CAQH, EHNAC Team Up for FHIR App Accreditation, Interoperability

To promote interoperability and patient access to health information, CAQH announced a partnership with the Electronic Healthcare Network Accreditation Commission (EHNAC) that incentivizes FHIR app developers in the CAQH Endpoint Directory to become accredited through the Trusted Dynamic Registration and Authorization Accreditation Program (TDRAAP).

The CMS final Interoperability and Patient Access rule issued last year requires plans regulated by CMS to provide patients with the ability to access and transfer their personal health information through a third-party app of their choosing.

Since there are over 300,000 possible plan and app connections, CAQH created a centralized directory that allows app developers and plans to find and validate these endpoints so they can securely exchange member data.

TDRAAP accreditation from EHNAC and UDAP.org, publisher of the Unified Data Access Profiles, establishes an app’s security credentials to ensure health plan confidence in patient data sharing.

CAQH and EHNAC are lowering the accreditation cost to developers that participate in the CAQH Endpoint Directory with the intent to encourage app developers to attain TDRAAP accreditation. 

“We are proud to be partnering with EHNAC to encourage healthcare organizations and app developers to become TDRAAP accredited,” Robin Thomashauer, president of CAQH, said in a press release. “Our goal is to enhance the level of trust and transparency in the endpoints ecosystem so safe and reliable consumer apps can proliferate.”

The TDRAAP accreditation program requires healthcare organizations and application developers to demonstrate their ability to use trusted digital certificates for endpoint identity, registration, and authentication. This allows stakeholders to ensure secure interoperability.

The program has two options: TDRAAP-Basic and TDRAAP-Comprehensive.

TDRAAP-Basic is designed for developers of consumer-facing apps that use individual sign-on for access to one person’s healthcare data at a time. On the other hand, TDRAAP-Comprehensive allows healthcare organizations to demonstrate full HIPAA/HITECH Privacy and Security compliance, as well as validation of all the UDAP technical workflows that they support.

CAQH will identify which FHIR app developers are TDRAAP accredited in the CAQH Endpoint Directory, as well as the type of accreditation they have achieved.

“The ability to efficiently register and authenticate endpoints is a core component of healthcare interoperability,” said Lee Barrett, executive director and CEO of EHNAC. “This joint initiative by EHNAC and CAQH will ultimately result in consumers having greater access to their healthcare data and the goals of the CMS final rule being met.”