[Federal Register Volume 80, Number 238 (Friday, December 11, 2015)]
[Rules and Regulations]
[Pages 76868-76872]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-31255]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of the Secretary
45 CFR Part 170
RIN 0991-AB93
2015 Edition Health Information Technology (Health IT)
Certification Criteria, 2015 Edition Base Electronic Health Record
(EHR) Definition, and ONC Health IT Certification Program
Modifications; Corrections and Clarifications
AGENCY: Office of the National Coordinator for Health Information
Technology (ONC), Department of Health and Human Services (HHS).
ACTION: Final rule; corrections and clarifications.
-----------------------------------------------------------------------
SUMMARY: This document corrects errors and clarifies provisions of the
final rule entitled ``2015 Edition Health Information Technology
(Health IT) Certification Criteria, 2015 Edition Base Electronic Health
Record (EHR) Definition, and ONC Health IT Certification Program
Modifications.''
DATES: This correction is effective January 14, 2016. The final rule
appeared in the Federal Register on October 16, 2015 (80 FR 62602), and
is effective on January 14, 2016, except for Sec. 170.523(m) and (n),
which are effective on April 1, 2016.
FOR FURTHER INFORMATION CONTACT: Michael Lipinski, Office of Policy,
National Coordinator for Health Information Technology, 202-690-7151.
SUPPLEMENTARY INFORMATION:
I. Background
Following the publication of Federal Register document 2015-25597
of October 16, 2015 (80 FR 62602), final rule entitled ``2015 Edition
Health Information Technology (Health IT) Certification Criteria, 2015
Edition Base Electronic Health Record (EHR) Definition, and ONC Health
IT Certification Program Modifications'' (hereinafter referred to as
the 2015 Edition final rule), we identified a number of errors in the
final rule. We summarize and correct these errors in the ``Summary of
Errors'' and ``Corrections of Errors'' sections below.
We also clarify requirements of the Common Clinical Data Set
(CCDS), the privacy and security certification framework, and the
mandatory disclosures for health IT developers in the
``Clarifications'' section below.
II. Summary of Errors
A. Preamble Errors
1. ``Audit Report(s)'' Certification Criterion
We incorrectly identified the adopted 2015 Edition ``audit
report(s)'' certification criterion throughout the preamble as
``unchanged'' and eligible for gap certification. More specifically, we
identified it incorrectly:
a. On page 62609, under Table 2 (``2015 Edition Health IT
Certification Criteria''), as an unchanged criterion compared to the
2014 Edition and gap certification eligible.
b. On page 62656, second column, in the ``Response'' under ``Audit
Report(s),'' as adopted as proposed (i.e., ``unchanged'').
c. On page 62681, under Table 6 (``Gap Certification Eligibility
for 2015 Edition Health IT Certification Criteria''), as eligible for
gap certification.
We adopted the standard at Sec. 170.210(e) as revised to include
the auditing of changes to user privileges in paragraph (e)(1)(i). The
adopted 2015 Edition ``audit report(s)'' certification criterion
references this standard. Therefore, it is a ``revised'' certification
criterion as compared to the 2014 Edition ``audit report(s)''
certification criterion and ineligible for gap certification.
2. ``Integrity'' Certification Criterion
On page 62657, third column, third paragraph, the last sentence
incorrectly references SHA-1. The commenters' statements were specific
to SHA-2.
3. ``Accounting of Disclosures'' Certification Criterion
On page 62658, first column, mid-page, within the 2015 Edition
``accounting of disclosures'' certification criterion table, we
inadvertently referenced the criterion as codified in 45 CFR
170.315(d)(10), when in fact it was codified in 45 CFR 170.315(d)(11).
We note that the 2015 Edition ``auditing actions on health
information'' certification criterion was codified in 45 CFR
170.315(d)(10).
4. ``Transmission to Public Health Agencies--Antimicrobial Use and
Resistance Reporting'' Certification Criterion
On page 62668, third column, lines 2 and 3, there was a
parenthetical error stating that we adopted the ``transmission to
public health agencies--antimicrobial use and resistance reporting''
certification criterion as proposed (with both Volumes 1 and 2 of the
HAI IG). The parenthetical is corrected to not reference volumes of the
HL 7 Implementation Guide for CDA[supreg] Release 2--Level 3:
Healthcare Associated Infection Reports, Release 1
[[Page 76869]]
(U.S. Realm), August 9, 2013 (HAI IG). This adopted version of the HAI
IG does not contain multiple volumes. Further, the adopted version of
the implementation guide was incorporated by reference in Sec.
