EHNAC Enhances All Accreditation Programs with Integration of Cloud-Focused Criteria

January 22, 2019


 The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, announced today that it has posted new versions of its third-party Cloud Service Provider (CSP) requirements for 60-day public comment review strengthening all its accreditation programs. This move replaces EHNAC's Cloud Enabled Accreditation Program (CEAP) and allows those organizations who use a Third-Party CSP to more efficiently demonstrate the rigor and structure of cloud-enabled platforms and applications.

"Cloud-enabled technology offerings are becoming ubiquitous in healthcare and are helping to shape the future of our industry," said Lee Barrett, executive director of EHNAC. "This 60-day public comment review period will allow for commentary and suggestions regarding the proposed enhancement to our accreditation programs allowing all accreditation candidates to select additional cloud criteria from within their current program so they can meet demanding CSP requirements without applying for a second accreditation."

Cloud criteria within EHNAC's accreditation programs help establish a trust framework between stakeholders and recognizes superior capabilities through an extensive review in the areas of privacy, security, mandated standards and key operational functions. The new cloud criteria will be available through all accreditation programs as of April 2, 2019, while the Cloud Enabled Accreditation Program will be phased out. Current CEAP-accredited organizations will maintain their status throughout their two-year accreditation period.

Barrett added: "Ensuring the privacy and security of data across public cloud service platforms is a complex challenge and EHNAC is dedicated to helping organizations address privacy and security vulnerabilities of exchanging healthcare data across the cloud."

During the 60-day public review period, all interested stakeholders are encouraged to provide EHNAC with opinions, comments and suggestions that will prove helpful in determining the necessity, appropriateness and workability of the criteria versions proposed for this interim release scheduled for April 2, 2019.

The EHNAC criteria for each of its accreditation programs sets the foundational requirements for measuring an organization's ability to meet federal and state healthcare reform mandates such as HIPAA, Omnibus, ARRA/HITECH, ACA and other mandates for covered entities and business associates focusing on the areas of privacy, security, confidentiality, best practices, procedures and assets. Visit for more details or to review the latest EHNAC criteria.

See the latest posts on our homepage


Topic Area: Press Release

Recent Posts
Recent Posts

New alarms that whistle and sing are designed to lessen hospital noise

Efforts are underway to make alarms quieter and design systems of visual cues — like interactive screens that look like paintings



When specifying boilers, design details matter

Installing a boiler system is a significant investment requiring thoughtful consideration to ensure heating comfort, reliability and efficiency


$1.5 billion Philadelphia healthcare pavilion project using lean practices, offsite fabrication

The project is using prefabrication for time-intensive construction like mechanical, plumbing and drywall work


Lighting can support healthier patient rooms

Advanced lighting design can improve patient and visitor outcomes and comfort and staff productivity


Focus: Cybersecurity

Tips for hiring healthcare cybersecurity pros

Cybersecurity requires people from all backgrounds and majors


Post Comment


News & Updates • Webcast Alerts • Building Technologies

All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.