EHNAC and NH-ISAC Align Cybersecurity Prevention Efforts for Healthcare

The two organizations will collaborate to reduce growing threat of HIPAA breaches, incidents and cybersecurity attacks 

FARMINGTON, Conn. and CAPE CANAVERAL, Fla. – January 26, 2016 – The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit, federally recognized standards development organization and accrediting body for organizations that electronically exchange healthcare data, and the National Health Information Sharing and Analysis Center (NH-ISAC) announced today that the two organizations have signed a Memorandum of Understanding (MOU). With the agreement, the two healthcare organizations intend to collaborate on initiatives supporting prevention and risk mitigation for HIPAA breaches, incidents and cybersecurity prevention, protection, response and recovery.

The increased number and breadth of breaches, incidents and cyber-attacks have now reached epidemic proportions where no organization, no matter how larger or small is immune. Additionally, the number of HIPAA breaches and incidents has exponentially increased over the past three years. According to the Identity Theft Resource Center, more than 750 breaches were reported in 2015 through late December, exposing nearly 178 million records.

“We are very excited to partner with EHNAC on this important effort to advance the security of data as well as health and public health organizations,” said Denise Anderson, president of the NH-ISAC. “The healthcare sector is coming under increasing threat as can be seen in a number of incidents in the news. Bringing NH-ISAC’s and EHNAC’s expertise and communities together is a first step in helping to keep our members’ operations resilient and safe as well as protected.”

Through this collaboration, the organizations will also work to accelerate the adoption of secure, identity-validated health information exchange via the Direct standard, in support of Stage 2 Meaningful Use transitions of care and patient engagement, and for additional uses of Direct for secure and encrypted healthcare data and information exchanges.

“There is an urgent need to increase awareness and identify means of prevention for the seemingly endless string of headline-grabbing cyberattacks this past year. The unfortunate fact is that hacks have increasingly become a part of digital life — and no person or organization is immune,” said Lee Barrett, executive director of EHNAC. “With the dedicated focus of our collaborative teams, NH-ISAC and EHNAC look to make great strides in effective awareness and prevention tactics to minimize the crippling impact of these cybersecurity attacks.”

Future tactics from this collaboration will include educational materials, webinars and joint promotional opportunities including case studies, situational awareness intelligence, information sharing, sector and cross-sector impact analysis, incident response, as well as leading practice and workforce education from both organizations.

About EHNAC                                                           

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, eprescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors and third-party administrators.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit, contact, or follow us on Twitter, LinkedIn and YouTube.



NH-ISAC, a non-profit health sector-led organization is recognized by the nation’s health sector, the US Department of Health and Human Services (HHS), the US Department of Homeland Security (DHS), the National Security Agency (NSA), FBI, and the National Council of ISACs (NCI Directorate) representing all national critical infrastructures. Headquartered at the Global Situational Awareness Center, Global Institute for Cybersecurity + Research, NASA/Kennedy Space Center, NH-ISAC is the tactical and operational arm advancing national healthcare and public health critical infrastructure resilience – all hazards (cyber and physical) security intelligence situational awareness analysis and reporting, secure trusted two-way information sharing, countermeasure solutions, incident response, leading practice and education. For more information, visit




Press contact information:

Dave Anderson, on behalf of EHNAC

Anderson Interactive, 678-401-2991