170.299(f)(26).
5. Common Clinical Data Set--Assessment and Plan of Treatment, Goals,
and Health Concerns
On page 62696, second column, lines 8-14, we did not clearly
indicate that only the narrative parts of the ``Goals Section'' and
``Health Concerns Section'' needed to be met in order to meet the CCDS
definition. We refer readers to section III.A (``Common Clinical Data
Set'') below for further clarification of these CCDS requirements.
B. Regulation Text Errors
1. 2015 Edition Base EHR Definition
On page 62742, first column, line 16 (Sec. 170.102), we
inadvertently made an error in the 2015 Edition Base EHR definition by
citing to Sec. 170.315(a)(15) instead of Sec. 170.315(a)(14). As
discussed on pages 62625, 62630, 62691 and identified on page 62692
(Table 7), we included the ``implantable device list'' certification
criterion (Sec. 170.315(a)(14)) in the 2015 Edition Base EHR
definition as we proposed (80 FR 16806, 16825, 16870-16871). We did not
propose to include nor intend to include the ``social, psychological,
and behavioral data'' certification criterion (Sec. 170.315(a)(15)) in
the 2015 Edition Base EHR definition.
2. Sexual Orientation Code
On page 62744, third column, line 24 (Sec. 170.207(o)(1)(ii)), the
code (20730005) attributed to ``straight or heterosexual'' was
inaccurate. The correct code is 20430005 (emphasis added).
3. ``Implantable Device List'' Certification Criterion
On page 62748, third column, line 1 (Sec. 170.315(a)(14)), we
inadvertently omitted the word ``and'' at the end of the line. On the
same page and column, line 42, we inadvertently added the word ``and''
when the ``and'' should have been at the end of line 47. On the same
page and column, line 59, we inadvertently omitted the word ``and'' at
the end of the line.
4. ``Data Export'' Certification Criterion
On page 62750, third column, line 63, we inaccurately cross-
referenced paragraphs (ii) through (v) of the ``data export''
certification criterion (Sec. 170.315(b)(6)), when the cross-reference
should have only been to paragraphs (iii) and (iv). Paragraph (v)
should not have been referenced because there are only four paragraphs,
ending with paragraph (iv). Paragraph (ii) should not have been cross-
referenced because paragraph (ii) no longer includes a configuration
capability that could be enabled. The configuration capability included
in paragraph (ii) was intended to support user selection among the
multiple document templates we proposed for inclusion in paragraph (ii)
of this certification criterion. In the final rule, however, we only
included the Continuity of Care Document (CCD) document template in
paragraph (ii). Therefore, a configuration capability for selecting
among document templates is no longer applicable and both the cross-
reference to paragraph (ii) and the inclusion of configuration language
in paragraph (ii) on page 62751, first column, lines 10-11, are
incorrect. In terms of the configuration language in paragraph (ii),
more specifically the inclusion of ``configuration'' in the paragraph
title is an error as is the inclusion of the capability to ``configure
the technology'' in the first sentence.
5. ``Clinical Quality Measures--Filter'' Certification Criterion
a. Patient Insurance Standard
On page 62751, third column, line 22, we inadvertently included
``at a minimum'' language for the required patient insurance standard.
The standard (Source of Payment Typology Code Set Version 5.0 (October
2011)) was adopted at Sec. 170.207(s)(1), but we did not adopt this
standard as a ``minimum standards'' code set (see 80 FR 62612).
b. Patient Sex Standard
On page 62751, third column, lines 25-26, we inadvertently included
``at a minimum'' language for the required patient sex standard. The
standard for representing sex is the use of specific HL7 Version 3
codes and was adopted at Sec. 170.207(n)(1). We did not adopt this
standard as a ``minimum standards'' code set (see 80 FR 62612).
6. ``View, Download, and Transmit to 3rd Party'' (VDT) Certification
Criterion
On page 62753, first column, lines 37 and 55 (Sec.
170.315(e)(1)(ii)), we inadvertently omitted references for a patient's
authorized representative to have access to the specified capabilities
related to the activity history log under the VDT certification
criterion. As discussed on page 62658 and consistent with references
throughout the VDT criterion, a patient's authorized representative
access to these capabilities is the same as the patient for the
purposes of testing and certification.
