Electronic Healthcare Network Accreditation Commission

Last updated December 10, 2020

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) in the United States established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include electronic health networks, payers, financial services firms, health information exchanges (HIEs), management service organizations and e-prescribing solution providers.

Overview

EHNAC cites its mission is to promote standards-based accreditation within the healthcare data exchange industry. EHNAC was founded in 1993 and is a federally-recognized and tax-exempt, 501(c)(6) non-profit accrediting body with the end purpose of improving transactional quality, operational efficiency and data security in healthcare.

As an independent, self-governing SDO, EHNAC represents a diverse mix of healthcare stakeholders across the industry spectrum. Electronic health networks, payers, hospitals, physicians, consumer groups, financial services firms, security organizations and vendors are all working together to establish criteria for self-regulation.

By working with other industry stakeholders, EHNAC looks to provide accreditation services that promote standards, administrative simplification and open competition in the marketplace. Once full accreditation is achieved by an organization, the accreditation is granted for a period of two years, after which they may re-apply for continued accreditation.

EHNAC accredits organizations under the following accreditation programs:

ePAP – e-Prescribing Accreditation Program
DTAAP - Direct Trusted Agent Accreditation Program
FSAP EHN – Financial Services Accreditation Program for Electronic Health Networks
FSAP Lockbox – Financial Services Accreditation Program for Lockbox Services
HIEAP – Healthcare Information Exchange Accreditation Program^[1]
HNAP-70 – Healthcare Network Accreditation Plus Select SAS 70©^[2] Criteria Program
HNAP EHN – Healthcare Network Accreditation Program for Electronic Health Networks^[3]
HNAP Medical Biller – Healthcare Network Accreditation Program for Medical Billers^[4]
HNAP TPA – Healthcare Network Accreditation Program for TPAs
MSOAP – Management Service Organization Accreditation Program
OSAP – Outsourced Services Accreditation Program^[5]

Current criteria for all programs are available for public review on the organization’s website.

History

EHNAC grew out of the 1993 Workgroup for Electronic Data Interchange (WEDI) meeting, sponsored by the Network Architecture and Accreditation Technical Advisory Group. The healthcare transactions industry agreed there was a need for a self-governing body to develop standards for the industry, and the Association for Electronic Health Care Transactions (AFEHCT) championed the cause by sponsoring an Accreditation Workgroup.

More than thirty representatives from all facets of the healthcare transactions industry participated in a series of meetings and surveys to develop the first industry standards for data transmission, data security, advertising and resource capability. Funded by a loan from AFEHCT, the independent, self-governing EHNAC was born and began accrediting electronic health networks in 1995.

Recently, EHNAC, WEDI, Healthcare Information and Management Systems Society (HIMSS) Medical Banking Project, and NACHA – The Electronic Payments Association collaborated to create the Compliance Guidelines for Financial Institutions in the Healthcare Sector: HITECH and the HIPAA Privacy and Security Rules white paper which was released August 2, 2010.^[6]

This was the result of an industry forum convened by EHNAC and WEDI February 10, 2009 to address the current state of medical banking as it relates to HIPAA, American Recovery & Reinvestment Act of 2009, HITECH Act and their impact on the financial services industry. The “Demystifying the Banking Exemption under HIPAA” forum discussed the requirements under legislation for financial institutions, management of various state protection regulations and the implementation practices of third-party accreditation and certification programs.

EHNAC and WEDI collaborated to address the current state of health data protection needs within the financial services industry and in context with the current regulatory federal legislation in a preceding white paper. The Financial Services Current State in Healthcare white paper was released November 16, 2009.^[7]

Commissioners

EHNAC is composed of Executive Director Lee Barrett, Vice President of Operations Debra Hopkinson, and no less than nine stakeholders and consumer representatives from private and public sector organizations. EHNAC's commissioners each serve three-year terms.

DirectTrust Partnership

In November 2012, EHNAC announced its partnership with DirectTrust.org to create the Direct Trusted Agent Accreditation Program (DTAAP), a national accreditation program for health information “trusted agent” service providers, including health information service providers (HISPs), certificate authorities (CAs) and registration authorities (RAs). Impetus for the initiative came from the growth of electronic health records, health information exchanges, and programs such as Meaningful Use, which drive interoperability and data sharing among healthcare stakeholders.

In April 2013, DirectTrust.org, Inc. was awarded a cooperative agreement from the Office of the National Coordinator for Health Information Technology (ONC) as part of the Exemplar HIE Governance Entities Program for continued development and implementation of DTAAP.

Kantara Initiative Collaboration

In August 2013, EHNAC and Kantara Initiative announced the formation of a collaborative relationship to further industry adoption of trusted information sharing and identity systems. In particular, the areas of mutual recognition may include Registration Authority at the user level, organizational trust through best practices, and operations of Identity Federations (Federation Operator guidelines).

Related Research Articles

Medical privacy or health privacy is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.

The Health Insurance Portability and Accountability Act of 1996 is a United States federal statute enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1996. It was created primarily to modernize the flow of healthcare information, stipulate how personally identifiable information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and address limitations on healthcare insurance coverage.

