EHNAC and DirectTrust to Conduct PHR HIPAA Compliance Program

April 11, 2015

The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards-development organization and accrediting body for organizations that electronically exchange healthcare data, and DirectTrust, a non-profit trade alliance that advances secure health information exchange via the Direct Protocol, are developing an accreditation program for personal health record (PHR) and patient portal vendors.

This pilot accreditation program will assess these organizations on their ability to meet or exceed HIPAA privacy and security rules based upon the areas of security, privacy, and confidentiality, technical and personnel resources, best practices and compliance with HIPAA and the HITECH Omnibus Rule that updated HIPAA.

“Personal health record and patient portal vendors are the fastest growing new membership group within DirectTrust – and they deserve a rigorous accreditation program that recognizes the same level of data security and privacy as other organizations accredited by EHNAC-DirectTrust,” said DirectTrust President and CEO David C. Kibbe, MD. “The program that DirectTrust and EHNAC is piloting will provide assurance equivalent to and possibly beyond what HIPAA requires. For example, we’re looking into incorporating an encryption component for stored data, as well as two-factor authentication to further protect the customers of both PHR vendors and EHR vendors looking to develop their own portals.”

EHNAC Executive Director, Lee Barrett added, “We’re in an environment of increased angst over security and privacy issues – and with good reason. Today’s healthcare providers not only have access to a patient’s protected health information including financial data, but also insights into diagnoses, treatment plans, medications, etc. As patients take greater control over their own healthcare decisions and transition their health information to personal health records, they need to have confidence in all healthcare stakeholders that their data will remain secure and confidential. EHNAC and DirectTrust are working collaboratively to close that gap.”

PHR vendors looking to participate as a pilot organization and contribute to the development of the program are encouraged to contact [email protected] for more information.

Sponsored Recommendations

A Comprehensive Workplace Safety Checklist

This checklist is designed for healthcare facilities focused on increasing workplace safety. It’s meant to inspire ideas, strengthen safety plans, and encourage joint commission...

Healthcare Rankings Report

Adapting in Healthcare: Key Insights and Strategies from Leading Systems As healthcare marketers navigate changes in a volatile industry, they know one thing is certain: we've...

Healthcare Reputation Industry Trends

Navigating the Tipping Point: Strategies for Reputation Management in a Volatile Healthcare Environment As healthcare marketers navigate changes in a volatile industry, they can...

Clinical Evaluation: An AI Assistant for Primary Care

The AAFP's clinical evaluation offers a detailed analysis of how an innovative AI solution can help relieve physicians' administrative burden and aid them in improving health ...