7. ``Consolidated CDA Creation Performance'' Certification Criterion
On page 62754, second column, lines 42-46 (Sec.
170.315(g)(6)(ii)), we inadvertently included a sentence stating that
the scope of this certification criterion will not exceed the
evaluation of the CCD, Referral Note, and Discharge Summary document
templates. This statement is inconsistent with the preamble guidance of
the final rule on page 62674, which states that we have required that
Consolidated CDA (C-CDA) creation performance be demonstrated for the
C-CDA Release 2.1 document templates required by the 2015 Edition
certification criteria presented for certification. Certification to
some criteria (e.g., the ``transitions of care'' criterion) requires
three C-CDA document templates whereas other criteria (e.g., the ``care
plan'' criterion) only requires one C-CDA document template. To further
illustrate, if a Health IT Module only included the ``view, download,
and transmit to 3rd party'' certification criterion (Sec.
170.315(e)(1)) within its certificate's scope, then only the Continuity
of Care Document (CCD) document template would be applicable within the
``C-CDA creation performance'' criterion. Conversely, if a Health IT
Module designed for the inpatient setting included the ``transitions of
care'' certification criterion (Sec. 170.315(b)(1)) within its
certificate's scope, then all three document templates referenced by
that criterion (CCD, Referral Note, and Discharge Summary) would need
to be evaluated as part of the ``C-CDA creation performance''
criterion, with the Discharge Summary only applicable to the inpatient
setting.
8. ``Direct Project'' Certification Criterion
On page 62755, first column, lines 53 through 55 (Sec.
170.315(h)(1)(ii)), we inadvertently referenced the ``Applicability
Statement for Secure Health Transport'' in the title for paragraph (ii)
when it should have only been ``Delivery Notification in Direct.''
9. ``Direct Project, Edge Protocol, and XDR/XDM'' Certification
Criterion
On page 62755, second column, lines 4 through 6 (Sec.
170.315(h)(2)(ii)), we again inadvertently referenced the
``Applicability Statement for Secure Health Transport'' in the title
for paragraph (ii) when it should have only been ``Delivery
Notification in Direct.''
[[Page 76870]]
10. Principles of Proper Conduct for ONC-ACBs--Certified Health IT
Mandatory Disclosures
a. 2015 Edition Certified Health IT
On page 62756, third column, lines 35-36 (Sec.
170.523(k)(1)(ii)(A)), we inadvertently cross-referenced the wrong data
from Sec. 170.523(f)(1). We did not intend to cross-reference Sec.
170.523(f)(1)(xvii) (certification to standards used to meet a
certification criterion). The required data elements for disclosure
were intended to be consistent across the editions. This data is not a
required data element for the mandatory disclosures for health IT
certified to the 2014 Edition. We did, however, intend to require the
disclosure of Sec. 170.523(f)(1)(xv) (certification to clinical
quality measures), which was inadvertently omitted but consistent with
the new and previous 2014 Edition disclosure requirements. We also
refer readers to section III.C (``Mandatory Disclosures for 2015
Edition Certified Health IT'') below for a clarification related to the
disclosure on information specified in Sec. 170.523(f)(1)(viii).
b. 2014 Edition Certified Health IT
On page 62756, third column, lines 42-43 (Sec.
170.523(k)(1)(ii)(B)), we inadvertently omitted cross-references to
paragraphs (f)(2)(iii) (product version) and (vi) (any additional
relied upon software used to demonstrate compliance with a
certification criterion or criteria) of Sec. 170.523. The parallel
requirements were included in the required disclosures for health IT
certified to the 2015 Edition and were previously required to be
disclosed as part of certification to the 2014 Edition.
10. In-the-Field Surveillance and Maintenance of Certification for
Health IT
a. Exclusion and Exhaustion
On page 62758, third column, lines 4 and 10 (Sec. 170.556(c)(5)),
we twice inadvertently cross-referenced paragraph (c)(3) of Sec.
