. A software license is required for Soarian codes that are used in registration conversations to the required vocabulary standards. federal and state programs including the Clinicals. Optional costs are Inbound ADT interface Current conversations may need to be updated to allow for multiple responses and Promoting Interoperability Base CEHRT and Outbound ADT Interface and available options to decline to specify or unknown. As to the intended use of certified capability, it definition and contributes to those Objectives implementation services. Costs may apply for is assumed that required code set values may not need to be natively captured in that utilize this data such as patient available optional implementation services. registration conversations within Cerner, but mapping should be in place to support engagement, coordination of care, public outbound interfacing purposes such as for the C-CDA. Non-Cerner registration health (syndromic surveillance), as well as conversations can be used if the information is interfaced in to the system, but those quality measure reporting (eCQM) capture and non-certified components might not support use of the required code sets or enable calculation. Includes the capability to multi-response to questions for race and ethnicity. An inbound interface also should be electronically record, change, and access evaluated for its ability to support all related capabilities including translating and certain patient demographics – including race mapping the inbound code set values to required code set values if necessary. & ethnicity, preferred language, birth sex, and sexual orientation & gender identity – in The 2015 Edition introduces into this criterion elements for Sexual Orientation and accordance with defined vocabulary standards Gender Identity which may be captured at registration or captured in clinical & code sets. documentation; however, these elements are not required to be captured for Meaningful Use. To enable this capability, ADT fields are provided and are available to Relied upon software: N/A Provider Documentation and Nursing. If configured, codes for these elements would be established in ADT implementation.

§ 170.315(a)(9) Clinical Decision Support (CDS) applies to the This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that Clients are expected to Clinical Decision Support ONC 2015 Edition certification criterion utilized modules. A Soarian Clinicals software license is ensure drug-drug, drug-allergy checking and other clinical decision support capabilities by a variety of federal and state programs required. are enabled as needed in their clinical practice. Active use of the Infobutton retrieval including the Promoting Interoperability Base capability requires integration of external content that adheres to the URL-based CEHRT definition. Includes the capability to implementation of the Infobutton standard, which may require contracting with third- configure CDS interventions inclusive of source party vendors. attribute information to be presented to end- users based on clinical data in the Electronic Where applicable, clients are responsible for ensuring CDS interventions are enabled and Health Record (EHR), along with retrieval of maintained for the duration of anyPromoting Interoperability reporting period. diagnostic and therapeutic reference Standard content is available for optional use at no cost for rules-based CDS. Clients are information using the Infobutton standard. not required to utilize rules or standard content in pursuit of CDS and may use alternate means within CMS CDS guidance and the capabilities of the certified modules such as Relied upon software: N/A order entry, clinical documentation automation, patient education suggestion via Infobutton, and other means described in solution documentation. § 170.315(a)(10) Drug Formulary Checks applies to the ONC This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to Drug-Formulary Checks 2015 Edition certification criterion utilized by a modules. A Soarian Clinicals software license and maintain currency with software and content updates. variety of federal and state programs including

Cerner 2015 Edition Certified Health IT V. 32 Page 70 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

the electronic prescribing objective. Includes standard FDB license (which is included) content ePrescription itself, to which this capability applies, is a separate criterion (reference the capability to automatically query for the license is required. 170.315(b)(3)) for which additional subscriptions apply. existence of a drug formulary or preferred drug list for a particular patient and medication.

Relied upon software: N/A § 170.315(a)(12) Family Health History Status applies to the ONC This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to Family Health History 2015 Edition certification criterion utilized by a modules. A Soarian Clinicals software license is maintain currency with software and content updates. variety of federal and state programs including required. the Promoting Interoperability Base CEHRT To enable the certified capability to be used SNOMED-CT may need to be mapped to definition. Includes the capability to existing values used for clinical documentation, if different. Codified values are managed electronically record, change, and access a in Soarian Content Management Workspace (SCMW). As part of a required patient’s family health history using SNOMED- implementation service, new SCMW model content will be published enabling the use of CT vocabulary for documented conditions. codified values. Training is required for SCMW.

Relied upon software: N/A § 170.315(a)(13) Patient-specific Education Resources applies to This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to Patient-Specific the ONC 2015 Edition certification criterion modules. A Soarian Clinicals software license is maintain currency with software and content updates. Education Resources utilized by a variety of federal and state required. Optional costs are third party education programs including the objective for patient content from source such as Exitcare or MedLine. This criterion does not include the education content itself and providers may use their specific education resources to be suggested by Optional advisory and implementation services are existing content. Content is not required to be Infobutton enabled. To enable the CEHRT and provided electronically. available. certified capability of automatic suggestion of patient specific content to be used, integration of content with Infobutton, use of Med Administration Check monographs, or Relied upon software: N/A configuration of other automated suggested content is required. It is presumed that either 3rd party content or client developed components may be used, provided content is configured for appropriate automation and staff is educated for appropriate education delivery and charting. Use of workflows or self-developed components not enabled for education suggestion are incompatible with presumed workflows that result in measurement credit. Providing suggested content electronically is not included in the scope of this criterion nor requires CEHRT; providers may make content electronically available to patients in many ways. § 170.315(a)(14) Implantable Device List applies to the ONC This is included with the Soarian Clinicals certified As to the intended use of certified capability it is assumed that clients are expected to Implantable Device List 2015 Edition certification criterion utilized by a modules. A Soarian Clinicals software license is maintain currency with software and content updates. variety of federal and state programs including required. Optional advisory and implementation objectives that utilize this data such as patient services are available. Barcode scanner hardware This criterion includes the capability to chart implantable devices with Unique Device engagement and coordination of care. are optional costs for automated recording/parsing Identifiers (UDIs), including parsing the UDI, capturing key data about the device from Includes the capability to manage a list of a of Unique Device Identifiers (UDI) via barcode Food and Drug Administration’s Global UDI Database (FDA GUDID), and including UDI patient’s implantable devices, including scanning. information in a consolidated clinical documentation architecture document (C-CDA). recording and parsing Unique Device Identifiers Capture and integration of this information from the point of care is not within the scope (UDI) and to support automated retrieval of of the criterion. To enable the certified capability a compatible bar code scanner is additional device attributes from the Global optional and recommended. Integration of a web service call to the FDA GUDID is Unique Device Identifier Database (GUDID). required for accessing additional information about the UDI is part of a required implementation service. Relied upon software: N/A § 170.315(b)(1) Transitions of Care applies to the ONC 2015 This is included with the Soarian Clinicals certified Code sets for generation and/or validation may require licensing from their source. Code Transitions of Care Edition certification criterion utilized by a modules. A software license for Soarian Clinicals sets from original sources are used for inbound verification: LOINC and UCUM: variety of federal and state programs including including the capabilities for capturing source data Regenstrief Institute, Inc, RxNorm: National Library of Medicine (NLM), Department of objectives for coordination of care among for the summary of care (e.g., demographics, Health and Human Services (HHS), SNOMED-CT: UMLS Metathesaurus NLM HHS, ICD-9, providers. Capabilities include the creation of allergies, medications, problems, UDI, results ICD-10: Centers for Medicare and Medicaid Services (CMS), HL-7 Terminologies: HL7. C-CDAs, the sending and receiving of C-CDAs

Cerner 2015 Edition Certified Health IT V. 32 Page 71 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

via secure edge protocols, validating C-CDAs receipt, etc.) is required including an Advanced As to the intended use of certified capability it is assumed that exchange is based upon received, and configuration of viewing Interoperability Service (AIS) subscription. use of the ONC Applicability Statement on Secure Health Transport (reference preferences. 170.315(h)(1) or (h)(2)) or XDR. With modified Stage 2 and Stage 3 measure definitions, CMS indicated that other secure electronic methods of transport beyond certified Relied upon software: N/A capabilities may be used and count for purpose of measurement. Non-certified exchange is beyond the scope of model product delivery and, per product documentation defining measures, may not count appropriately for the measure.

Point to point XDR integration and/or XDR to HISP (reference 170.315(h)(1)) integration may be required and requires Cerner engagement. Each client must evaluate their specific exchange partners and associated communication needs. To enable the certified capability to be used these configurations should be considered; each exchange partner’s secure transport method should be evaluated, integration testing performed to ensure reasonable expectation of receipt, provider-provider group addresses should be established, and processes established for inbound document handling. Viewing of C- CDA documents from outside the organization may require clients to either through purchase or through contracted licensing have the appropriate document exchange structure that allows the product to query for patient’s external documents. This may be through a regional or organization owned HIE, or participation in CommonWell. Discharge Medication Reconciliation capability should be used for medication list incorporation in summary of care documentation. To enable the certified capability to be used, clinical letter module is used to produce the summary adjunct to the patient departure process. The summary of care may be automatically generated using the available generation service and rules/workflow. Soarian Communication Services (SCS) is required for sending summary of care to intended recipients from the EMR. To enable the certified capability to be used, these configurations should be considered; process updates and configuration for complete summary of care generation including required code sets, each exchange partner’s secure transport method should be evaluated, integration testing performed to ensure reasonable expectation of receipt, process for discharge with transfer/referral indication, provider / provider group addresses should be established, processes established for inbound and outbound document handling, and configuration of AIS viewer and administration console. § 170.315(b)(2) Clinical Clinical Information Reconciliation (CIR) applies This is included with the Soarian Clinicals certified Clients are expected to stay current on software and codes / content for medications, Information to the ONC 2015 Edition certification criterion modules. A software license for the Soarian Clinicals allergies, and problems. Reconciliation and utilized by a variety of federal and state is required. An AIS subscription and integration is Incorporation programs including objectives for coordination required for this certified capability. A C-CDA Reconciliation of medication history from sources other than the C-CDA is not part of the of care among providers. Includes the management and clinical information reconciliation scope of this criterion, but in the practice of medication reconciliation, Medication capability to accurately match a received implementation is required. In addition, an AIS 2015 History and Surescripts subscription is optional and recommended for external Pharmacy transition of care C-CDA document to a local Edition Standards for Healthcare Information sources of medications. Validation of inbound C-CDAs and protocols for electronic patient record and to reconcile problems, Exchange is required for patient matching. receipt of outside documents are outside the scope of this capability (reference medications, and medication allergies data to 170.315(b)(1)). produce a single consolidated reconciled list in the patient’s Electronic Health Record (EHR) that can be included in subsequently generated transition of care C-CDA documents.

Relied upon software: FDB’s Enhanced Interoperability Module license is required if RxNorm coded content mapping is utilized from inbound summary of care sources to

Cerner 2015 Edition Certified Health IT V. 32 Page 72 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

ensure inbound medications appear structured vs. free text for ease of reconciliation.

§ 170.315(b)(3) Electronic Prescribing applies to the ONC 2015 This is included with the Soarian Clinicals certified To enable the certified capability to be used the provider should be registered with Electronic Prescribing Edition certification criterion utilized by a modules. A software license for Soarian Clinicals is Surescripts, the Pharmacy Directory properly implemented, provider NPI/DEA configured variety of federal and state programs including required, including an ePrescribing and Surecripts in the EMR, and Formulary checking (reference 170.315(a)(10)) properly implemented. objectives for generating and transmitting subscription. Cloud service integration is required permissible electronic prescriptions. (HDX). As part of a required implementation service, Cerner will update the medication history consent standard. Relied upon software: N/A Surescripts transaction notification support from Cerner and controlled substance prescribing capabilities are optional and recommended. § 170.315(b)(6) Data Data Export applies to the ONC 2015 Edition This is included with the Soarian Clinicals certified Per AIS configuration options Soarian DM may alternatively be used as the document Export certification criterion utilized by a variety of modules. AIS subscription is required for document archive. federal and state programs including the archive. Promoting Interoperability Base CEHRT If AIS archive is used, optional extended storage duration may be configured. definition. Includes the capability to generate and export single or multi-patient summaries using the HL7 C-CDA Release 2.1 Continuity of Care Document (CCD) template with flexibility for export date and time range specification. Additional configuration options include file export location (e.g. network drive) and limiting the functionality to be available to an isolated set of users.

Relied upon software: Soarian Document Management (optional) § 170.315(c)(1) CQM - CQM Record & Export supports the Promoting This is included in the Soarian Clinicals certified Health Services Analytics has brand names including SQRS or Healthcare Intelligence Record & Export Interoperability definition and IPPS/ IQR modules utilizing the Health Services Analytics including Clinical Intelligence and Quality Measures Intelligence, or DSS and SQM and program requirement for utilization of CEHRT component. A software license for Soarian Clinicals Healthcare Query. Codified values are managed in the SCMW. New model content for eCQMs. Includes the capability to record is required. A software license to the Health Services including the codified values required for eCQMs is required. If clients are using 3rd the data required for Clinical Quality Measure Analytics components is required. CMS may change party vendor data warehouse products for e-submission, they are not relying on our (CQM) calculations in a codified manner eCQM definitions and submission requirements from certified capability but relying on third party capabilities to meet the 170.315(c)(1)-(3) appropriate for the measures to which the time to time and those changes may require criteria, and are likely using custom extracts required by that third party data warehouse product is certified, and the ability for an software, configuration, and/or process updates for exporting data from the source clinical EHR by a non-certified capability. authorized user to generate QRDA Category I which may incur optional or required costs. data files for export. To enable the certified capability to be used, configuration should be considered such as; configuration of reference build to map clinical data to the standard value sets, Relied upon software: Health Services additional reference data build to support EH reporting, FDB Interoperability Module Analytics licensing for RxNorm code sets (medications and medication allergens), integration of external sources such as coding systems for diagnosis or peri-operative systems. Optional implementation services are available. § 170.315(c)(2) CQM - CQM - Import and calculate supports This is included in the Soarian Clinicals certified Health Services Analytics has brand names including SQRS or Healthcare Intelligence Import and Calculate thePromoting Interoperability definition and modules utilizing the Health Services Analytics including Clinical Intelligence and Quality Measures Intelligence, or DSS and SQM and IPPS/ IQR program requirement for CEHRT for component. A software license for Soarian Clinicals Healthcare Query. If clients are using 3rd party vendor data warehouse products for eCQMs. Includes the capability for an is required. A software license to the Health Services eMeasure calculation, they are not relying on our certified capability but relying on third authorized user to import QRDA Category I and Analytics components is required. CMS may change party capabilities to meet the 170.315(c)(1) -(3) criteria, and are likely using custom III data files and perform Clinical Quality eCQM definitions and submission requirements from extracts required by that third--party data warehouse for exporting data from the source time to time and those changes may require clinical EHR by a non-certified capability.

Cerner 2015 Edition Certified Health IT V. 32 Page 73 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Measure (CQM) calculations for the data for software, configuration, and/or process updates the measures to which the product is certified. which may incur optional or required costs. To enable the certified capability to be used, configuration should be considered such as; configuration of reference build to map clinical data to the standard value sets, Relied upon software: Health Services additional reference data build to support EH reporting, FDB Interoperability Module Analytics licensing for RxNorm code sets, integration of external sources such as coding systems for diagnosis or peri-operative systems. Optional implementation services are available. § 170.315(c)(3) CQM – CQM - Report Promoting Interopability This is included in the Soarian Clinicals certified Health Services Analytics has brand names including SQRS or Healthcare Intelligence Report definition and IPPS/ IQR program requirement modules utilizing the Health Services Analytics including Clinical Intelligence and Quality Measures Intelligence, or DSS and SQM and for CEHRT for eCQMs. component. A software license for Soarian Clinicals Healthcare Query. is required. A software license to the Health Services If clients are using 3rd party vendor data warehouse products for e-submission, they are Relied upon software: Health Services Analytics components is required. not relying on our certified capability but relying on third party capabilities to meet the Analytics A service is required for electronic submission of 170.315(c)(1) -(3) criteria, and are likely using custom extracts required by that third- quality data. CMS may change eCQM definitions and party data warehouse for exporting data from the source clinical EHR by a non-certified submission requirements from time to time and capability. those changes may require software, configuration, and/or process updates which may incur optional or To enable the certified capability to be used, configuration should be considered such as; required costs. configuration of reference build to map clinical data to the standard value sets, additional reference data build to support EH and EP reporting, FDB Interoperability Module licensing for RxNorm code sets, integration of external sources such as coding systems for diagnosis or peri-operative systems. § 170.315(d)(1) Authentication, Access Control & Authorization No separate licensing for this capability is required. To enable the certified capability to be used, configuration of the certified module for Authentication, Access applies to the ONC 2015 Edition certification The capabilities are considered a core component of user accounts, security privileges, authentication parameters and related access controls Control, and criterion utilized by a variety of federal and the Health IT module itself and no separate licensing per product documentation is presumed to be in place for any implementation. As to Authorization state programs including the Promoting is required for the certified capability apart from the the intended use of certified capability, it is assumed that part of standard Interoperability Base CEHRT definition and licensing required for the Health IT module. Note implementation requires definition and administration of users, security roles, supports the development and maintenance of that the API capability of the Soarian Clinicals authorization and authentication parameters and the like. a Privacy and Security Risk Assessment and modules (reference 170.315(g)(7) -(g)(9)) utilizes the Implementation Plan. oAuth2 and SAML services, per the technical Use of any advanced authentication methodologies such as biometrics or cryptographic Supports unique user identification, enables specifications, for authentication, access control and methods used in two factor authentications are beyond the scope of certified product authentication against unique user identifiers authorization. In practice, utilization of these API capabilities, but Cerner does support their use within the scope of product (i.e. username/password) to gain access to services relies on a single, external, patient-facing documentation. Similarly, use of any external authentication methods, such as SAML that electronic health information, and includes the identity provider (IdP) compatible with the API are pass-through to the certified product's security services are beyond the scope of the ability to control the specific access and technical specifications for consumer user’s certified capabilities but are not incompatible with their use. Use of any external privilege rights a user is granted. authentication and access control. The IdP may be directory services, such as Client Directory Support, for user account or credential This criterion is conditionally required for all federated for use by more than one connected management also is beyond the scope of Cerner's certified capabilities but is not certified modules and is included in the Soarian application or may be provided as embedded in a incompatible with their use. Clinicals, NOVIUS Lab, Patient Portal – MMD, single connected application. Additional costs may Provider Portal and Soarian DM certified apply for the IdP. modules.

