EHNAC and CARIN Alliance Announce New CARIN Code of Conduct Accreditation Program

The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, and The CARIN Alliance, a collaborative working to advance consumer-directed exchange of health information, today announced the creation of a new CARIN Code of Conduct Accreditation Program (CCCAP). This new offering is set to bring both the CARIN Code of Conduct and EHNAC’s criteria review process to health plans, health systems, EHR vendors, implementers of HL7 FHIR-based application programming interfaces (APIs), and third-party app developers in a continued effort to support additional levels of trust related to consumer access to health data.

“We envision a future where any consumer can choose an application of their choice to retrieve both their complete health record and their complete claims information from any provider or plan in the country using HL7 FHIR APIs, and the CARIN Code of Conduct has been instrumental in helping to advance these efforts,” said Ryan Howells, program manager for the CARIN Alliance and principal at Leavitt Partners. “While the certification program is not required by policy makers or CARIN, we are pleased to partner with EHNAC to create an exceptional third-party accreditation program built on the foundation of the CARIN Code of Conduct which has become the industry’s de facto standard for applications not covered by HIPAA and the only code named in federal regulation as an ‘industry best practice.’”

Last July, the Centers for Medicare & Medicaid Services (CMS) began enforcing key components of the Interoperability and Patient Access final rule – one of several key federal initiatives aimed at accelerating the ability for individuals to access their personal health information via an application of choice leveraging HL7 FHIR APIs. CMS provided an option for payers to implement an attestation framework asking developers to describe the data practices and privacy provisions of the applications that are connecting to the HL7® FHIR® APIs. This new voluntary certification program builds on the CARIN Code of Conduct already established self-attestation approach but is not required by CMS or CARIN.

“Since the CARIN Alliance launched MyHealthApplication.com which provides the ability for applications to self-attest to the CARIN Code of Conduct, it’s been important to continue to collaborate on implementing and fostering adoption of an industry-wide consumer-facing application attestation and certification framework. This includes focusing on providing the highest level of stakeholder trust for all healthcare stakeholders – patients, providers, health plans, third-party app developers, and many others,” said Lee Barrett, executive director and CEO of EHNAC. “We believe this partnership with the CARIN Alliance to develop a voluntary certification program is the next step in that process.”

In addition to this launch of the CARIN Code of Conduct accreditation program, EHNAC has updated its Trusted Dynamic Registration & Authentication Accreditation Program (TDRAAP) and the Trusted Network Accreditation Program (TNAP) to align with the CARIN Code of Conduct criteria for applicable organizations.

Stakeholders who attain CARIN Code of Conduct Accreditation will be listed on the CARIN My Health Application site and the EHNAC Accredited Companies page. EHNAC and the CARIN Alliance have already identified multiple consumer-facing applications who have attested to the CARIN Code of Conduct on the MyHealthApplication.com website to be included in the first cohort so they can provide feedback on this new program. For more information or to apply for the CARIN Code of Conduct Accreditation program, click here.