Medical billing is a payment practice within the United States health system. The process involves a healthcare provider submitting, following up on, and appealing claims with health insurance companies in order to receive payment for services rendered; such as testing, treatments, and procedures. The same process is used for most insurance companies, whether they are private companies or government sponsored programs: Medical coding reports what the diagnosis and treatment were, and prices are applied accordingly. Medical billers are encouraged, but not required by law, to become certified by taking an exam such as the CMRS Exam, RHIA Exam, CPB Exam and others. Certification schools are intended to provide a theoretical grounding for students entering the medical billing field. Some community colleges in the United States offer certificates, or even associate degrees, in the field. Those seeking advancement may be cross-trained in medical coding or transcription or auditing, and may earn a bachelor's or graduate degree in medical information science and technology.

The term managed care or managed healthcare is used in the United States to describe a group of activities intended to reduce the cost of providing for-profit health care and providing American health insurance while improving the quality of that care. It has become the essentially exclusive system of delivering and receiving American health care since its implementation in the early 1980s, and has been largely unaffected by the Affordable Care Act of 2010.

...intended to reduce unnecessary health care costs through a variety of mechanisms, including: economic incentives for physicians and patients to select less costly forms of care; programs for reviewing the medical necessity of specific services; increased beneficiary cost sharing; controls on inpatient admissions and lengths of stay; the establishment of cost-sharing incentives for outpatient surgery; selective contracting with health care providers; and the intensive management of high-cost health care cases. The programs may be provided in a variety of settings, such as Health Maintenance Organizations and Preferred Provider Organizations.

Health information exchange (HIE) is the mobilization of health care information electronically across organizations within a region, community or hospital system. Participants in data exchange are called in the aggregate Health Information Networks (HIN). In practice the term HIE may also refer to the health information organization (HIO) that facilitates the exchange.

A Regional Health Information Organization, also called a Health Information Exchange Organization, is a multistakeholder organization created to facilitate a health information exchange (HIE) – the transfer of healthcare information electronically across organizations – among stakeholders of that region's healthcare system. The ultimate objective is to improve the safety, quality, and efficiency of healthcare as well as access to healthcare through the efficient application of health information technology. RHIOs are also intended to support secondary use of clinical data for research as well as institution/provider quality assessment and improvement. RHIO stakeholders include smaller clinics, hospitals, medical societies, major employers and payers.

The eHealth Exchange, formerly known as the Nationwide Health Information Network, is an initiative for the exchange of healthcare information. It was developed under the auspices of the U.S. Office of the National Coordinator for Health Information Technology (ONC), and now managed by a non-profit industry coalition called Sequoia Project. The exchange is a web-services based series of specifications designed to securely exchange healthcare related data. The NwHIN is related to the Direct Project which uses a secure email-based approach. One of the latest goals is to increase the amount of onboarding information about the NwHIN to prospective vendors of health care systems.

The Certification Commission for Health Information Technology (CCHIT) was an independent, 501(c)3 nonprofit organization with the public mission of accelerating the adoption of robust, interoperable health information technology. The Commission certified electronic health record technology from 2006 until 2014. It was approved by the Office of the National Coordinator for Health Information Technology (ONC) of the U.S. Department of Health and Human Services (HHS) as an Authorized Testing and Certification Body (ONC-ATCB). The CCHIT Certified program is an independently developed certification that includes a rigorous inspection of an EHR's integrated functionality, interoperability and security using criteria developed by CCHIT's broadly representative, expert work groups. These products may also be certified in the ONC-ATCB certification program.

A National Provider Identifier (NPI) is a unique 10-digit identification number issued to health care providers in the United States by the Centers for Medicare and Medicaid Services (CMS). The NPI has replaced the unique physician identification number (UPIN) as the required identifier for Medicare services, and is used by other payers, including commercial healthcare insurers. The transition to the NPI was mandated as part of the Administrative Simplifications portion of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Health information management (HIM) is information management applied to health and health care. It is the practice of acquiring the work and a new team for their, analyzing and protecting digital and traditional medical information vital to providing quality patient care. With the widespread computerization of health records, traditional (paper-based) records are being replaced with electronic health records (EHRs). The tools of health informatics and health information technology are continually improving to bring greater efficiency to information management in the health care sector. Both hospital information systems and Human Resource for Health Information System (HRHIS) are common implementations of HIM.

WEDI, pronounced "wee dee", is a not-for-profit user group in the United States for users of Electronic Data Interchange (EDI) in public and private healthcare. The organization is sometimes referred to by other names that include some or all of the words: Workgroup for Electronic Data Interchange.

Patient portals are healthcare-related online applications that allow patients to interact and communicate with their healthcare providers, such as physicians and hospitals. Typically, portal services are available on the Internet at all hours of the day and night. Some patient portal applications exist as stand-alone web sites and sell their services to healthcare providers. Other portal applications are integrated into the existing web site of a healthcare provider. Still others are modules added onto an existing electronic medical record (EMR) system. What all of these services share is the ability of patients to interact with their medical information via the Internet. Currently, the lines between an EMR, a personal health record, and a patient portal are blurring. For example, Intuit Health and Microsoft HealthVault describe themselves as personal health records (PHRs), but they can interface with EMRs and communicate through the Continuity of Care Record standard, displaying patient data on the Internet so it can be viewed through a patient portal.

