Knowledge Center
Episode 178: Pitfalls But Promise. The State of Healthcare Cybersecurity with Scott Mattila, COO & Chief Security Officer, Intraprise Health
May 15, 2018
Accreditation program to align with 21st Century Cures Act, leverage existing frameworks and best practices while supporting blockchain, GDPR, cloud, and other underlying enabling technologies
FARMINGTON, Conn. – May 15, 2018 – The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, today announced a collaboration with WEDI, SAFE-BioPharma Association, LLC, eHI, and eP3 Foundation to establish a new Trusted Exchange Accreditation Program (TEAP). This accreditation program will leverage existing industry-wide identity verification, authentication, and privacy/security frameworks and best practices in use across the ecosystem and align with many national efforts including the Office of the National Coordinator for Health Information Technology’s (ONC’s) efforts to endorse the 21st Century Cures Act and other federal requirements including TEFCA, which was created to improve data exchange and enable interoperability across different health information networks (HINs).
“We invite the healthcare industry to join us in working together to establish this important new accreditation program that will continue the much-needed focus on interoperability as well as assure a trusted environment where privacy and security requirements are maintained,” said EHNAC Executive Director Lee Barrett. “The formation of this industry collaboration leveraging many of the excellent frameworks and best practices already deployed is an important first step in making this a reality.”
With the goal of providing third-party accreditation for healthcare stakeholders including health information networks (HINs), health information exchanges (HIEs), accountable care organizations (ACOs), data registries, payers, providers, vendors and others, this new accreditation program will focus on assuring identify verification and authentication of stakeholders that will utilize the “digital exchange highway” as well as support blockchain, GDPR, cloud, and other underlying enabling technologies.
"SAFE-BioPharma is pleased to be a part of this effort to leverage standards in healthcare, which will lead to improved patient safety, privacy and, a better user experience," said Matt King, Director of SAFE-BioPharma Association.
WEDI President and CEO Charles Stellar added, “This program aligns closely with the efforts of WEDI members and workgroups to facilitate secure and trusted data exchange through blockchain and other enabling technologies. Our association is committed to working closely with the other founding partners, sharing our members’ guidance and relationship with the ONC to further this important initiative.”
Next steps include forming a steering committee which will be comprised of a broad-based group of 10-15 public private healthcare stakeholders across a wide range of sectors and specialties. Further updates on the group’s progress will be announced as they become available.
“The Trusted Exchange Accreditation Program enables new data paradigms, accredited by organizations already known and trusted, to solve and resolve the traditional roadblocks to interoperability and consumer empowerment while, at the same time, addressing the brand new regulatory requirements like GDPR,” said Marsali Hancock, CEO of the EP3 Foundation. "We applaud and welcome all organizations entrusted with protecting information to participate."
The EHNAC criteria for each of its accreditation programs establishes foundational requirements for measuring an organization’s ability to meet federal and state healthcare reform mandates such as HIPAA, Omnibus, ARRA/HITECH, ACA and other mandates for covered entities and business associates focusing on the areas of privacy, security, confidentiality, best practices, procedures and assets. Visit www.ehnac.org for more details or to review the latest EHNAC criteria.
About EHNAC
The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors and third-party administrators. The Commission is an authorized HITRUST CSF Assessor, making it the only organization with the ability to provide both EHNAC accreditation and HITRUST CSF certification.
EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit www.ehnac.org, contact info@ehnac.org, or follow us on Twitter, LinkedIn and YouTube.
About EP3 Foundation
EP3 Foundation, a 501(c)3 nonprofit, is a multi-sector community of nonprofits, standards organizations, industry leaders, researchers, and government agencies committed to improve health, education, and wellness by empowering people with privacy and personalization. The EP3 Foundation networks use new data paradigms to give you the power to access, protect, and share data without revealing personal or sensitive information.
Our networks are open, vendor-neutral and support any participants’ trust criteria. We open data silos to allow access to the data you agree to share for research, clinical trials, and to authorize identity, while still protecting confidentiality. To learn more, visit ep3foundation.org, contact info@ep3foundation.org , or follow us on LinkedIn and Twitter.
About SAFE-BioPharma Association, LLC
As part of the National Health Information Sharing and Analysis Center (NH-ISAC), SAFE-BioPharma Association, LLC provides global, high-assurance identity trust for cyber-transactions in the biopharmaceutical and healthcare industries.
The SAFE-BioPharma® digital identity and signature standards were crafted to mitigate risk associated with electronic transactions by protecting intellectual property and patient data using secure, enforceable, and regulatory compliant mechanisms.
SAFE-BioPharma® is a trademark of SAFE-BioPharma Association. Use of this trademark requires approval from SAFE-BioPharma Association.
NH-ISAC is a non-profit, member-driven organization offering healthcare stakeholders a trusted community and forum for sharing cyber and physical threat indicators, vulnerabilities, best practices and mitigation strategies.
About WEDI
The Workgroup for Electronic Data Interchange (WEDI) is the leading authority on the use of health IT to improve healthcare information exchange in order to enhance the quality of care, improve efficiency, and reduce costs of our nation’s healthcare system. WEDI was formed in 1991 by the Secretary of Health and Human Services (HHS) and was designated in the 1996 HIPAA legislation as an advisor to HHS. WEDI’s membership includes a broad coalition of organizations, including: hospitals, providers, health plans, vendors, government agencies, consumers, not-for-profit organizations, and standards development organizations. To learn more, visit www.wedi.org and connect with us on Twitter, Facebook and LinkedIn.
About eHealth Initiative
eHealth Initiative (eHI) & Foundation is a Washington D.C.-based, independent, non-profit organization whose mission is to drive improvements in the quality, safety, and efficiency of healthcare through information and information technology. eHI is the only national organization that represents all stakeholders in the healthcare industry. Working with its membership, eHI advocates for the use of health IT that is practical, sustainable, and addresses stakeholder needs, particularly those of patients. www.ehidc.org.