Relied upon software: N/A § 170.315(d)(2) Auditable Events and Tamper Resistance No separate licensing for this capability is required. Establishing appropriate system clocks to standard time servers is part of initial system Auditable Events and applies to the ONC 2015 Edition certification The capabilities are considered a core component of implementation and operations per product documentation. Tamper Resistance criterion utilized by a variety of federal and the Health IT module itself, and no separate licensing state programs including the Promoting is required for the certified capability apart from the To enable the certified capability to be used, configuration of desired audit events for Interoperability Base CEHRT definition and licensing required for the Health IT module. logging have been identified and implemented as part of standard implementation. supports the development and maintenance of a Privacy and Security Risk Assessment and Implementation Plan.

Cerner 2015 Edition Certified Health IT V. 32 Page 74 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Supports event creation capabilities for security auditing of access to and actions on ePHI via the certified application, including integrity protection of recorded audit logs. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(3) Audit Audit Reports applies to the ONC 2015 Edition No separate licensing for this capability is required. To enable the certified capability to be used standard reporting capabilities are included. Reports certification criterion utilized by a variety of The capabilities are considered a core component of federal and state programs including the the Health IT module itself, and no separate licensing Establishing appropriate system clocks to standard time servers is part of initial system Promoting Interoperability Base CEHRT is required for the certified capability apart from the implementation and operations per product documentation. Client review and definition and supports the development and licensing required for the Health IT module. maintenance of audit records is outside the scope of certification criteria. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables creation of sortable audit reports for specific time frames, and based on specific parameters such as user ID, patient ID, type of action, etc. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(4) Amendments applies to the ONC 2015 Edition Implementation of this capability is optional by As to the intended use of certified capability it is assumed that client definition and use Amendments certification criterion utilized by a variety of clients and possessory rights to Soarian DM exist for of amendment capabilities should be flexible based on their form and manner of federal and state programs including the Soarian clients. Implementation requires Soarian recording patient requested amendments. Amendments of ePHI maintained in non- Promoting Interoperability Base CEHRT Document Management licensing. certified systems or third-party systems certified for this criterion is beyond the scope of definition and supports the development and Cerner's certified capability but Cerner recognizes they may be in use for maintenance of maintenance of a Privacy and Security Risk ePHI beyond the scope of records maintained by our certified system. Assessment and Implementation Plan. Enables recording of an amendment to a To enable the certified capability to be used, documentation templates can be defined patient record based on a patient request, as both for recording patient requests/provider response and for the substance of the well as the patient requests for amendment to amendment request content. Accepting the amendment request into the record may their health record, including identification of involve use of additional documentation tools to create and persist medical record whether the amendment was approved or entries out of amendment requests such as for documenting patient contributed health denied. information depending on its form. This criterion is conditionally required for certain certified modules and is provided by the Soarian DM certified module. It is also included in the Soarian Clinicals certified module using Soarian DM as required associated software.

Relied upon software: Soarian Document Management

Cerner 2015 Edition Certified Health IT V. 32 Page 75 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(d)(5) Automatic Log-Off applies to the ONC 2015 No separate licensing for this capability is required. As to the intended use of certified capability it is assumed that Configuration will support Automatic Log-Off Edition certification criterion utilized by a The capabilities are considered a core component of both session suspension and termination after an interval of time. Configuration of variety of federal and state programs including the Health IT module itself, and no separate licensing automatic log off may be dependent on capabilities of the end user access point if the Promoting Interoperability Base CEHRT is required for the certified capability apart from the beyond scope of what end user devices are normally presumed to be in use. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk To enable the certified capability to be used configuration is performed during standard Assessment and Implementation Plan. implementation. Enables automatic termination of a user session after a specified period of inactivity requiring re-authentication. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(6) Emergency Access applies to the ONC 2015 No separate licensing for this capability is required. Use of business continuity and disaster recovery techniques and tools are beyond the Emergency Access Edition certification criterion utilized by a The capabilities are considered a core component of scope of the intent of emergency access capabilities within the certified product as variety of federal and state programs including the Health IT module itself, and no separate licensing tested by certification testing but are relevant for HIPAA Security compliance and overall the Promoting Interoperability Base CEHRT is required for the certified capability apart from the security risk assessment processes. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk To enable the certified capability to be used configuration of user positions with privilege Assessment and Implementation Plan. to invoke the emergency access relationship type need to be defined as well as any Enables a limited set of specified users to desired logging of reasons for access. As to the intended use of certified capability it is access electronic health information in assumed that the capability allows for override of restrictions on a user's ability to access emergency scenarios. records beyond the organization they are associated to, of encounter records marked as This criterion is conditionally required for subject to confidentiality levels and based upon the access rights that may be defined for certain certified modules and is included in the the emergency mode of access relationship type. Soarian Clinicals and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(7) End-User End User Device Encryption applies to the ONC No separate licensing for this capability is required. As to the intended use of certified capability it is assumed that End user device storage is Device Encryption 2015 Edition certification criterion utilized by a The capabilities are considered a core component of not otherwise utilized for other applications within scope of Cerner's certified products. variety of federal and state programs including the Health IT module itself, and no separate licensing Cerner recommends end user device encryption beyond the certified capability for the Promoting Interoperability Base CEHRT is required for the certified capability apart from the additional risk mitigation because of additional capabilities such as other applications definition and supports the development and licensing required for the Health IT module. and/or commercial copy/paste capabilities. Use of other encryption capabilities such as maintenance of a Privacy and Security Risk external end user disk encryption or encryption of enterprise/back end storage systems Assessment and Implementation Plan. The is beyond the scope of certification testing and the scope of certified modules. certified product is designed to prevent any persistent storage of electronic health information accessed in the Soarian Clinicals application locally to end-user devices (e.g. temp files, cookies, caches). This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 76 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

§ 170.315(d)(8) Integrity Integrity applies to the ONC 2015 Edition No separate licensing for this capability is required. Cerner OPENLink may be optionally configured for integrity of interface transactions but certification criterion utilized by a variety of The capabilities are considered a core component of is outside the scope of certification criteria. federal and state programs including the the Health IT module itself, and no separate licensing Promoting Interoperability Base CEHRT is required for the certified capability apart from the To enable the certified capability to be used, integrity protection is enabled principally definition and supports the development and licensing required for the Health IT module. for secure transport of clinical information between entities / components based on maintenance of a Privacy and Security Risk protocols, certificates, ciphersuites and other network security protections such as Assessment and Implementation Plan. public/private network security. Enables verification that health information exchanged electronically (both outbound and inbound) has not been altered during transmit via use of message digests produced by hash algorithms of SHA-2 or greater strength. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals certified modules including AIS for integrity as it applies to secure transport for 170.315(b)(1) and data export 170.315(b)(6) and ePrescribing for integrity as it applies to 170.315(b)(3).

