EHNAC data security accreditation programs await 2019 update
The Electronic Healthcare Network Accreditation Commission has released for public review new versions of program criteria of its 18 accreditation programs for 2019.
EHNAC accredits a range of industry stakeholders for meeting best business practices for electronically exchanging healthcare data.
These programs cover providers, insurers, accountable care organizations, cloud programs, medication management, financial services, health information exchanges, billing, outsourcing, practice management systems and third-party administrators, among others. Comments on the updated criteria are due by December 6.
“The EHNAC criteria for each of its accreditation programs sets the foundational requirements for measuring an organization’s ability to meet federal and state healthcare reform mandates such as HIPAA, Omnibus, ARRA/HITECH, ACA and other mandates for covered entities and business associates focusing on the areas of privacy, security, confidentiality, best practices, procedures and assets,” says Lee Barrett, the organization’s executive director.
The 2019 criteria requires all the programs to adopt the latest version of the HITRUST CSF, which is an industry privacy and security framework that is continuously evolving with the changing cyber landscape.
EHNAC is asking stakeholders reviewing the criteria to give options and suggestions that can assist in determining the necessity, appropriateness and workability of the criteria. In addition to administering its own accreditation program, EHNAC also accredits HITRUST CSF certification. The 2019 EHNAC accreditation criteria is available here.