EHNAC Releases New 2023 Accreditation Criteria Versions for Public Review through November 28
Criteria enhancements include those for 19 existing and 3 new programs;
updates address capacity planning, utilization monitoring, and improved mapping to the NIST Cybersecurity Framework
SIMSBURY, Conn. – September 28, 2022 – The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, today announced that it has posted new versions of program criteria for its 19 accreditation programs and 3 beta accreditation programs for public review. The open process for adopting criteria will commence on September 28 and end on November 28, 2022.
The new updates by the EHNAC Criteria Committee include addressing capacity planning and utilization monitoring criteria, as well as improvements to some of the criteria within ePAP-EHN. This year’s developments also include improved mapping to the NIST Cybersecurity Framework and various other clarifications and grammatical enhancements.
“The criteria review process is an essential part of EHNAC’s methodology and commitment to transparency, allowing those involved with healthcare data exchange to voice their recommendations and help shape standards-based accreditation within our industry,” said Lee Barrett, executive director and CEO of EHNAC. “This year’s criteria updates better our existing programs, while expanding into three emerging programs: Explanation of Provider Payments, CARIN Code of Conduct, and Privacy by Design.”
Criteria versions for the following 19 enhanced programs are available for review:
- ACOAP – Accountable Care Organization Accreditation Program (V4.2)*
- DRAP – Data Registry Accreditation Program (V4.2)*
- DT P&S – DirectTrust Privacy & Security (V2.2)*
- EHNAC P&S – EHNAC Privacy & Security (V2.2)*
- ePAP-EHN – e-Prescribing Accreditation Program (V9.2)*
- EPCSCP-Pharmacy – Electronic Prescription of Controlled Substances Certification Program – Pharmacy Vendor (V4.3)
- EPCSCP-Prescribing – Electronic Prescription of Controlled Substances Certification Program – Prescribing Vendor (V4.3)
- FSAP-EHN – Financial Services Accreditation Program for Electronic Health Networks (V5.2)*
- FSAP-Lockbox – Financial Services Accreditation Program for Lockbox Services (V5.2)*
- HIEAP – Health Information Exchange Accreditation Program (V4.2)*
- HNAP-EHN – Healthcare Network Accreditation Program for Electronic Health Networks [Includes Payer] (V13.2)*
- HNAP-Medical Biller – Healthcare Network Accreditation Program for Medical Billers (V4.2)*
- HNAP-TPA – Healthcare Network Accreditation Program for Third Party Administrators (V4.2)*
- MSOAP – Management Service Organization Accreditation Program (V4.2)*
- OSAP – Outsourced Services Accreditation Program1 (V4.2)*1
- PMSAP – Practice Management System Accreditation Program (V4.2)*
- TDRAAP-Basic – Trusted Dynamic Registration & Authentication Accreditation Program Basic (V1.4)
- TDRAAP-Comprehensive – Trusted Dynamic Registration & Authentication Accreditation Program Comprehensive (V1.4)*
- TNAP-HIN – Trusted Network Accreditation Program (V2.1)
Criteria versions for the following three beta programs are available for review:
- EPPAP – Explanation of Provider Payment Accreditation Program (V1.0-Beta)
- CCCAP – CARIN Code of Conduct Accreditation Program (V1.0-Beta)
- PBDAP – Privacy by Design Accreditation Program (V1.0-Beta)
* Indicates that applicants may select from two distinct sets of security criteria:
EHNAC Security criteria with Privacy based on HIPAA/HITECH, GDPR, CCPA, and Health and Wellness; and Security based on NIST 800-171 and NIST CSF (Cybersecurity Framework)
HITRUST CSF Security Criteria, now updated to Version 9.6.2 of the HITRUST CSF
1OSAP includes 10 different accreditation programs tailored for Accountable Care Organization Technology Service Providers; Call Centers; Data Centers; DRP Facilities; Health Information Exchange Technology Service Providers; Media Storage; Network Administrators; Printing; Product Development; and Scanning.
The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors, third-party administrators, and trusted networks. The Commission is an authorized HITRUST CSF Assessor, making it the only organization with the ability to provide both EHNAC accreditation and HITRUST CSF certification.
EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation, and open competition in healthcare. To learn more, visit www.ehnac.org, contact firstname.lastname@example.org, or follow us on Twitter, LinkedIn and YouTube.