CERTIFICATIONS FOR SUCCESS: STAYING AHEAD SO OUR CLIENTS CAN TOO

NextGen® Enterprise EHR Enterprise 8

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No: 15.04.04.2054.Next.80.12.1.250602, Certification Date: June 2, 2025

Modules Tested: 170.315 (a)(1-5,12, 14-15); (b)(1-3,10-11); (c)(1-3); (d)(1-13); (e)(1, 3); (f)(1-2, 4-5, 7); (g)(2-7, 9-10); (h)(1)
Clinical Quality Measures tested: 2v6; 22v5; 50v5; 52v5; 56v5; 65v6; 66v5; 68v6; 69v5; 74v6; 75v5; 82v4; 90v6; 117v5; 122v5; 123v5; 124v5; 125v5; 127v5; 128v5; 129v6; 130v5; 131v5; 132v5; 133v5; 134v5; 135v5; 136v6; 137v5; 138v5; 139v5; 142v5; 143v5; 144v5; 145v5; 146v5; 147v6; 149v5; 153v5; 154v5; 155v5; 156v5; 157v5; 158v5; 159v5; 160v5; 161v5; 164v5; 165v5; 166v6; 167v5; 169v5; 177v5; 249v3; 347v1; 349v2; CMS645v3
Additional software used: NextGen^® (HQM), NextGen^® Rosetta Interface Messenger, First Databank (FDB) Drug Interaction Database, NextGen^® Share, NextGen^® Patient Access API, NextGen® FHIR API, Medfusion Patient Portal (NextGen^® PxP Portal) and Surescripts.

Mandatory disclosures:
Costs for NextGen^® Rosetta Interface Messenger, NextGen^® Share, NextGen^® Patient Access API, NextGen^® FHIR API, and Surescripts are included in the standard software licensing package and are covered by the standard software maintenance fees. NextGen^® HQM is available at no additional cost to clients under the HQM Reporting Services Schedule contract addendum. Clients opting out of this addendum may be assessed a fee for use of the HQM portal.

NextGen^® Enterprise EHR utilizes First Databank (FDB) Drug Interaction Database for medication, allergy and immunization data to support the medication and order module functionality in the application. First Databank (FDB) Drug Interaction Database users pay an annual per provider license fee to NextGen as part of their NextGen licensing package.

Medfusion Patient Portal (NextGen^® PxP Portal): Customers licensing the portal for the first time pay a one-time setup fee and a per-month/per-provider subscription fee for access to the portal and support. Customers who have already licensed the portal continue to pay their usual monthly subscription fees at the contracted rate.

External connectivity solutions: Interfaces for laboratory, cancer registry reporting, specialized registry reporting, immunization registry reporting, syndromic surveillance reporting, electronic case reporting, Health Care Surveys and CAHPS MIPS Survey require a software license fee, implementation fee and an annual support fee.

Updated Standards:

NextGen^® Office 5.0

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of the U.S. Department of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No: 15.04.04.2054.Medi.05.00.1.180220 Date Certified: 02/20/2018

Modules Tested: (a)(1-5,12,14) (b)(1-3,10-11); (c)(1-4); (d)(1-9,12-13); (e)(1,3); (f)(1,5); (g)(2-7,9-10); (h)(1)
Clinical Quality Measures tested: 2v6; 22v5; 50v5; 68v6; 69v5; 74v6; 75v5; 90v6; 117v5; 122v5; 124v5; 125v5; 127v5; 128v5; 130v5; 131v5; 134v5; 135v5; 136v6; 137v5; 138v5; 139v5; 144v5; 145v5; 146v5; 147v6; 149v5; 153v5; 154v5; 155v5; 156v5; 159v5; 161v5; 165v5; 177v5

Additional software used: Surescripts, Microsoft Excel and YourHealthFile.com

Mandatory Disclosure:

NextGen Office clients pay a per-provider fee which includes the following additional software: Surescripts, YourHealthFile.com.

Interfaces for laboratory and immunization registry reporting require a software license fee, an implementation fee, and a monthly maintenance fee. Other fees may apply to migrate data or for other 3rd party HL7 integrations.

Multi-Factor Authentication:

When logging in to NextGen Office users are required to setup MFA for either mobile phone and/or email. A time-based one-time passcode (TOTP) is sent via the applicable method.

Application use:

1. Users login with their user name and password
2. Users will be required to register a mobile phone and/or an email
3. Users will then be asked for their verification code each time they login

Updated Standards:

Mirth Connect 4.5

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No: 15.05.05.2054.NGM2.03.02.1.240222, Certification Date: February 22, 2024

Modules Tested: 170.315 (b)(10);(d)(1-3); (d)(5-10); (d)(12-13); (g)(4-5)
Clinical Quality Measures tested: None
Additional software used: Role-Based Access Control extension, Enhanced Bundle extension, Cures Certification Support extension, SSL Manager extension, and Multifactor Authentication (DUO, TOTP) extension

Mandatory Disclosure: Mirth Connect Cures Extensions use a tiered annual subscription bundle (Gold and Platinum). These standardized bundles benefit customers using our cost-benefit model defined as a "per server installation" of the extension(s) in production with attributed 3 non-production instances. In comparison, other integration services that charge based on the total number of interfaces and qualified message counts.