The Office of the National Coordinator for Health Information Technology (ONC) is a staff division of the Office of the Secretary, within the U.S. Department of Health and Human Services. ONC leads national health IT efforts, charged as the principal federal entity to coordinate nationwide efforts to implement and use the most advanced health information technology and the electronic exchange of health information.

Council for Affordable Quality Healthcare, Inc. is a non-profit organization incorporated in California as a mutual benefit corporation. It was first incorporated under the name Coalition for Affordable, Quality Healthcare, Inc., and then was renamed the Council for Affordable Quality Healthcare, Inc. on July 22, 1998. It is based in Washington, D.C.. Previously a 501(c)6 tax-exempt organization, CAQH changed its tax status in 2016, although it remains a non-profit. Its mission is to accelerate the transformation of business processes in healthcare through collaboration, innovation and a commitment to ensuring value across stakeholders, including healthcare providers, trade associations, and health plans.

The Chesapeake Regional Information System for our Patients (CRISP) is a nonprofit organization created to function as Maryland's state-designated health information exchange (HIE), by the Maryland Health Care Commission. CRISP currently serves as the HIE for Maryland and the District of Columbia. CRISP is advised by a wide range of stakeholders who are responsible for healthcare throughout the region.

Medical image sharing is the electronic exchange of medical images between hospitals, physicians and patients. Rather than using traditional media, such as a CD or DVD, and either shipping it out or having patients carry it with them, technology now allows for the sharing of these images using the cloud. The primary format for images is DICOM. Typically, non-image data such as reports may be attached in standard formats like PDF during the sending process. Additionally, there are standards in the industry, such as IHE Cross Enterprise Document Sharing for Imaging (XDS-I), for managing the sharing of documents between healthcare enterprises. A typical architecture involved in setup is a locally installed server, which sits behind the firewall, allowing secure transmissions with outside facilities. In 2009, the Radiological Society of North America launched the "Image Share" project, with the goal of giving patients control of their imaging histories by allowing them to manage these records as they would online banking or shopping.

Uday Ali Pabrai, an Indian-American entrepreneur based in Irvine, California and chairman and chief executive officer of ecfirst, a compliance and cybersecurity business headquartered in Waukee, Iowa.

Health Level Seven International (HL7) is a non-profit ANSI-accredited standards development organization dedicated to providing standards and solutions that empower global health data interoperability.

Health care analytics is the health care analysis activities that can be undertaken as a result of data collected from four areas within healthcare; claims and cost data, pharmaceutical and research and development (R&D) data, clinical data, and patient behavior and sentiment data (patient behaviors and preferences,. Health care analytics is a growing industry in the United States, expected to grow to more than $31 billion by 2022. The industry focuses on the areas of clinical analysis, financial analysis, supply chain analysis, as well as marketing, fraud and HR analysis.

Federal and state governments, insurance companies and other large medical institutions are heavily promoting the adoption of electronic health records. The US Congress included a formula of both incentives and penalties for EMR/EHR adoption versus continued use of paper records as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the, American Recovery and Reinvestment Act of 2009.

References

↑ "HIE Accreditation Program Finalized". Health Data Management. Retrieved 18 January 2017.
↑ Criteria for Healthcare Network Accreditation Program for Payer-Owned Electronic Health Networks (HNAP Payer) is included.
↑ "EHNAC accredits first medical biller". Modern Healthcare. Retrieved 18 January 2017.
↑ OSAP includes eight different accreditation programs tailored for Call Centers, Data Centers, DRP Facilities, Media Storage, Network Administrators, Printing, Product Development and Scanning.
↑ "EHNAC, HIMSS, NACHA and WEDI release industry white paper (press release)". Health Care Finance. Retrieved 18 January 2017.
↑ "EHNAC and WEDI release "Financial Services in Healthcare" white paper (press release)". Healthcare Finance. Retrieved 18 January 2017.

External links

Official website

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "HIE Accreditation Program Finalized". Health Data Management. Retrieved 18 January 2017.

[Reference_1-2] SAS 70(©) is a proprietary term owned by the American Institute of Certified Public Accountants (AICPA).

[Reference_2-3] Criteria for Healthcare Network Accreditation Program for Payer-Owned Electronic Health Networks (HNAP Payer) is included.

[4] "EHNAC accredits first medical biller". Modern Healthcare. Retrieved 18 January 2017.

[Reference_3-5] OSAP includes eight different accreditation programs tailored for Call Centers, Data Centers, DRP Facilities, Media Storage, Network Administrators, Printing, Product Development and Scanning.

[6] "EHNAC, HIMSS, NACHA and WEDI release industry white paper (press release)". Health Care Finance. Retrieved 18 January 2017.

[7] "EHNAC and WEDI release "Financial Services in Healthcare" white paper (press release)". Healthcare Finance. Retrieved 18 January 2017.

[1]

[2]

[3]

[4]

[5]

[6]

[7]