Relied upon software: N/A § 170.315(d)(9) Trusted Trusted connections apply to the ONC 2015 No separate licensing for this capability is required. Product implemented trusted connections are enabled principally for secure transport of Connections Edition certification criterion utilized by a The capabilities are considered a core component of clinical information between entities / components based on protocols, certificates, variety of federal and state programs including the Health IT module itself, and no separate licensing ciphersuites and other network security protections such as public/private network the Promoting Interoperability Base CEHRT is required for the certified capability apart from the security. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables the secure encryption and integrity- protection of electronic health information transmitted to external applications via API for patient access, and contribution of data from external applications for patient health information capture. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Soarian DM, Patient Portal – MMD, and Provider Portal certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 77 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases.

Relied upon software: N/A § 170.315(e)(2) Secure Secure Messaging applies to the ONC 2015 This is included with the Soarian Clinicals and Cerner Direct Messaging HISP is an optional license to support messaging via Direct SMTP Messaging Edition certification criterion utilized by a Provider Portal certified modules. A Software protocol. variety of federal and state programs including license is required for these certified products; no the Promoting Interoperability objective for additional license is required for this capability. To ensure patients/proxies can receive messages from providers, Soarian patient engagement to allow providers to Optional advisory and implementation services are Communication Services (SCS) capability in Soarian Clinicals needs to be implemented message patients and their authorized available. and integrated with Patient Portal-MMD or another XDR-capable patient portal. For representatives. Provider Portal, secure message implementation, Patient Portal – MMD should be configured for patient communication. As to intended use of certified capability it is Relied upon software: Patient Portal-MMD assumed that clinical content of the message is not evaluated for credit of the numerator (optional), Cerner Direct Messaging HISP and clients need to utilize capabilities defined in product documentation for appropriate (optional) attribution. § 170.315(f)(1) Transmission to Immunization applies to the This is included with the Soarian Clinicals certified Agency documentation of the appropriate state of active engagement is required and Transmission to ONC 2015 Edition certification criterion utilized modules. A Soarian Clinicals Software License is outside the scope of certified capability. Immunization registries by a variety of federal and state programs required including implementation of Med including the Promoting Interoperability Administration Check. Autoprofile web service is required to include immunization information in the summary objective for active engagement in public of care. Bi-directional query capability requires integration with the registry. health.

Relied upon software: N/A § 170.315(f)(2) Transmission to Public Health Agencies – This is included with the Soarian Clinicals certified Agency documentation of the appropriate state of active engagement is required and Transmission to Public Syndromic Surveillance applies to the ONC modules. A license is required for the Soarian outside the scope of certified capability. Health Agencies – 2015 Edition certification criterion utilized by a Clinicals. Cerner OPENLink and model maps are Syndromic Surveillance variety of federal & state programs including required for connection to agency(ies). To enable the capability, implementation of the syndromic interface is required in order the Promoting Interoperability objective for to route the appropriate transactions. active engagement in public health.

Relied upon software: Cerner OPENLink § 170.315(f)(6) Transmission to Public Health Agencies – This is included with the Soarian Clinicals certified An NHSN client account is required. Transmission to public Antimicrobial use and Resistance reporting modules. A license is required for Soarian Clinicals health agencies — applies to the ONC 2015 Edition certification which includes the Pharmacy and Medication The certified reporting capabilities require up-front configuration to define antimicrobial use and criterion utilized to report the antimicrobial use Administration Check modules. A Laboratory antimicrobials and susceptibility results, and National Healthcare Safety Network (NHSN) and resistance data to the CDC’s National Information System is required that can transmit location mapping. Dependent on the LIS, additional up-front configuration might be resistance reporting Healthcare Safety Network (NHSN) for tracking (using minimum HL7 2.5.1 version) the required required as well. and trend analysis. NHSN information (organism and antimicrobial Up front configuration includes interface mapping between the LIS and Pharmacy and result) to the Pharmacy module. NHSN Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 78 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(g)(2) Enables calculation of numerator and Measure recording is included in the Soarian Clinicals Health Services Analytics has brand names including SQRS or Healthcare Intelligence Automated Measure denominator values as necessary for the certified modules for documented measures utilizing including Clinical Intelligence and Quality Measures Intelligence, or DSS and SQM and Recording Promoting Interoperability objectives. the Health Services Analytics component. A Healthcare Query. To enable the certified capability reports must be configured to software license for Soarian Clinicals is required. A operational processes and data for measure requirements such as denominator Relied upon software: N/A software license to the Health Services Analytics qualification and reporting entities. components is required. As to the intended use of certified capability it is assumed that the standard reports are designed to work with particular certified product capabilities and workflows. Information on the design assumptions of the reports is available in Cerner reference documentation. Use of self-developed components or use of workflows that are beyond the scope of the design assumptions of the standard reporting may not result in measurement consideration. Use of self-developed reporting or process to compile numerator and denominator data from different sources than the certified modules may be possible with optional integration but are outside the scope of certified capabilities.

Clients who have optionally licensed for Patient Portal – MMD, can utilize a report (accessible from the MMD solution) to generate both the numerator and denominator for the Patient Electronic Access objective.

Clients who have not licensed for the Patient Portal – MMD solution, are required to rely on the Identity Provider for the numerator and a report from Soarian Clinicals for the denominator. § 170.315(g)(3) Safety Defines user-centered design processes and Safety Enhanced Design is included with the Soarian N/A Enhanced Design assessments for applicable certified capabilities Clinicals certified modules. No separate licensing is within the certified product’s scope. required. Relied upon software: N/A § 170.315(g)(4) Quality Establishes controls for and monitors Quality Management System applies to all certified N/A Management System compliance with the quality standards under modules listed herein. No separate licensing is which the included certified capabilities are required. developed, tested, implemented, and maintained.

Relied upon software: N/A § 170.315(g)(5) Encompasses the processes by which the Accessibility Centered Design applies to all certified N/A Accessibility Centered accessibility standards employed in the modules listed herein. No separate licensing is Design development of the certified capabilities. required.

Relied upon software: N/A § 170.315(g)(6) CCDA CCDA creation performance applies to the ONC A license for Soarian Clinicals is required. Clients are The C-CDA creation performance capabilities are supported as per ONC policy with Creation performance 2015 Edition certification criterion utilized by a expected to stay current on software and codes / certification of 170.315(b)(1), 170.315(b)(2), 170.315(b)(4), and 170.315(b)(6) criteria for variety of federal and state programs including content for the data that comprises the C-CDA. creation of a C-CDA documents. Appropriate implementation and maintenance of objectives for patient engagement and Clients are expected to implement the processes and medical code sets for vocabulary constraints and mapping of demographics data coordination of care among providers. Enables capabilities that cover the capture of the CCDS in elements to defined standards is a pre-requisite for conformant C-CDA generation. Use the creation of a standards-conformant care processes and the manual or automatic of any non-certified capability for the recording of required structured clinical data to be Consolidated Clinical Document Architecture generation of the C-CDA with Clinical Letter included in C-CDA documents may not be compatible with certified capabilities. (C-CDA) document, including Common Clinical capabilities. Advisory and implementation services Data Set (CCDS) representation. are optional and recommended.

Cerner 2015 Edition Certified Health IT V. 32 Page 79 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

This criterion is essentially the subset of transitions of care criterion (reference Relied upon software: N/A 170.315(b)(1)) related to the capture of the CCDS and generation of a consolidated clinical document architecture (C-CDA) document. § 170.315(g)(7) Application access – patient selection applies This is included in the Soarian Clinicals certified As noted for criteria 170.315(d)(1), the API includes services for authentication, access Application access – to the ONC 2015 Edition certification criterion modules. A license for Soarian Clinicals is required. A control, and authorization; to utilize these services, a single, federated or application- Patient selection utilized by a variety of federal and state one-time set-up for the Ignite Soarian API is provided, consumer-facing identity provider (IdP) that meets the technical specifications programs including objectives for patient required. An Application connection service is is required for all connected Applications. One or more Applications validated by Cerner engagement. This criterion includes an required for each application registered for use with to meet the Technical and Terms of Use specifications is required to utilize the certified application programming interface (API) and is the certified capability. API utilization subscription capability. used in tandem with criteria for application services may apply. Advisory and implementation access to patient health data (reference services are optional and recommended. The Application(s) used must be used for Patient Access only. Providers must approve, 170.315(g)(8) and (g)(9)) by patients and their register and implement the Application(s) for use in their environment. Application authorized representatives using an capability is outside the scope of the certified capability and may incur additional cost. Application configured to the technical and terms of use specifications of the certified API. Includes the capability to uniquely match and authenticate a request for access to health information from an external application of the patient’s choice via the Ignite Soarian API to the correct Soarian patient record. Relied upon software: Ignite Soarian API § 170.315(g)(8) Application access – data category request . This is included in the Soarian Clinicals certified As noted for criteria 170.315(d)(1), the API includes services for authentication, access Application access – data applies to the ONC 2015 Edition certification modules. A license for Soarian Clinicals is required. control, and authorization; to utilize these services, a single, federated or application- category request criterion utilized by a variety of federal and A one-time set-up for the Ignite Soarian API is provided, consumer-facing identity provider (IdP) that meets the technical specifications state programs including objectives for patient required. Application capability is outside the scope is required for any and all connected Applications. One or more Applications validated engagement. This criterion includes an of the certified capability and may incur additional by Cerner to meet the Technical and Terms of Use specifications is required to utilize the application programming interface (API) and is cost. Application connection service is required for certified capability. used in tandem with criteria for application each application registered for use with the certified access to patient health data (reference capability. API utilization subscription services may The Application(s) used must be used for Patient Access only. Providers must approve, 170.315(g)(7) and (g)(9)) by patients and their apply. Clients are expected to stay current on register and implement the Application(s) for use in their environment. authorized representatives using an software and codes / content for the data that Application configured to the technical and comprises the CCDS. Clients are expected to terms of use specifications of the certified API. implement the processes and capabilities that cover Includes the capability to respond to the capture of the CCDS in care processes. Advisory authenticated requests for health information and implementation services are optional and via the Ignite Soarian API at an individual data recommended. category level for data types included in the Common Clinical Data Set (CCDS), including accommodation of specific dates/date ranges.

Relied upon software: Ignite Soarian API § 170.315(g)(9) Application access – all data request applies to This is included in the Soarian Clinicals certified Clients are expected to stay current on software and codes / content for the data that Application access – All the ONC 2015 Edition certification criterion modules. A license for Soarian Clinicals is required comprises the CCDS / C-CDA. data request utilized by a variety of federal and state including AIS Archive. A one-time set-up for the programs including objectives for patient Ignite Soarian API is required. As noted for criteria Clients are expected to implement the processes and capabilities that cover the capture engagement. This criterion includes an 170.315(d)(1), the API includes services for of the CCDS in care processes and the manual or automatic generation of the C-CDA with application programming interface (API) and is authentication, access control, and authorization; to Clinical Letter capabilities. used in tandem with criteria for application utilize these services, a single, federated or access to patient health data (reference application-provided, consumer-facing identity 170.315(g)(7) and (g)(8)) by patients and their provider (IdP) that meets the technical specifications

Cerner 2015 Edition Certified Health IT V. 32 Page 80 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

authorized representatives using an is required for all connected Applications. One or Application configured to the technical and more Applications validated by Cerner to meet the terms of use specifications of the certified API. Technical and Terms of Use specifications is required Includes the capability to respond to to utilize the certified capability. The Application(s) authenticated requests for health information used must be used for Patient Access only. Providers via the Ignite Soarian API with the full Common must approve and implement the Application(s) for Clinical Data Set (CCDS) using the C-CDA use in their environment. Application capability is Continuity of Care Document (CCD) template, outside the scope of the certified capability and may including accommodation of specific incur additional cost. Application connection service dates/date ranges. is required for each application registered for use with the certified capability. API utilization Relied upon software: Ignite Soarian API subscription services may apply. Advisory and implementation services are optional and recommended. § 170.315(h)(1) Direct Includes the capability to exchange health This is included in the Soarian Clinicals certified Use of Cerner Direct Messaging HISP requires that clients complete a current Cerner Project information with external entities using the module that is inclusive of Cerner Direct Messaging Direct Messaging certificate request containing required Trust Framework contents that Direct Project standards for Secure Health HISP for this criterion. A license for Soarian Clinicals establish and validate Clients’ authenticity and parameters under which client may Transport. is required including AIS (also referred to as HUB- participate in Direct exchange. HIE). To implement and use this possessed Relied upon software: Cerner Direct HISP capability, a license for Cerner Direct Messaging HISP Use of the certified capability depends on known trusted users who have Direct accounts including integration with the AIS via the Direct XDR and the use of transacting with non-Direct users is outside of the scope of use for the for Cerner Direct Messaging HISP service is required. certified product. Implementation and use of this capability by providers for transitions of care or secure messaging is optional; possession as part of Base CEHRT definition is required.

Cerner 2015 Edition Certified Health IT V. 32 Page 81 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Soarian DM (Soarian Document Management) See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software § 170.315(d)(1) Authentication, Access Control & Authorization No separate licensing for this capability is required. Authentication, Access applies to the ONC 2015 Edition certification The capabilities are considered a core component of Use of any advanced authentication methodologies such as biometrics or cryptographic Control, and criterion utilized by a variety of federal and the Health IT module itself and no separate licensing methods used in two factor authentications are beyond the scope of certified product Authorization state programs including the Promoting is required for the certified capability apart from the capabilities, but Cerner does support their use within the scope of product Interoperability Base CEHRT definition and licensing required for the Health IT module. documentation. Similarly, use of any external authentication methods, such as SAML that supports the development and maintenance of are pass-through to the certified product's security services are beyond the scope of the a Privacy and Security Risk Assessment and certified capabilities but are not incompatible with their use. Use of any external Implementation Plan. directory services, such as Client Directory Support, for user account or credential Supports unique user identification, enables management also is beyond the scope of Cerner's certified capabilities but is not authentication against unique user identifiers incompatible with their use. (i.e. username/password) to gain access to electronic health information, and includes the ability to control the specific access and privilege rights a user is granted.

This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(2) Auditable Events and Tamper Resistance No separate licensing for this capability is required. Auditable Events and applies to the ONC 2015 Edition certification The capabilities are considered a core component of To enable the certified capability to be used, configuration of desired audit events for Tamper Resistance criterion utilized by a variety of federal and the Health IT module itself, and no separate licensing logging have been identified and implemented as part of standard implementation. state programs including the Promoting is required for the certified capability apart from the Interoperability Base CEHRT definition and licensing required for the Health IT module. supports the development and maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Supports event creation capabilities for security auditing of access to and actions on ePHI via the certified application, including integrity protection of recorded audit logs. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(3) Audit Audit Reports applies to the ONC 2015 Edition No separate licensing for this capability is required. Establishing appropriate system clocks to standard time servers is part of initial system Reports certification criterion utilized by a variety of The capabilities are considered a core component of implementation and operations per product documentation. Client review and federal and state programs including the the Health IT module itself, and no separate licensing maintenance of audit records is outside the scope of certification criteria.

Cerner 2015 Edition Certified Health IT V. 32 Page 82 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Promoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables creation of sortable audit reports for specific time frames, and based on specific parameters such as user ID, patient ID, type of action, etc. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(4) Amendments applies to the ONC 2015 Edition Implementation of this capability is optional by Amendments certification criterion utilized by a variety of clients and possessory rights to Soarian DM exist for To enable the certified capability to be used, documentation templates can be defined federal and state programs including the Soarian clients. Implementation requires Soarian both for recording patient requests/provider response and for the substance of the Promoting Interoperability Base CEHRT Document Management licensing. amendment request content. Accepting the amendment request into the record may definition and supports the development and involve use of additional documentation tools to create and persist medical record maintenance of a Privacy and Security Risk entries out of amendment requests such as for documenting patient contributed health Assessment and Implementation Plan. information depending on its form. Enables recording of an amendment to a patient record based on a patient request, as well as the patient requests for amendment to their health record, including identification of whether the amendment was approved or denied. This criterion is conditionally required for certain certified modules and is provided by the Soarian DM certified module. It is also included in the Soarian Clinicals certified module using Soarian DM as required associated software.