Certified functionality requires extensions that can are available through the Gold and Platinum tiers.

Multi-Factor Authentication: Mirth Connect can be configured to require users to use multi-factor authentication to log in to the application. When multi-factor authentication is enabled, in addition to providing a correct username and password, users must authenticate using either a time-based one-time passcode (TOTP) from an authenticator app such as Google Authenticator or they must authenticate using Cisco’s Duo application. If using Duo, users can choose to authenticate via a phone call, a passcode sent through a text message, or a push notification to the Duo mobile app.

Mirth Connect 4.6

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No: 15.05.05.2054.NGM3.04.03.1.250321, Certification Date: March 21, 2025

Modules Tested: 170.315 (b)(10);(d)(1-3); (d)(5-10); (d)(12-13); (g)(4-5)
Clinical Quality Measures tested: None
Additional software used: Role-Based Access Control extension, Enhanced Bundle extension, Cures Certification Support extension, SSL Manager extension, and Multifactor Authentication (DUO, TOTP) extension

Mandatory Disclosure: Mirth Connect Cures Extensions use a tiered annual subscription bundle (Gold and Platinum). These standardized bundles benefit customers using our cost-benefit model defined as a "per server installation" of the extension(s) in production with attributed 3 non-production instances. In comparison, other integration services that charge based on the total number of interfaces and qualified message counts.

Certified functionality requires extensions that can are available through the Gold and Platinum tiers.

Multi-Factor Authentication: Mirth Connect can be configured to require users to use multi-factor authentication to log in to the application. When multi-factor authentication is enabled, in addition to providing a correct username and password, users must authenticate using either a time-based one-time passcode (TOTP) from an authenticator app such as Google Authenticator or they must authenticate using Cisco’s Duo application. If using Duo, users can choose to authenticate via a phone call, a passcode sent through a text message, or a push notification to the Duo mobile app.

Mirth Connect 4.7

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No 15.05.05.2054.NGM4.05.04.1.260130, Certification Date: January 30, 2026

Modules Tested: 170.315 (b)(10);(d)(1-3); (d)(5-10); (d)(12-13); (g)(4-5)
Clinical Quality Measures tested: None
Additional software used: Role-Based Access Control extension, Enhanced Bundle extension, Cures Certification Support extension, SSL Manager extension, and Multifactor Authentication (DUO, TOTP) extension

Mandatory Disclosure: Mirth Connect Cures Extensions use a tiered annual subscription bundle (Gold and Platinum). These standardized bundles benefit customers using our cost-benefit model defined as a "per server installation" of the extension(s) in production with attributed 3 non-production instances. In comparison, other integration services that charge based on the total number of interfaces and qualified message counts.

Certified functionality requires extensions that can are available through the Gold and Platinum tiers.

Multi-Factor Authentication: Mirth Connect can be configured to require users to use multi-factor authentication to log in to the application. When multi-factor authentication is enabled, in addition to providing a correct username and password, users must authenticate using either a time-based one-time passcode (TOTP) from an authenticator app such as Google Authenticator or they must authenticate using Cisco’s Duo application. If using Duo, users can choose to authenticate via a phone call, a passcode sent through a text message, or a push notification to the Duo mobile app.

NextGen^® Direct Messaging 2.14 (formerly called Mirth Mail)

This Health IT module is compliant with the ONC Certification Criteria for Health IT and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Holds Certificate No: 15.04.04.2054.Next.02.04.0.210812, Certification Date: 8/12/2021

Modules Tested: 170.315 (b)(10); (d)(1-3); (d)(12-13); (g)(4,5); (h)(2)
Clinical Quality Measures tested: None
Additional software used: None

Mandatory Disclosure:
NextGen Direct Messaging licensing is a Tiered Annual subscription fee, based on number of unique Mailboxes. Additional fees may apply for security Certificates issued by our CA partner DigiCert.

Security certificates cost are recurring, based on a term of 1 or 2 years of the client's choosing.

The annual subscription cost includes all required functionality to integrate with other systems using XDR and/or SMTP, and a Webmail UI that allows users to exchange messages with other Direct Trust approved addresses, as well as administrator functionality to control the number of approved and active Mailboxes (Direct Addresses) used. The contract defines the number of unique Mailboxes (Direct Addresses) allowed but does not limit the implementation or use of the certified capabilities.

Additional Security Certificates are required for each organizational sub-domain defined by the client.