170.556 instead of paragraph (c)(4) of Sec. 170.556. Paragraph (c)(4)
includes the requirements for locations as they would apply to the
``exclusion and exhaustion'' requirements of paragraph (c)(5).
b. Termination
On page 62759, second column, lines 23-24 (Sec. 170.556(d)(6)), we
inadvertently included language suggesting that termination was limited
to suspensions in the context of randomized surveillance. Consistent
with the preamble discussion on pages 62716-62718, termination can
follow any suspension if the health IT developer has not completed the
actions necessary to reinstate the suspended certification.
III. Clarifications
A. Common Clinical Data Set
In the final rule (Sec. 170.102), we define the CCDS to mean data
expressed, where indicated, according to specified standards. For four
data specified in the CCDS (Unique Device Identifier(s) for a Patient's
Implantable Device(s); Assessment and Plan of Treatment; Goals; and
Health Concerns), we reference specific Consolidated Clinical Document
Architecture (C-CDA) sections. Based on subsequent examination of this
regulatory text and early interactions with stakeholders, we have
determined that additional explanation of these references is necessary
in order to ensure health IT developers accurately and consistently
interpret and implement health IT functionality to our expressed
regulatory requirements. In this regard, we seek to clarify two points.
First, we clarify that the references to these four specific C-CDA
section templates is not meant to be strictly interpreted to mean that
a health IT developer must use the C-CDA's syntax for each referenced
section. Such a strict interpretation would directly contradict the
flexibility we have intentionally offered to health IT developers who
seek to certify to the ``application access--data category request''
certification criterion adopted at 45 CFR 170.315(g)(8), which
references the CCDS but does not bind health IT presented for
certification to solely use the C-CDA to meet the criterion. To avoid
stakeholders inadvertently following this overly strict interpretation,
we clarify that the references to these C-CDA section templates was
meant (like all of the other data listed in the CCDS) to emphasize that
these data need to be consistently and independently represented as
discrete data that are clearly distinguishable.
Second, we clarify for the Assessment and Plan of Treatment, Goals,
and Health Concerns data that only the narrative part of the referenced
C-CDA section templates is necessary and required in order to satisfy
the CCDS. Further and in support of this clarification, testing and
certification will focus on the presence of data represented consistent
with just the narrative part of the referenced section templates.
Similar to our points above, given that these section templates in the
C-CDA have two parts (a narrative part and coded requirements part for
C-CDA), we believe that it is necessary to make this interpretation
explicit so as to prevent health IT developers from over-interpreting
this definition's data requirements to include more data than we had
intended.
B. Privacy and Security Certification Framework--Approach 2
Under Sec. 170.550(h)(4)(ii), a Health IT Module can meet
applicable 2015 Edition privacy and security certification criterion by
demonstrating, through system documentation that is sufficiently
detailed to enable integration, that the Health IT Module has
implemented service interfaces for each applicable privacy and security
certification criterion that enable the Health IT Module to access
external services necessary to meet the privacy and security
certification criterion (also known as ``Approach 2''). We clarify
three points about Approach 2. First, we clarify that the term
``access'' includes, as applicable, bi-directional interfaces with
external services. For example, system documentation could detail how
integration establishes a bi-directional interface that meets the
requirements of the 2015 Edition ``audit report(s)'' certification
criterion. Second, external services simply mean services outside the
scope of the Health IT Module being presented for certification.
External services could be, but are not limited to, those provided by
another certified Health IT Module, another software program such as
Microsoft Active Directory, or a hospital enterprise-wide
infrastructure. Third, a Health IT Module is not required to be paired
with the other services for the purposes of certification (e.g.,
certified with another certified Health IT Module that performs the
privacy and security capability or specifying the external services as
``relied upon software'').
C. Mandatory Disclosures for 2015 Edition Certified Health IT
We clarify that for compliance with Sec. 170.523(k)(1)(ii)(A), the
only information that must be disclosed to meet the data requirement
specified in Sec. 170.523(f)(1)(viii) is the certification criterion
or criteria to which the Health IT Module has been certified. This is
consistent with the disclosure requirements for certification to the
2014 Edition.
IV. Waiver of Proposed Rulemaking
We ordinarily publish a notice of proposed rulemaking in the
Federal Register to provide a period for public comment before the
provisions of a rule take effect in accordance with section
[[Page 76871]]
553(b) of the Administrative Procedure Act (APA) (5 U.S.C. 553(b)).
However, we can waive this notice and comment procedure if the
Secretary finds, for good cause, that the notice and comment process is
impracticable, unnecessary, or contrary to the public interest, and
incorporates a statement of the finding and the reasons therefore in
the notice.