Relied upon software: Soarian Clinicals § 170.315(d)(5) Automatic Log-Off applies to the ONC 2015 No separate licensing for this capability is required. To enable the certified capability to be used configuration is performed during standard Automatic Log-Off Edition certification criterion utilized by a The capabilities are considered a core component of implementation. variety of federal and state programs including the Health IT module itself, and no separate licensing the Promoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables automatic termination of a user session after a specified period of inactivity requiring re-authentication. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 83 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

§ 170.315(d)(9) Trusted Trusted connections apply to the ONC 2015 No separate licensing for this capability is required. Product implemented trusted connections are enabled principally for secure transport of Connections Edition certification criterion utilized by a The capabilities are considered a core component of clinical information between entities / components based on protocols, certificates, variety of federal and state programs including the Health IT module itself, and no separate licensing ciphersuites and other network security protections such as public/private network the Promoting Interoperability Base CEHRT is required for the certified capability apart from the security. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables the secure encryption and integrity- protection of electronic health information transmitted to external applications via API for patient access, and contribution of data from external applications for patient health information capture. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Soarian DM, Patient Portal – MMD, and Provider Portal certified modules.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases.

Relied upon software: N/A § 170.315(e)(3) Patient Patient health information capture applies to This is included with the Soarian DM certified As to the intended use of certified capability clients need to utilize the capabilities Health Information the ONC 2015 Edition certification criterion module. A Software license is required for the defined in product documentation for appropriate attribution. Capture utilized by a variety of federal and state certified module (Soarian DM); no additional license programs including the Promoting is required for this capability. Optional advisory and Interoperability objective for patient implementation services are available. engagement to allow patients and external providers to contribute to the patient record.

Cerner 2015 Edition Certified Health IT V. 32 Page 84 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Includes the capability for patients or their authorized representatives to securely and electronically provide health information from non-clinical settings to providers and care team members for incorporation into their health record.

Relied upon software: N/A § 170.315(g)(2) Enables calculation of numerator and Measure reporting for patient health information Automated Measure denominator values as necessary for the capture (reference 170.315(e)(3)) criterion in Soarian As to the intended use of certified capability it is assumed that the standard reports are Recording Promoting Interoperability objectives. DM is performed with associated software in the designed to work with particular certified product capabilities and workflows. Measure reporting for patient health Soarian Clinicals certified modules for Health Information on the design assumptions of the reports is available in Cerner reference information capture (reference 170.315(e)(3)) Services Analytics. To enable the certified capability documentation. Use of self-developed components or use of workflows that are beyond criterion in Soarian DM is performed with reports must be configured to operational processes the scope of the design assumptions of the standard reporting may not result in associated software in the Soarian Clinicals and data for measure requirements such as measurement consideration. Use of self-developed reporting or process to compile certified modules for Health Services Analytics. denominator qualification and reporting entities. numerator and denominator data from different sources than the certified modules may be possible with optional integration and configuration but are outside the scope of Relied upon software: Soarian Clinicals with Cerner's certified capabilities. Health Services Analytics § 170.315(g)(4) Establishes controls for and monitors Quality Management System applies to all certified N/A Quality Management compliance with the quality standards under modules listed herein. No separate licensing is System which the included certified capabilities are required. developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 85 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Patient Portal - MMD See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software 170.315(d)(1) Enables calculation of numerator and Automated Measure Recording is included with the Authentication, Access denominator values as necessary for the Patient Portal - MMD, and Provider Portal certified Use of any advanced authentication methodologies such as biometrics or cryptographic Control, and Promoting Interoperability objectives. modules to support measure reporting for (View methods used in two factor authentications are beyond the scope of certified product Authorization download and transmit) VDT and/or secure capabilities but Cerner does support their use within the scope of product Relied upon software: N/A messaging. A software license is required for the documentation. Similarly, use of any external authentication methods, such as SAML that certified modules; no additional license is required are pass-through to the certified product's security services are beyond the scope of the for the reporting capabilities. certified capabilities but are not incompatible with their use. Use of any external directory services, such as Client Directory Support, for user account or credential management also is beyond the scope of Cerner's certified capabilities but is not incompatible with their use.

§ 170.315(d)(2) Auditable Events and Tamper Resistance No separate licensing for this capability is required. Auditable Events and applies to the ONC 2015 Edition certification The capabilities are considered a core component of To enable the certified capability to be used, configuration of desired audit events for Tamper Resistance criterion utilized by a variety of federal and the Health IT module itself, and no separate licensing logging have been identified and implemented as part of standard implementation. state programs including the Promoting is required for the certified capability apart from the Interoperability Base CEHRT definition and licensing required for the Health IT module. supports the development and maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Supports event creation capabilities for security auditing of access to and actions on ePHI via the certified application, including integrity protection of recorded audit logs. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(3) Audit Audit Reports applies to the ONC 2015 Edition No separate licensing for this capability is required. Reports certification criterion utilized by a variety of The capabilities are considered a core component of Establishing appropriate system clocks to standard time servers is part of initial system federal and state programs including the the Health IT module itself, and no separate licensing implementation and operations per product documentation. Client review and Promoting Interoperability Base CEHRT is required for the certified capability apart from the maintenance of audit records is outside the scope of certification criteria. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables creation of sortable audit reports for specific time frames, and based on specific parameters such as user ID, patient ID, type of action, etc. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 86 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

§ 170.315(d)(5) Automatic Log-Off applies to the ONC 2015 No separate licensing for this capability is required. Automatic Log-Off Edition certification criterion utilized by a The capabilities are considered a core component of To enable the certified capability to be used configuration is performed during standard variety of federal and state programs including the Health IT module itself, and no separate licensing implementation. the Promoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables automatic termination of a user session after a specified period of inactivity requiring re-authentication. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(7) End-User End User Device Encryption applies to the ONC No separate licensing for this capability is required. Device Encryption 2015 Edition certification criterion utilized by a The capabilities are considered a core component of variety of federal and state programs including the Health IT module itself, and no separate licensing the Promoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. The certified product is designed to prevent any persistent storage of electronic health information accessed in the Soarian Clinicals application locally to end-user devices (e.g. temp files, cookies, caches). This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 87 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

external applications for patient health information capture. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Soarian DM, Patient Portal – MMD, and Provider Portal certified modules.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases.

Relied upon software: N/A § 170.315(e)(1) View, View, Download and Transmit applies to the This is included with the Patient Portal – MMD Download, and Transmit ONC 2015 Edition certification criterion utilized certified module. A Software license for the patient To enable full measure reporting, an ADT interface is required for denominator by a variety of federal and state programs portal is required. The Provider Portal license is evaluation. Integration of EMR(s) and/or HIE(s) as the source(s) for summaries of care is including the Promoting Interoperability optional for enabling transmit among patients and required and integration costs may apply. Summary of care documents need to be objectives for patient engagement to provide clinicians configured in the infrastructure. The available to patients within measure reporting time limits for EH/EP; if ADT encounter patients and their authorized representatives Cerner Direct Messaging HISP service subscription is information is available, portal reports may calculate time limits, otherwise will report the ability to view, download or transmit their optional if secure transport to third party is enabled availability for alternative report calculation. Patient provisioning or enabling of optional health data. Includes the capability for outside the patient and provider portal automated and/or self-provisioning features is required to ensure patient independent patients and their authorized representatives infrastructure. Optional costs are additional services access to health care information. to access their health information for exchange that may be available by participation electronically, and download and transmit it to through other intermediaries. Implementation of a 3rd party (via both secure encrypted and patient consent is required and costs apply. To unencrypted methods) in a C-CDA format using enable full measure reporting, an ADT interface is the Continuity of Care Document (CCD) required for denominator evaluation. Integration of template. Also includes the ability to view EMR(s) and/or HIE(s) as the source(s) for summaries health information associated with a specific of care is required and integration costs may apply. date and/or date range and access a detailed activity history log of actions in their portal.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 88 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

§ 170.315(g)(2) Enables calculation of numerator and Automated Measure Recording is included with the Automated Measure denominator values as necessary for the Patient Portal - MMD, and Provider Portal certified As to the intended use of certified capability it is assumed that the standard reports are Recording Promoting Interoperability objectives. modules to support measure reporting for (View designed to work with particular certified product capabilities and workflows. Measure reporting for patient health download and transmit) VDT and/or secure Information on the design assumptions of the reports is available in Cerner reference information capture (reference 170.315(e)(3)) messaging. A software license is required for the documentation. Use of self-developed components or use of workflows that are beyond criterion in Soarian DM is performed with certified modules; no additional license is required the scope of the design assumptions of the standard reporting may not result in associated software in the Soarian Clinicals for the reporting capabilities. measurement consideration. Use of self-developed reporting or process to compile certified modules for Health Services Analytics. numerator and denominator data from different sources than the certified modules may be possible with optional integration and configuration but are outside the scope of Relied upon software: N/A Cerner's certified capabilities.

§ 170.315(g)(4) Establishes controls for and monitors Quality Management System applies to all certified N/A Quality Management compliance with the quality standards under modules listed herein. No separate licensing is System which the included certified capabilities are required. developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 89 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Provider Portal See Appendix A for certified versions and CHPL listing information

Description of Capability & Certified Capability Types of Costs/Fees Significant Implementation Guidance Additional Relied Upon Software

§ 170.315(d)(1) Enables calculation of numerator and Automated Measure Recording is included with the Authentication, Access denominator values as necessary for Patient Portal - MMD, and Provider Portal certified Use of any advanced authentication methodologies such as biometrics or cryptographic Control, and thePromoting Interoperability objectives. modules to support measure reporting for (View methods used in two factor authentications are beyond the scope of certified product Authorization download and transmit) VDT and/or secure capabilities but Cerner does support their use within the scope of product Relied upon software: N/A messaging. A software license is required for the documentation. Similarly, use of any external authentication methods, such as SAML that certified modules; no additional license is required are pass-through to the certified product's security services are beyond the scope of the for the reporting capabilities. certified capabilities but are not incompatible with their use. Use of any external directory services, such as Client Directory Support, for user account or credential management also is beyond the scope of Cerner's certified capabilities but is not incompatible with their use. § 170.315(d)(2) Auditable Events and Tamper Resistance No separate licensing for this capability is required. Auditable Events and applies to the ONC 2015 Edition certification The capabilities are considered a core component of To enable the certified capability to be used, configuration of desired audit events for Tamper Resistance criterion utilized by a variety of federal and the Health IT module itself, and no separate licensing logging have been identified and implemented as part of standard implementation. state programs including the Promoting is required for the certified capability apart from the Interoperability Base CEHRT definition and licensing required for the Health IT module. supports the development and maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Supports event creation capabilities for security auditing of access to and actions on ePHI via the certified application, including integrity protection of recorded audit logs. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(3) Audit Audit Reports applies to the ONC 2015 Edition No separate licensing for this capability is required. Reports certification criterion utilized by a variety of The capabilities are considered a core component of Establishing appropriate system clocks to standard time servers is part of initial system federal and state programs including the Health IT module itself, and no separate licensing implementation and operations per product documentation. Client review and thePromoting Interoperability Base CEHRT is required for the certified capability apart from the maintenance of audit records is outside the scope of certification criteria. definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables creation of sortable audit reports for specific time frames, and based on specific parameters such as user ID, patient ID, type of action, etc. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Cerner 2015 Edition Certified Health IT V. 32 Page 90 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

§ 170.315(d)(5) Automatic Log-Off applies to the ONC 2015 No separate licensing for this capability is required. Automatic Log-Off Edition certification criterion utilized by a The capabilities are considered a core component of To enable the certified capability to be used configuration is performed during standard variety of federal and state programs including the Health IT module itself, and no separate licensing implementation. the Promoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Enables automatic termination of a user session after a specified period of inactivity requiring re- authentication. This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 91 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases.

Relied upon software: N/A § 170.315(e)(2) Secure Secure Messaging applies to the ONC 2015 This is included with the Soarian Clinicals and Messaging Edition certification criterion utilized by a Provider Portal certified modules. A Software license To ensure patients/proxies can receive messages from providers, Soarian Communication variety of federal and state programs including is required for these certified products; no additional Services (SCS) capability in Soarian Clinicals needs to be implemented and integrated with the Promoting Interoperability objective for license is required for this capability. Patient Portal-MMD or another XDR-capable patient portal. For Provider Portal, secure patient engagement to allow providers to Optional advisory and implementation services are message implementation, Patient Portal – MMD should be configured for patient message patients and their authorized available. communication. As to intended use of certified capability it is assumed that clinical representatives. content of the message is not evaluated for numerator credit of the and clients need to utilize capabilities defined in product documentation for appropriate attribution. Relied upon software: Patient Portal-MMD (optional), Cerner Direct Messaging HISP (optional) § 170.315(g)(2) Enables calculation of numerator and Automated Measure Recording is included with the Automated Measure denominator values as necessary for Patient Portal - MMD, and Provider Portal certified As to the intended use of certified capability it is assumed that the standard reports are Recording thePromoting Interoperability objectives. modules to support measure reporting for (View designed to work with particular certified product capabilities and workflows. Measure reporting for patient health download and transmit) VDT and/or secure Information on the design assumptions of the reports is available in Cerner reference information capture (reference 170.315(e)(3)) messaging. A software license is required for the documentation. Use of self-developed components or use of workflows that are beyond criterion in Soarian DM is performed with certified modules; no additional license is required the scope of the design assumptions of the standard reporting may not result in associated software in the Soarian Clinicals for the reporting capabilities. measurement consideration. Use of self-developed reporting or process to compile certified modules for Health Services Analytics. numerator and denominator data from different sources than the certified modules may be possible with optional integration and configuration but are outside the scope of Relied upon software: N/A Cerner's certified capabilities. 170.315(g)(4) Establishes controls for and monitors Quality Management System applies to all certified N/A Quality Management compliance with the quality standards under modules listed herein. No separate licensing is System which the included certified capabilities are required. developed, tested, implemented, and maintained.

Cerner 2015 Edition Certified Health IT V. 32 Page 92 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

NOVIUS Lab See Appendix A for certified versions and CHPL listing information Description of Capability & Certified Capability Types of Costs/Fees Additional Relied Upon Software Significant Implementation Guidance § 170.315(d)(1) Authentication, Access Control & Authorization No separate licensing for this capability is required. Authentication, Access applies to the ONC 2015 Edition certification The capabilities are considered a core component of Use of any advanced authentication methodologies such as biometrics or cryptographic Control, and criterion utilized by a variety of federal and the Health IT module itself and no separate licensing methods used in two factor authentications are beyond the scope of certified product Authorization state programs including the Promoting is required for the certified capability apart from the capabilities but Cerner does support their use within the scope of product Interoperability Base CEHRT definition and licensing required for the Health IT module. documentation. Similarly, use of any external authentication methods, such as SAML that supports the development and maintenance of are pass-through to the certified product's security services are beyond the scope of the a Privacy and Security Risk Assessment and certified capabilities but are not incompatible with their use. Use of any external Implementation Plan. directory services, such as Client Directory Support, for user account or credential Supports unique user identification, enables management also is beyond the scope of Cerner's certified capabilities but is not authentication against unique user identifiers incompatible with their use. (i.e. username/password) to gain access to electronic health information, and includes the ability to control the specific access and privilege rights a user is granted.

This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(2) Auditable Events and Tamper Resistance No separate licensing for this capability is required. Auditable Events and applies to the ONC 2015 Edition certification The capabilities are considered a core component of To enable the certified capability to be used, configuration of desired audit events for Tamper Resistance criterion utilized by a variety of federal and the Health IT module itself, and no separate licensing logging have been identified and implemented as part of standard implementation. state programs including the Promoting is required for the certified capability apart from the Interoperability Base CEHRT definition and licensing required for the Health IT module. supports the development and maintenance of a Privacy and Security Risk Assessment and Implementation Plan. Supports event creation capabilities for security auditing of access to and actions on ePHI via the FirstNet application, including integrity protection of recorded audit logs. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: ntpd (Linux) § 170.315(d)(3) Audit Audit Reports applies to the ONC 2015 Edition No separate licensing for this capability is required. Reports certification criterion utilized by a variety of The capabilities are considered a core component of Establishing appropriate system clocks to standard time servers is part of initial system federal and state programs including the the Health IT module itself, and no separate licensing implementation and operations per product documentation. Client review and Promoting Interoperability Base CEHRT maintenance of audit records is outside the scope of certification criteria.

