From 06fddd2e668faa293bef35496a12142e3445cc5d Mon Sep 17 00:00:00 2001
From: stephen waite <stephen.waite@cmsvt.com>
Date: Sat, 7 Sep 2024 17:03:41 -0400
Subject: [PATCH] fix: remove 2015 from certification usage (#7691)

---
 API_README.md                                                   | 2 +-
 README.md                                                       | 2 +-
 .../modules/custom_modules/oe-module-ehi-exporter/Readme.md     | 2 +-
 .../templates/oe-module-ehi-exporter/README.text.twig           | 2 +-
 interface/patient_file/deleter.php                              | 2 +-
 interface/reports/rwt_2023_report.php                           | 2 +-
 interface/reports/rwt_2024_report.php                           | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/API_README.md b/API_README.md
index dea28e956eb..fc6b0e042fd 100644
--- a/API_README.md
+++ b/API_README.md
@@ -433,7 +433,7 @@ curl -X GET 'https://localhost:9300/apis/default/portal/patient' \
 ## Security
 - OpenEMR adminstrators / installers should ensure that the API is protected using an end to end encryption protocol such as TLS
 - Password Grant SHOULD be turned off for any kind of production use as it has a number of security problems
-- Setting the Admin -> Config -> OAuth2 App Manual Approval Settings to be 'Manual Approval' prevents any OAuth2 application from accessing the API without manual approval from an administrator.  This is the most secure setting.  However, in the USA jurisdiction that must comply with CEHRT rules for ONC 2015 Cures Update, patient standalone apps must be approved within 48 hours of a patient requesting access in order to avoid pentalities under the Information Blocking Provisions from ONC.  EHR administrators are not allowed to vet a patient's choice of an app as long as the app complies with OpenEMR's OAuth2 security requirements.  If an app requests user/* or system/* scopes, administrators can vet an application and request additional information / security on an app by app basis.  Leaving the setting at the default will auto-approve any patient standalone app.
+- Setting the Admin -> Config -> OAuth2 App Manual Approval Settings to be 'Manual Approval' prevents any OAuth2 application from accessing the API without manual approval from an administrator.  This is the most secure setting.  However, in the USA jurisdiction that must comply with CEHRT rules for ONC Cures Update, patient standalone apps must be approved within 48 hours of a patient requesting access in order to avoid pentalities under the Information Blocking Provisions from ONC.  EHR administrators are not allowed to vet a patient's choice of an app as long as the app complies with OpenEMR's OAuth2 security requirements.  If an app requests user/* or system/* scopes, administrators can vet an application and request additional information / security on an app by app basis.  Leaving the setting at the default will auto-approve any patient standalone app.
 - Public apps (ones that can't securely store a secret) MUST implement the PKCE standard specified in [RFC 7636](https://www.rfc-editor.org/rfc/rfc7636).  Confidential apps are still highly encouraged to implement PKCE to mitigate forms of MITM attacks such as multiple native app devices registering for the same custom url scheme used as the OAUTH2 redirect_uri in the authorization_code grant.
 
 ## For Developers
diff --git a/README.md b/README.md
index 6bd3439cb7f..7e9feef8d5c 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ This project exists thanks to all the people who have contributed. [[Contribute]
 
 ### Sponsors
 
-Thanks to our [2015 Edition Major Sponsors](https://www.open-emr.org/wiki/index.php/OpenEMR_Certification_Stage_III_Meaningful_Use#Major_sponsors)!
+Thanks to our [ONC Certification Major Sponsors](https://www.open-emr.org/wiki/index.php/OpenEMR_Certification_Stage_III_Meaningful_Use#Major_sponsors)!
 
 
 ### License
diff --git a/interface/modules/custom_modules/oe-module-ehi-exporter/Readme.md b/interface/modules/custom_modules/oe-module-ehi-exporter/Readme.md
index 43933363846..e3161bcf362 100644
--- a/interface/modules/custom_modules/oe-module-ehi-exporter/Readme.md
+++ b/interface/modules/custom_modules/oe-module-ehi-exporter/Readme.md
@@ -64,5 +64,5 @@ Users wanting to keep their psychotherapy notes confidential that are stored ins
 
 OpenEMR does not have a way of marking records as education records and so education records should not be stored in OpenEMR if using this system as a certified product.
 
-The ONC 2015 Certification public URL documentation for this export can be found at
+The ONC Certification public URL documentation for this export can be found at
 https://raw.githubusercontent.com/openemr/openemr/7.0.2/Documentation/EHI_Exports/docs/
diff --git a/interface/modules/custom_modules/oe-module-ehi-exporter/templates/oe-module-ehi-exporter/README.text.twig b/interface/modules/custom_modules/oe-module-ehi-exporter/templates/oe-module-ehi-exporter/README.text.twig
index f36909aad3f..b53a6530e0a 100644
--- a/interface/modules/custom_modules/oe-module-ehi-exporter/templates/oe-module-ehi-exporter/README.text.twig
+++ b/interface/modules/custom_modules/oe-module-ehi-exporter/templates/oe-module-ehi-exporter/README.text.twig
@@ -15,5 +15,5 @@
 {{ "The local installation documentation for the format of the EHI Export data can be found at"|xlt }}:
 {{ webBaseUrl|text }}/Documentation/EHI_Export/docs/
 
