EHNAC Offers Support for WEDI-Authored White Paper “The Rampant Growth of Cybercrime in Healthcare”

FARMINGTON, Conn.  – April 4, 2017 – The Electronic Healthcare Network Accreditation Commission (EHNAC), congratulates the Workgroup for Electronic Data Interchange (WEDI) on their recently issued  white paper, “The Rampant Growth of Cybercrime in Healthcare,” bringing much needed attention to the increased threats to healthcare entities. Sponsored by Fortinet, the white paper examines common vulnerabilities that cybercriminals often target and offers best practices organizations can implement to mitigate these vulnerabilities.

“We are pleased to see that WEDI and others are recognizing the importance of cybersecurity protections and the need for organizations to assess risks, identify any gaps in the risk strategy and preparedness planning, and respond to them,” said Lee Barrett, executive director of EHNAC. “It is only through awareness, ongoing testing and response planning that we can mitigate risks, reduce the threats to the unauthorized access of health data, and provide a high level of stakeholder trust.”

EHNAC, which has a long history of assisting entities in assessing their privacy and security frameworks to assure the adequate protection of healthcare data, supports the report’s various recommendations. These strategies included:

  • driving cultural change to raise awareness of cybersecurity issues;
  • building a cybersecurity business case, sponsored at the top level of the organization; and
  • leveraging the cybercrime lessons learned from other industries.

In addition, EHNAC is especially pleased to see that the report recommends developing cybersecurity frameworks that provide a robust, forward‐facing roadmap to protect organizations in a changing environment. In fact, the EHNAC accreditation programs, which are regularly reviewed and updated through an open, cross-industry process, provide frameworks to help organizations continuously strengthen their Risk Mitigation and Readiness Planning defenses. Healthcare organizations are encouraged to visit the Commission’s criteria page to download the publicly available criteria for their specific industry.

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors and third-party administrators. The Commission is an authorized HITRUST CSF Assessor, making it the only organization with the ability to provide both EHNAC accreditation and HITRUST CSF certification.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit, contact, or follow us on Twitter, LinkedIn and YouTube.