Program consists of emergency preparedness policies, procedures, and guidance for several healthcare provider types; Industry feedback desired during 60-day public review period through July 22

 WASHINGTON, DC – May 29, 2024 – DirectTrust®, a non-profit healthcare industry alliance focused on furthering trust in healthcare data exchange through standards, accreditation, and other services, today announced a 60-day public comment and review period of the draft criteria for its new Emergency Preparedness Accreditation Program.

Part of a strategic partnership with CAIPHI, the DirectTrust Emergency Preparedness Accreditation program consists of emergency preparedness policies, procedures, and guidance for five healthcare provider types covered by the provisions of the CMS Emergency Preparedness (EP) Rule: hospitals, critical access hospitals (CAHs), hospice, long-term care (LTC), and rural emergency hospitals (REHs).

The CMS EP Rule establishes national emergency preparedness requirements to ensure adequate planning for both natural and man-made disasters, and coordination with federal, state, tribal, regional, and local emergency preparedness systems. The Emergency Preparedness Accreditation Program will allow healthcare provider organizations subject to CMS Medicare/Medicaid Conditions of Participation (CoP) to demonstrate compliance with the Final Rules on a biennial cycle or to maintain such compliance year over year after initial deployment.

“Our Emergency Preparedness Accreditation Program criteria is designed to enhance the resilience and readiness of healthcare providers, ensuring they meet the stringent requirements of the CMS Emergency Preparedness Rule,” said Scott Stuewe, DirectTrust President and CEO. “By establishing these comprehensive policies and procedures, our program criteria aim to support various healthcare provider organizations in achieving and maintaining CMS rule compliance. We invite all stakeholders to review and provide feedback on the draft criteria, as their insights are crucial to refining a program that will safeguard our healthcare systems during times of crisis.”

The initial five versions of the program that are being released for 60-day public comment, include:

  • Emergency Preparedness – Critical Access Hospital
  • Emergency Preparedness – Hospice
  • Emergency Preparedness – Hospital
  • Emergency Preparedness – Long Term Care
  • Emergency Preparedness – Rural Emergency Hospital

DirectTrust’s accreditation and certification programs are governed by the organization’s Electronic Healthcare Network Accreditation Commission (EHNAC). DirectTrust criteria for each of its accreditation programs sets the stakeholder and program specific foundational requirements for assessing an organization’s ability to meet/align with federal and state healthcare reform mandates such as HIPAA/HITECH, 21st Century Cures Act, TEFCA and other mandates and best practices like NIST SP 800-53 800-171, and 800-63, for healthcare organizations focusing on the areas of trust, privacy, security, cybersecurity, breach handling, confidentiality, best practices, procedures, and assets.

During the 60-day public review period, all interested stakeholders are encouraged to provide DirectTrust with opinions, comments and suggestions that will prove helpful in determining the necessity, appropriateness and workability of the criteria versions proposed for adoption after being reviewed and approved by the Commission. The comment form can be downloaded here.

Visit for more details or visit the Commission’s criteria page to review the latest criteria and submit feedback during this comment period.

About DirectTrust®
DirectTrust® is a non-profit, vendor-neutral alliance dedicated to instilling trust in the exchange of health data. The organization serves as a forum for a consensus-driven community focused on health communication, an American National Standards Institute (ANSI) standards development organization, an accreditation and certification body through EHNAC (the Electronic Healthcare Network Accreditation Commission), and a developer of trust frameworks and supportive services for secure information exchange like Direct Secure Messaging and trusted, compliant document submission.

The goal of DirectTrust is to develop, promote, and, as necessary, help enforce the rules and best practices necessary to maintain privacy, security, and trust for stakeholders across and beyond healthcare. In addition, DirectTrust is committed to fostering widespread public confidence in the interoperable exchange of health information while promoting quality service, innovation, cooperation, and open competition in healthcare. To learn more, visit: