EHNAC Releases New 2022 Accreditation Criteria Versions for Public Review

Significant updates include new interoperability and information blocking program criteria; new program KPI requirements

The Electronic Healthcare Network Accreditation Commission (EHNAC) (@EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, announced that it has posted new versions of program criteria for its 20 accreditation programs for public review. The open process for adopting criteria will commence on September 27, 2021 and end on November 29, 2021.

Key updates to the 2022 criteria include the addition of new interoperability and information blocking criteria across key related EHNAC accreditation programs, along with updates to the Trusted Dynamic Registration and Authentication Accreditation Programs (TDRAAP) to include recommended best practices to implement provisions of the CMS Interoperability and Member Access Rule. Additionally, in an effort to provide the industry with the ability to understand the most important measurement points and factors, KPI (key performance indicator) requirements have also been added as a component to most all programs.

As the healthcare industry continues to implement the interoperable exchange of health data under 21st Century Cures, TDRAAP has been updated to align with the CARIN Alliance App Registration Implementation Guide recommendations. Released earlier this year, TDRAAP Basic and TDRAAP Comprehensive, were designed to help healthcare organizations demonstrate their ability to use trusted digital certificates for endpoint identity, registration, authentication and attribute discovery for electronic healthcare transactions using FHIR in real-time.

The 20 enhanced criteria programs and the new version numbers associated include:

  1. ACOAP – Accountable Care Organization Accreditation Program (V4.1)*
  2. DRAP – Data Registry Accreditation Program (V4.1)*
  3. DT P&S – DirectTrust Privacy & Security (V2.1)*
  4. EHNAC P&S – EHNAC Privacy & Security (V2.1)*
  5. ePAP-EHN – e-Prescribing Accreditation Program (V9.1)*
  6. EPCSCP-Pharmacy – Electronic Prescription of Controlled Substances Certification Program – Pharmacy Vendor (V4.2)**
  7. EPCSCP-Prescribing – Electronic Prescription of Controlled Substances Certification Program – Prescribing Vendor (V4.2)**
  8. FSAP-EHN – Financial Services Accreditation Program for Electronic Health Networks (V5.1)*
  9. FSAP-Lockbox – Financial Services Accreditation Program for Lockbox Services (V5.1)*
  10. HIEAP – Health Information Exchange Accreditation Program (V4.1)* 2;3
  11. HNAP-EHN – Healthcare Network Accreditation Program for Electronic Health Networks [Includes Payer] (V13.1)*
  12. HNAP-Medical Biller – Healthcare Network Accreditation Program for Medical Billers (V4.1)*
  13. HNAP-TPA – Healthcare Network Accreditation Program for Third Party Administrators (V4.1)*
  14. MSOAP – Management Service Organization Accreditation Program (V4.1)*
  15. OSAP – Outsourced Services Accreditation Program1 (V4.1)* 2;3
  16. PMSAP – Practice Management System Accreditation Program (V4.1)*
  17. TDRAAP-Basic – Trusted Dynamic Registration & Authentication Accreditation Program Basic (V1.2)**
  18. TDRAAP-Comprehensive – Trusted Dynamic Registration & Authentication Accreditation Program Comprehensive (V1.2)* 2;3
  19. TNAP-Participant – Trusted Network Accreditation Program (V1.3) 2;3
  20. TNAP-QHIN – Trusted Network Accreditation Program (V1.3) 2;3

Visit www.ehnac.org for more details or to review the latest EHNAC criteria and submit feedback during this comment period through the Criteria Comment Form.

The EHNAC criteria for each of its accreditation programs sets the foundational requirements for measuring an organization’s ability to meet/align with federal and state healthcare reform mandates such as HIPAA/HITECH, 21st Century Cures Act, TEFCA and other mandates and best practices like NIST, for health care organizations focusing on the areas of privacy, security, cybersecurity, breach handling, confidentiality, best practices, procedures and assets. Visit www.ehnac.org for more details.

¹OSAP includes 10 different accreditation programs tailored for Accountable Care Organization Technology Service Providers; Call Centers; Data Centers; DRP Facilities; Health Information Exchange Technology Service Providers; Media Storage; Network Administrators; Printing; Product Development; and Scanning.
²Indicates program includes Information Blocking criteria
³Indicates program includes Interoperability criteria
*Indicates program is available with either EHNAC or HITRUST CSF Privacy and Security criteria
**Indicates program does NOT include KPI requirements

About EHNAC
The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors, third-party administrators and trusted networks. The Commission is an authorized HITRUST CSF Assessor, making it the only organization with the ability to provide both EHNAC accreditation and HITRUST CSF certification.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare.