DirectTrust Releases Draft Criteria for RA Health IT Accreditation Programs

DirectTrust, a non-profit healthcare industry alliance created to support secure, identity-verified electronic exchanges of protected health information, has announced a 60-day public comment and review period of the draft criteria for its updated suite of Registration Authority (RA) health IT accreditation programs.

After an initial 60-day public review and comment period of three RA programs, the Criteria Council and Commission approved combining two programs into a single RA Accreditation Program with two criteria paths.

Criteria for RA - For CA (for those RAs that support Certificate Authorities) V1 will merge with the criteria for RA - For IdP (for those RAs that support Identity Providers) to create a single RA Accreditation Program. However, RA - For CA and RA - For IdP will remain distinct criteria paths.

DirectTrust will ask candidates to specify which services they offer upon program enrollment to ensure the organization has the right criteria for accreditation.

"During the initial public comment period, which ended in late April, DirectTrust received valuable feedback from industry stakeholders which included thoughtful recommendations to merge what was previously offered as two separate Registration Authority accreditation programs," Scott Stuewe, DirectTrust president and CEO, said in a press release.

"This newly combined Registration Authority program demonstrates our commitment to collaborating with our industry to develop programs that directly align with TEFCA as we help facilitate the acceleration of interoperability across healthcare," Stuewe added.

The RA Federal PKI will remain the second RA accreditation program. DirectTrust does not seek additional comments for the RA - Federal PKI program.

DirectTrust's Electronic Healthcare Network Accreditation Commission (EHNAC) governs the organization's accreditation and certification programs.

Accreditation program criteria set the requirements for assessing an organization's ability to align with federal and state healthcare reform mandates such as HIPAA/HITECH, 21st Century Cures Act, and TEFCA.

During the 60-day public review period, DirectTrust invites all interested stakeholders to provide opinions, comments, and suggestions to help determine the appropriateness of the proposed criteria versions.