-{{ "The ONC 2015 Certification public URL documentation for this export can be found at"|xlt }}
+{{ "The ONC Certification public URL documentation for this export can be found at"|xlt }}
 https://raw.githubusercontent.com/openemr/openemr/{{ certifiedReleaseVersion|text }}/Documentation/EHI_Exports/docs/
diff --git a/interface/patient_file/deleter.php b/interface/patient_file/deleter.php
index 08a1c2084b1..cd3e9460f1e 100644
--- a/interface/patient_file/deleter.php
+++ b/interface/patient_file/deleter.php
@@ -176,7 +176,7 @@ function form_delete($formdir, $formid, $patient_id, $encounter_id)
 
 // Delete a specified document including its associated relations.
 //  Note the specific file is not deleted (instead flagged as deleted), since required to keep file for
-//   ONC 2015 certification purposes.
+//   ONC certification purposes.
 //
 function delete_document($document)
 {
diff --git a/interface/reports/rwt_2023_report.php b/interface/reports/rwt_2023_report.php
index 6e95a5f3cc5..da30074d24e 100644
--- a/interface/reports/rwt_2023_report.php
+++ b/interface/reports/rwt_2023_report.php
@@ -59,7 +59,7 @@
 
 <?php if (empty($_POST['start_button'])) { ?>
     <div class='mt-2 alert alert-primary' role='alert'>
-        <?php echo xlt("This report is required for OpenEMR instances in the United States that utilize ONC 2015 certification. This reports collects metrics that are used in Real World Testing that are required for the OpenEMR Foundation to maintain the ONC 2015 certification. This report calculates metrics from April 1, 2023 to September 30, 2023. Please run this report sometime in October or November of 2023 and then print it to a pdf and email the pdf to the OpenEMR Foundation at hello@open-emr.org. In the email, please confirm your practice is in the United States and state the clinical setting of your practice (this can be 'Primary/Specialty Care' setting, 'Behavioral Health Care' setting, or any other setting).") ?>
+        <?php echo xlt("This report is required for OpenEMR instances in the United States that utilize ONC certification. This reports collects metrics that are used in Real World Testing that are required for the OpenEMR Foundation to maintain the ONC certification. This report calculates metrics from April 1, 2023 to September 30, 2023. Please run this report sometime in October or November of 2023 and then print it to a pdf and email the pdf to the OpenEMR Foundation at hello@open-emr.org. In the email, please confirm your practice is in the United States and state the clinical setting of your practice (this can be 'Primary/Specialty Care' setting, 'Behavioral Health Care' setting, or any other setting).") ?>
     </div>
     <form method='post' name='theform' id='theform' action='rwt_2023_report.php' onsubmit='return top.restoreSession()'>
         <input type='hidden' name='csrf_token_form' value='<?php echo attr(CsrfUtils::collectCsrfToken('rwt_2023_report')); ?>' />
diff --git a/interface/reports/rwt_2024_report.php b/interface/reports/rwt_2024_report.php
index b6832b9afe1..3dab16d4e78 100644
--- a/interface/reports/rwt_2024_report.php
+++ b/interface/reports/rwt_2024_report.php
@@ -59,7 +59,7 @@
 
 <?php if (empty($_POST['start_button'])) { ?>
     <div class='mt-2 alert alert-primary' role='alert'>
-        <?php echo xlt("This report is required for OpenEMR instances in the United States that utilize ONC 2015 certification. This reports collects metrics that are used in Real World Testing that are required for the OpenEMR Foundation to maintain the ONC 2015 certification. This report calculates metrics from April 1, 2024 to September 30, 2024. Please run this report sometime in October or November of 2024 and then print it to a pdf and email the pdf to the OpenEMR Foundation at hello@open-emr.org. In the email, please confirm your practice is in the United States and state the clinical setting of your practice (this can be 'Primary/Specialty Care' setting, 'Behavioral Health Care' setting, or any other setting).") ?>
+        <?php echo xlt("This report is required for OpenEMR instances in the United States that utilize ONC certification. This reports collects metrics that are used in Real World Testing that are required for the OpenEMR Foundation to maintain the ONC certification. This report calculates metrics from April 1, 2024 to September 30, 2024. Please run this report sometime in October or November of 2024 and then print it to a pdf and email the pdf to the OpenEMR Foundation at hello@open-emr.org. In the email, please confirm your practice is in the United States and state the clinical setting of your practice (this can be 'Primary/Specialty Care' setting, 'Behavioral Health Care' setting, or any other setting).") ?>
     </div>
     <form method='post' name='theform' id='theform' action='rwt_2024_report.php' onsubmit='return top.restoreSession()'>
         <input type='hidden' name='csrf_token_form' value='<?php echo attr(CsrfUtils::collectCsrfToken('rwt_2024_report')); ?>' />