Cerner 2015 Edition Certified Health IT V. 32 Page 93 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

definition and supports the development and is required for the certified capability apart from the maintenance of a Privacy and Security Risk licensing required for the Health IT module. Assessment and Implementation Plan. Enables creation of sortable audit reports for specific time frames, and based on specific parameters such as user ID, patient ID, type of action, etc. This criterion is conditionally required for all certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A § 170.315(d)(7) End-User End User Device Encryption applies to the ONC No separate licensing for this capability is required. N/A Device Encryption 2015 Edition certification criterion utilized by a The capabilities are considered a core component of variety of federal and state programs including the Health IT module itself, and no separate licensing thePromoting Interoperability Base CEHRT is required for the certified capability apart from the definition and supports the development and licensing required for the Health IT module. maintenance of a Privacy and Security Risk Assessment and Implementation Plan. The certified product is designed to prevent any persistent storage of electronic health information accessed in the Soarian Clinicals application locally to end-user devices (e.g. temp files, cookies, caches). This criterion is conditionally required for certain certified modules and is included in the Soarian Clinicals, NOVIUS Lab, Patient Portal – MMD, Provider Portal and Soarian DM certified modules.

Relied upon software: N/A 170.315(d)(13) Identifies whether the certified product N/A N/A Multi-Factor enables multi-factor authentication (MFA) in Authentication accordance with industry-recognized standards. This criterion is intended exclusively for market transparency purposes and there is no requirement to implement or use any relevant capabilities. See Cerner.com/certified- health-it for details on any supported MFA use- cases.

Cerner 2015 Edition Certified Health IT V. 32 Page 94 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Relied upon software: N/A

§ 170.315(f)(3) Transmission of Reportable Lab Results applies This capability is included with the NOVIUS Lab Transmission to Public to the ONC 2015 Edition certification criterion certified module. A license is required for NOVIUS To enable the capability, master files need to be updated for required codes and Health Agencies – utilized by a variety of federal and state Lab; no additional license is required for this interfaces configured. Reportable Laboratory programs including the Promoting capability. Cerner OPENLink is optionally utilized for Interoperability objective for active connection to agency(ies) and interface Tests and Values/Results engagement in public health. customization. Enables creation and transmission of laboratory tests and results data to external public health agencies formatted according to the HL7 2.5.1 standards for Electronic Laboratory Reporting to Public Health.

Relied upon software: N/A § 170.315(g)(4) Establishes controls for and monitors Quality Management System applies to all certified N/A Quality Management compliance with the quality standards under modules listed herein. No separate licensing is System which the included certified capabilities are required. developed, tested, implemented, and maintained.

Relied upon software: N/A

Cerner 2015 Edition Certified Health IT V. 32 Page 95 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

Appendix A: Active Certified Health IT Module Versions

Antimicrobial Usage and Resistance Reporting Version CHPL Product Number Date Certified 2020 15.04.04.1221.Anti.20.04.1.200324 March 24, 2020

Electronic Lab Results Version CHPL Product Number Date Certified 2021 15.04.04.1221.Elec.20.04.1.210308 March 8, 2021

FirstNet (Clinical) Version CHPL Product Number Date Certified *2015.01 15.04.04.1221.Firs.15.04.1.210308 March 8, 2021 2018 15.04.04.1221.Firs.18.05.1.210308 March 8, 2021 *Requires minimum minor sub-release of 2015.01.19 or higher

FirstNet (CQMs) Version CHPL Product Number Date Certified *2015.01 15.07.04.1221.Firs.15.02.1.190514 May 14, 2019 2018 15.04.04.1221.Firs.18.03.1.200101 January 1, 2020 *Requires minimum minor sub-release of 2015.01.19 or higher

FirstNet (Immunizations) Version CHPL Product Number Date Certified *2015.01 15.07.04.1221.Firs.I5.01.1.180625 June 25, 2018 2018 15.04.04.1221.Firs.I8.02.1.200101 January 1, 2020 *Requires minimum minor sub-release of 2015.01.19 or higher

HealtheAnalytics: Promoting Interoperability Version CHPL Product Number Date Certified 2020 15.04.04.1221.HAna.20.01.0.200303 March 3, 2020 2021 15.04.04.1221.HAna.20.02.0.210331 March 31, 2021

HealtheLife Version CHPL Product Number Date Certified

Cerner 2015 Edition Certified Health IT V. 32 Page 96 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

2020 15.04.04.1221.Heal.H9.03.1.200317 March 17, 2020 2021 15.04.04.1221.Heal.H9.04.1.210308 March 8, 2021

HealthSentry Version CHPL Product Number Date Certified 2020 15.04.04.1221.Heal.20.03.1.200303 March 3, 2020 2021 15.04.04.1221.Heal.20.04.1.210308 March 8, 2021

Message Center Version CHPL Product Number Date Certified 3 15.04.04.1221.Mess.03.00.1.180808 August 8, 2018

P2 Sentinel Version CHPL Product Number Date Certified 5.0.4.1 15.04.04.1221.P2Se.P2.01.1.180625 June 25, 2018 6 15.04.04.1221.P2Se.06.01.1.180727 July 27, 2018 2020 15.04.04.1221.P2Se.20.04.1.200303 March 3, 2020 2021 15.04.04.1221.P2Se.20.05.1.210308 March 8, 2021

PowerChart (Clinical) Version CHPL Product Number Date Certified *2015.01 15.04.04.1221.Powe.15.04.1.210308 March 8, 2021 2018 15.04.04.1221.Powe.18.05.1.210308 March 8, 2021 *Requires minimum minor sub-release of 2015.01.19 or higher

PowerChart (CQMs) Version CHPL Product Number Date Certified *2015.01 15.04.04.1221.Powe.C5.02.1.190514 May 14, 2019 2018 15.04.04.1221.Powe.C8.03.1.200101 January 1, 2020 *Requires minimum minor sub-release of 2015.01.19 or higher

PowerChart (Health Care Surveys) Version CHPL Product Number Date Certified *2015.01 15.04.04.1221.Powe.HC.00.1.180801 August 1, 2018 2018 15.04.04.1221.Powe.HC.02.1.200101 January 1, 2020 *Requires minimum minor sub-release of 2015.01.19 or higher

Cerner 2015 Edition Certified Health IT V. 32 Page 97 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

PowerChart (Immunizations) Version CHPL Product Number Date Certified *2015.01 15.04.04.1221.Powe.15.01.1.180728 July 28, 2018 2018 15.04.04.1221.Powe.18.02.1.200101 January 1, 2020 *Requires minimum minor sub-release of 2015.01.19 or higher

PowerChart Touch Version CHPL Product Number Date Certified 4 15.04.04.1221.Powe.03.02.1.210308 March 8, 2021

Syndromic Surveillance Version CHPL Product Number Date Certified 2021 15.04.04.1221.Synd.20.04.1.210308 March 8, 2021

Soarian Clinicals Version CHPL Product Number Date Certified 2015 15.04.04.1221.Soar.15.01.1.210331 March 31, 2021

Soarian DM (Soarian Document Management) Version CHPL Product Number Date Certified *2015 15.07.04.1221.Soar.DO.01.1.180720 July 20, 2018 *Requires minimum solution release of 25.02.02 or higher

Patient Portal – MMD Version CHPL Product Number Date Certified *2015 15.07.04.1221.Pati.MM.01.0.180720 July 20, 2018 *Requires minimum solution release of 4.5 or higher

Provider Portal Version CHPL Product Number Date Certified *2015 15.07.04.1221.Prov.Pr.01.1.180720 July 20, 2018 *Requires minimum solution release of 4.5 or higher

Cerner 2015 Edition Certified Health IT V. 32 Page 98 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.

NOVIUS Lab Version CHPL Product Number Date Certified *2015 15.07.04.1221.NOVI.NO.01.0.180720 July 20, 2018 *Requires minimum solution release of 27.2.1 or higher

Cerner 2015 Edition Certified Health IT V. 32 Page 99 of 99 Transparency & Disclosure Information Eff: May 10, 2021 Document ID: 1642902279 © Cerner Corporation. All rights reserved. This document contains Cerner confidential and/or proprietary information belonging to Cerner Corporation and/or its related affiliates which may not be reproduced or transmitted in any form or by any means without the express written consent of Cerner.