- The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit accrediting body for organizations that electronically exchange data, has posted new versions of its accreditation criteria for public review.
EHNAC offers a number of accreditation opportunities, including programs for accountable care organizations (ACOs), data registries, practice management systems, and health information exchanges.
Significant updates include the upgrade of all 18 stakeholder-specific accreditation programs to HITRUST CSF Version 9.1, which includes the addition of EU General Data Protection Regulation (GDPR) and New York State Cybersecurity Requirements for Financial Services Companies.
All current accreditation programs will include new criteria regarding the use of international vendors and locations, as well as added third-party Cloud Service Provider (CSP) criteria.
The open process for adopting criteria will commence on October 1, 2018 and end on December 6, 2018. Over the course of the 60-day period, EHNAC will encourage all interested stakeholders to provide opinions, comments, and recommendations to determine the workability and appropriateness of the 2019 criteria.
Stakeholders can submit feedback throughout the comment period via the Criteria Comment Form.