EHNAC Updates Accreditation Programs for HIPAA Omnibus Rule | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

EHNAC Updates Accreditation Programs for HIPAA Omnibus Rule

August 21, 2013
by Gabriel Perna
| Reprints

As the Sept. 23 Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule compliance date approaches, the Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body, has announced the adoption of new program criteria that supports this legislation.

The final criteria released by EHNAC come after a 60-day public comment period where it incorporated feedback. In May, EHNAC posted criteria for its accreditation programs that addressed HIPAA, cloud computing, and health information exchange, and ePrescribing. All of those programs, from back in May, were updated and finalized.

“As healthcare stakeholders strive to keep pace with emergent reimbursement structures and ongoing regulatory changes, criteria standards must evolve to ensure EHNAC accreditation programs remain ahead of the curve. With enforcement efforts for the new HIPAA Omnibus Rule beginning September 23, 2013, accredited organizations that comply with the new criteria can now assure their customers that their patient’s protected health information (PHI) remains secure and aligns with regulatory requirements,” EHNAC Commissioner and Criteria Committee Chair Mark Gingrich said in a statement.

The range of programs that EHNAC updated and finalized include:

  1. ePAP – e-Prescribing Accreditation Program (V6.5)
  2. EPCSCP-Pharmacy – Electronic Prescription of Controlled Substances Certification Program – Pharmacy Vendor1 (V1.1)
  3. EPCSCP-Prescribing – Electronic Prescription of Controlled Substances Certification Program – Prescribing Vendor1 (V1.1)
  4. FSAP-EHN – Financial Services Accreditation Program for Electronic Health Networks (V2.5)
  5. FSAP-Lockbox – Financial Services Accreditation Program for Lockbox Services (V2.5)
  6. HIEAP – Health Information Exchange Accreditation Program (V1.3)
  7. HNAP-EHN – Healthcare Network Accreditation Program for Electronic Health Networks [Includes Payer] (V10.5)
  8. HNAP-Medical Biller – Healthcare Network Accreditation Program for Medical Billers (V1.4)
  9. HNAP-TPA – Healthcare Network Accreditation Program for Third Party Administrators (V1.4)
  10. MSOAP – Management Service Organization Accreditation Program (V1.3)
  11. OSAP – Outsourced Services Accreditation Program2 (V1.4)
  12. OSAP-HIE – Outsourced Services Accreditation Program for Health Information Exchange Services (V1.3)
  13. DTAAP-HISP (NEW) – Direct Trusted Agent Accreditation Program for Health Information Service Providers (V1.0 )
  14. DTAAP-CA (NEW) – Direct Trusted Agent Accreditation Program for Certificate Authorities (V1.0)
  15. DTAAP-RA (NEW) – Direct Trusted Agent Accreditation Program for Registration Authorities (V1.0)


Community Data Sharing: Eight Recommendations From San Diego

A learning guide focuses on San Diego’s experience in building a community health information exchange and the realities of embarking on a broad community collaboration to achieve better data sharing.

HealthlinkNY’s Galanis to Step Down as CEO

Christina Galanis, who has served as president and CEO of HealthlinkNY for the past 13 years, will leave her position at the end of the year.

Email-Related Cyber Attacks a Top Concern for Providers

U.S. healthcare providers overwhelmingly rank email as the top source of a potential data breach, according to new research from email and data security company Mimecast and conducted by HIMSS Analytics.

Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.