The Farmington, Conn.-based Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body, announced the adoption of finalized criteria for its Health Information Exchange Accreditation Program (HIEAP). This program identifies a standard for privacy and security as it relates to consent, authorization, authentication, access and audit procedures, and is designed for HIEs, community health data/network partnerships and other groups that promote data sharing across multiple, independent stakeholders.
Before finalizing the criteria, EHNAC implemented two separate phases of 60-day public review and comment of the draft HIEAP criteria, the first of which focused on privacy and security, technical performance, business practices and organizational resources, while the second phase addressed HIE-specific policies as developed by the organization’s HIE Advisory Board. EHNAC’s Criteria Committee and HIE Advisory Board then reviewed all public comments and developed a final criteria version for the HIE accreditation program for immediate use.