In our view, this correcting and clarifying document does not
constitute a rulemaking that would be subject to the APA notice and
comment requirements. This document corrects errors and clarifies
provisions of the 2015 Edition final rule published on October 16,
2015. It does not make substantive changes to the policies that were
adopted. As a result, this correcting document is intended to ensure
that the final rule accurately reflects the policies adopted in that
final rule.
In addition, even if this were a rulemaking to which the notice and
comment requirements applied, we find that there is good cause to waive
such requirements. Undertaking further notice and comment procedures to
incorporate the corrections in this document into the final rule would
be contrary to the public interest. Furthermore, such procedures would
be unnecessary, as we are not altering the policies that were already
subject to comment and finalized in our final rule. Therefore, we
believe we have good cause to waive the notice and comment
requirements.
V. Corrections of Errors
A. Preamble Corrections
1. On page 62609, correct Table 2 as follows:
a. Remove ``Audit Report(s)'' from the ``Unchanged Criteria as
Compared to the 2014 Edition (Gap Certification Eligible)'' category
and insert it with an in asterisk (i.e., Audit Report(s)*) in the
``Revised Criteria as Compared to the 2014 Edition'' category after
``Auditable Events and Tamper-Resistance.''
b. Revise the ``Unchanged Criteria as Compared to the 2014 Edition
(Gap Certification Eligible) (16)'' title to ``Unchanged Criteria as
Compared to the 2014 Edition (Gap Certification Eligible) (15)''.
c. Revise the ``Revised Criteria as Compared to the 2014 Edition
(25)'' title to ``Revised Criteria as Compared to the 2014 Edition
(26)''.
2. On page 62656, second column, in the ``Response'' under ``Audit
Report(s),'' correct the first sentence to read ``We have adopted this
certification criterion as revised to support the audit reporting of
changes in user privileges consistent with the adopted 2015 Edition
``auditable events and tamper resistance'' certification criterion.''
3. On page 62657, third column, third paragraph, correct the last
sentence to read ``A few commenters requested that we wait until 2017
or 2018 to increase the standard to SHA-2.''
4. On page 62658, first column, mid-page, within the 2015 Edition
``accounting of disclosures'' certification criterion table, the
citation is corrected to read ``45 CFR 170.315(d)(11).''
5. On page 62668, third column, lines 2 and 3, correct the
parenthetical to read ``(with the HAI IG).''
6. On page 62681, Table 6, remove ``(d)(3) Audit report(s)'' from
the ``2015 Edition'' column and ``(d)(3) Audit report(s)'' from the
``2014 Edition'' column.
7. On page 62696, second column, lines 8-14, correct the sentence
to read ``Thus, other C-CDA document templates such as CCD, Referral
Note, and Discharge Summary would need to be able to exchange the
narrative information from the ``Goals Section'' and ``Health Concerns
Section'' in order to meet the Common Clinical Data Set definition.''
B. Regulation Text Corrections
0
1. On page 62742, first column, in Sec. 170.102, in the definition of
``2015 Edition Base EHR'', paragraph (3) is corrected to read as
follows:
Sec. 170.102 Definitions.
* * * * *
2015 Edition Base EHR * * *
(3) Has been certified to the certification criteria adopted by the
Secretary in Sec. 170.315(a)(1), (2), or (3); (a)(5) through (9);
(a)(11); (a)(14); (b)(1) and (6); (c)(1); (g)(7) through (9); and
(h)(1) or (2);
* * * * *
0
2. On page 62744, third column, in Sec. 170.207, paragraph (o)(1)(ii)
is corrected to read as follows:
Sec. 170.207 Vocabulary standards for representing electronic health
information.
* * * * *
(o) * * *
(1) * * *
(ii) Straight or heterosexual. 20430005.
* * * * *
0
3. On pages 62748 through 62755, in Sec. 170.315, paragraphs
(a)(14)(ii)(A), (a)(14)(iv)(A) and (B), (a)(14)(v)(C), (b)(6)(i)(A),
(b)(6)(ii) introductory text, (c)(4)(iii)(E) and (G), (e)(1)(ii)(A)
introductory text, (e)(1)(ii)(B), (g)(6)(ii), (h)(1)(ii), and
(h)(2)(ii) are corrected to read as follows:
Sec. 170.315 2015 Edition health IT certification criteria.
