EHNAC Announces Finalized 2023 Health IT Accreditation Criteria

The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit health IT standards development organization, has released new versions of program criteria for its 19 accreditation programs and 3 beta accreditation programs.

The updates by the EHNAC Criteria Committee include addressing capacity planning and utilization monitoring criteria, as well as enhancements to criteria within the EHNAC ePrescribing accreditation program (ePAP-EHN).

The new developments also include improved mapping to the NIST Cybersecurity Framework and other clarifications and grammatical enhancements.

"We are excited about the finalization of this year's criteria as these critical updates not only improve our existing programs, but also expand our accreditation offerings as we bring to the industry three new beta programs focused on Explanation of Provider Payments, CARIN Code of Conduct, and Privacy by Design," Lee Barrett, executive director and CEO of EHNAC, said in a press release.

"We are continuously grateful for those who provided invaluable feedback as we continue to strengthen and advance our accreditation criteria so that industry stakeholders are at the forefront of legislative and regulatory revisions to ensure compliance while reducing risk of breach or cyberattack and assuring stakeholder trust,” Barrett added.

Following the standard, 60-day public comment period, EHNAC's Criteria Committee and Commission incorporated public feedback to finalize the criteria versions for the following nineteen accreditation programs:

• ACOAP - Accountable Care Organization Accreditation Program (V4.2)
• DRAP - Data Registry Accreditation Program (V4.2)
• DT P&S - DirectTrust Privacy & Security (V2.2)
• EHNAC P&S - EHNAC Privacy & Security (V2.2)
• ePAP-EHN - e-Prescribing Accreditation Program (V9.2)
• EPCSCP-Pharmacy - Electronic Prescription of Controlled Substances Certification Program - Pharmacy Vendor (V4.3)
• EPCSCP-Prescribing - Electronic Prescription of Controlled Substances Certification Program - Prescribing Vendor (V4.3)
• FSAP-EHN - Financial Services Accreditation Program for Electronic Health Networks (V5.2)
• FSAP-Lockbox - Financial Services Accreditation Program for Lockbox Services (V5.2)
• HIEAP - Health Information Exchange Accreditation Program (V4.2)
• HNAP-EHN - Healthcare Network Accreditation Program for Electronic Health Networks [Includes Payer] (V13.2)
• HNAP-Medical Biller - Healthcare Network Accreditation Program for Medical Billers (V4.2)
• HNAP-TPA - Healthcare Network Accreditation Program for Third Party Administrators (V4.2)
• MSOAP - Management Service Organization Accreditation Program (V4.2)
• OSAP - Outsourced Services Accreditation Program1 (V4.2)1
• PMSAP - Practice Management System Accreditation Program (V4.2)
• TDRAAP-Basic - Trusted Dynamic Registration & Authentication Accreditation Program Basic (V1.4)
• TDRAAP-Comprehensive - Trusted Dynamic Registration & Authentication Accreditation Program Comprehensive (V1.4)
• TNAP-HIN - Trusted Network Accreditation Program (V2.1)

EHNAC also released criteria versions for the following three beta programs:

• EPPAP - Explanation of Provider Payment Accreditation Program (V1.0-Beta)
• CCCAP - CARIN Code of Conduct Accreditation Program (V1.0-Beta)
• PBDAP - Privacy by Design Accreditation Program (V1.0-Beta)

The criteria for each of EHNAC’s accreditation programs sets the foundational requirements for measuring an organization's ability to meet/align with federal and state healthcare reform mandates such as HIPAA/HITECH and the 21st Century Cures Act.