Send E-Mail to NVLAP at: NVLAP@nist.gov
[31/2011]
Testing based on criteria in 45 CFR Part 170, Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology; Final Rule (July 28, 2010).
[31/2014]
Testing based on criteria in 45 CFR Part 170, Health Information Technology: Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, 2014 Edition;
[ ]
Revisions to the Permanent Certification Program for Health Information Technology; Final Rule (September 4, 2012).
[31/NOTE1]
For 2011 Testing Criteria, test procedures are taken from "Approved Test Procedures Version 1.1", with each associated erratum where applicable effective October 24, 2010.
[31/NOTE2]
For 2014 Testing Criteria, test procedures are taken from the approved "2014 Edition Test Method", effective December 14, 2012, and include subsequent ONC-approved revisions of the Test Procedures, Test Data and Test Tools, as applicable.
[17BCS]
Basic Cryptographic and Security Testing
[17CAV]
Cryptographic Algorithm Validation Testing
[17CAV/01]
NIST - Cryptographic Algorithm Validation System (CAVS) for all FIPS-approved and NIST-recommended security functions as required in FIPS PUB 140-2 Annex A (and all superseded versions)
[17CMH1]
Cryptographic Modules – Hardware 1 Testing (FIPS 140-2 or successor, Security Level 1 to 3)
[17CMH1/01]
All test methods in accordance with FIPS 140-1, except those listed in 17CMH2/01
[17CMH1/02]
All test methods in accordance with FIPS 140-2, except those listed in 17CMH2/02 and CAVS
[17CMH2]
Cryptographic Modules – Hardware 2 Testing (FIPS 140-2 or successor, Security Level 4 and above)
[17CMH2/01]
Test methods for Physical Security Level 4, in accordance with FIPS 140-1
[17CMH2/02]
Test methods for Physical Security Level 4, in accordance with FIPS 140-2
[17CMS1]
Cryptographic Modules – Software 1 Testing (FIPS 140-2 or successor, Security Level 1 to 3)
[17CMS1/01]
All test methods in accordance with FIPS 140-1, except those listed in 17CMS2/01
[17CMS1/02]
All test methods in accordance with FIPS 140-2, except those listed in 17CMS2/02 and CAVS
[17CMS2]
Cryptographic Modules – Software 2 Testing (FIPS 140-2 or successor, Security Level 4 and above)
[17CMS2/01]
Test methods for Software Security Level 4, in accordance with FIPS 140-1
[17CMS2/02]
Test methods for Software Security Level 4, in accordance with FIPS 140-2
[17SCAP]
Security Content Automation Protocol Testing (SCAP, CVE, CCE, CPE, CVSS, XCCDF and OVAL)
[17SCAP/01]
Common Vulnerabilities and Exposures (CVE)
[17SCAP/02]
Common Configuration Enumeration (CCE)
[17SCAP/03]
Common Platform Enumeration (CPE)
[17SCAP/04]
Common Vulnerability Scoring System (CVSS)
[17SCAP/05]
eXtensible Configuration Checklist Document Format (XCCDF)
[17SCAP/06]
Open Vulnerability Assessment Language (OVAL)
[17SCAP/07]
Security Content Automation Protocol (SCAP)
Return to NVLAP Program Listing