* * * * *
(a) * * *
(14) * * *
(ii) * * *
(A) Device Identifier; and
* * * * *
(iv) * * *
(A) The active Unique Device Identifiers recorded for the patient;
(B) For each active Unique Device Identifier recorded for a
patient, the description of the implantable device specified by
paragraph (a)(14)(iii)(A) of this section; and
* * * * *
(v) * * *
(C) The identifiers associated with the Unique Device Identifier,
as specified by paragraph (a)(14)(ii) of this section; and
* * * * *
(b) * * *
(6) * * *
(i) * * *
(A) Enable a user to set the configuration options specified in
paragraphs (b)(6)(iii) and (iv) of this section when creating an export
summary as well as a set of export summaries for patients whose
information is stored in the technology. A user must be able to execute
these capabilities at any time the user chooses and without subsequent
developer assistance to operate.
* * * * *
(ii) Creation. Enable a user to create export summaries formatted
in accordance with the standard specified in Sec. 170.205(a)(4) using
the Continuity of Care Document document template that includes, at a
minimum:
* * * * *
(c) * * *
(4) * * *
(iii) * * *
(E) Patient insurance in accordance with the standard specified in
Sec. 170.207(s)(1).
* * *
(G) Patient sex in accordance with the version of the standard
specified in Sec. 170.207(n)(1).
* * * * *
(e) * * *
(1) * * *
(ii) * * *
(A) When any of the capabilities included in paragraphs
(e)(1)(i)(A) through (C) of this section are used, the following
information must be recorded and made accessible to the patient (or
his/her authorized representative):
* * * * *
(B) Technology presented for certification may demonstrate
[[Page 76872]]
compliance with paragraph (e)(1)(ii)(A) of this section if it is also
certified to the certification criterion specified in Sec.
170.315(d)(2) and the information required to be recorded in paragraph
(e)(1)(ii)(A) of this section is accessible by the patient (or his/her
authorized representative).
* * * * *
(g) * * *
(6) * * *
(ii) Document-template conformance. Create a data file formatted in
accordance with the standard adopted in Sec. 170.205(a)(4) that
demonstrates a valid implementation of each document template
applicable to the certification criterion or criteria within the scope
of the certificate sought.
* * * * *
(h) * * *
(1) * * *
(ii) Delivery Notification in Direct. Able to send and receive
health information in accordance with the standard specified in Sec.
170.202(e)(1).
* * * * *
(2) * * *
(ii) Delivery Notification in Direct. Able to send and receive
health information in accordance with the standard specified in Sec.
170.202(e)(1).
Sec. 170.523 [Corrected]
0
4. In Sec. 170.523--
0
a. On page 62756, third column, lines 35-36, paragraph (k)(1)(ii)(A),
the reference ``paragraphs (f)(1)(i), (vi), (vii), (viii), (xvi), and
(xvii) of this section'' is corrected to read ``paragraphs (f)(1)(i),
(vi), (vii), (viii), (xv), and (xvi) of this section''.
0
b. On page 62756, third column, lines 42-43, paragraph (k)(1)(ii)(B),
the reference ``paragraphs (f)(2)(i), (ii), (iv)-(v), and (vii) of this
section'' is corrected to read ``paragraphs (f)(2)(i) through (vii) of
this section''.
0
5. In Sec. 170.556--
0
a. On page 62758, third column, lines 4 and 10, paragraph (c)(5),
correct the reference ``paragraph (c)(3)'' each time it appears to read
``paragraph (c)(4)''.
0
b. On page 62759, second column, correct paragraph (d)(6) to read as
follows:
Sec. 170.556 In-the-field surveillance and maintenance of
certification for Health IT.
* * * * *
(d) * * *
(6) If a certified Complete EHR or certified Health IT Module's
certification has been suspended, an ONC-ACB is permitted to initiate
certification termination procedures for the Complete EHR or Health IT
Module (consistent with its accreditation to ISO/IEC 17065 and
procedures for terminating a certification) when the developer has not
completed the actions necessary to reinstate the suspended
certification.
* * * * *
Dated: December 7, 2015.
Madhura Valverde,
Executive Secretary to the Department, Department of Health and Human
Services.
[FR Doc. 2015-31255 Filed 12-10-15; 8:45 am]
BILLING CODE 4150-45-P