Accreditations & Certifications

The U.S. healthcare industry is regulated under mandates established by the U.S. Department of Health & Human Services (HSS) and Office of Civil Rights (OCR) resulting principally from the Health Insurance Portability and Accountability Act (HIPAA) and administrative simplification provisions of the Affordable Care Act (ACA) and other regulating entities and mandates.

To demonstrate our continued commitment to assure that applicable Change Healthcare products and services meet industry and regulatory requirements and expectations, we maintain the following industry recognized and trusted accreditations and certifications:

CAQH
DG CertBadge ONCHealthIT
EHNAC HNAP-EHN
HITRUST-Logo
MHCC
NCQA-Certification-Seals
PCI Compliance

CAQH CORE

CAQH certifies and awards CORE Certification Seals to entities that create, transmit or use the administrative transactions addressed by applicable Operating Rules. CORE Certification means an entity has demonstrated that its IT system or product is operating in conformance with a specific phase(s) of the Operating Rules.

Change Healthcare is CAQH CORE Phase I, II, and III certified demonstrating that our associated IT systems and products are operating in conformance with effective standards and operating rules.

The CAQH link to our certification status can be found at http://www.caqh.org/core/core-certified-organizations-pending-and-current within the Clearinghouses and Vendors tabs.

The press release published on January 13, 2014 announcing our CORE Phase III certification can be found here.

Additional information regarding the Operating Rules for HIPAA transactions can be found on the Change Healthcare HIPAASimplified.com website.

Drummond Certified

ONC Certification Information: Certification details for Change Healthcare's 2014 and 2015 Edition Certified products.

This Complete EHR is 2014 Edition compliant and has been certified by an ONC‐ACB in accordance with the applicable certification criteria adopted by the Secretary of the U.S. Department of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

DeveloperChange Healthcare, LLC (formerly Emdeon)
Date CertifiedApril 28, 2014
Product Name and VersionClinical Exchange EHR-Lite, Version 8.4
Unique Certification Number04282014-1986-8
Certification criteria to which the product has been certified170.314(a)(1-15); 170.314(b)(1-5,7); 170.314(c)(1-3); 170.314(d)(1-9); 170.314(e)(1-3); 170.314(f)(1-3); 170.314(g)(2-4)
CQM's to which the product has been certifiedCMS002v3; CMS050v2; CMS068v3; CMS075v2; CMS122v2; CMS123v2; CMS124v2; CMS130v2; CMS131v2; CMS132v2; CMS133v2; CMS138v2; CMS139v2; CMS143v2; CMS156v2; CMS167v2
Additional Software UsedIngage Patient, Toad for Oracle (SQL Client)
Mandatory Disclosure2014 Mandatory Disclosure Statement

These Health IT Modules are 2015 Edition compliant and have been certified by an ONC‐ACB in accordance with the applicable certification criteria adopted by the Secretary of the U.S. Department of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

DeveloperChange Healthcare, LLC (formerly Emdeon)
Date CertifiedApril 15, 2018
Product Name and VersionClinical Exchange, Version 9.0
Unique Certification Number15.04.04.3017.Clin.09.00.0.180415
Certification criteria to which the product has been certified170.315(a)(1-4, 7, 8,10,11); 170.315(b)(3); 170.315(d)(1-8, 11); 170.315(g)(1, 3-5)
CQM's to which the product has been certifiedNone
Additional Software UsedNone
Mandatory Disclosure2015 Mandatory Disclosure Statement

EHNAC HNAP-EHN

Change Healthcare is EHNAC HNAP-EHN accredited.

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a federally-recognized, standards development organization and tax-exempt, 501(c)(6) non-profit accrediting body designed to improve transactional quality, operational efficiency and data security in healthcare.

EHNAC indicates the following compliance benefits associated with accreditation:

  • Confirms HIPAA, ARRA/HITECH, Affordable Healthcare Act, Omnibus Rule and other regulatory compliance requirements
  • Fulfills Maryland and New Jersey state regulatory requirements
  • Identifies privacy, security, confidentiality and business risk exposures and mitigation strategies

EHNAC’s Healthcare Network Accreditation Program (HNAP) Electronic Health Network (EHN) assessment and review covers five main categories of criteria:

  • Privacy and confidentiality criteria include policies for securing PHI, system access controls, role-based user authentication and other related measures.
  • Technical performance criteria include transaction monitoring and processing capacity, response timeliness and accuracy, system availability, use of industry standard data formats and other infrastructure practices.
  • Business practices criteria include policies, procedures and contract standards to assure truth in advertising, ongoing customer satisfaction measurement, customer service and training, and other related measures.
  • Physical, human and administrative resources criteria include the organizational ability to sustain levels of service, maintain escalation procedures, and invest in professional development and other capabilities.
  • Security criteria include facility access, disaster recovery, business continuity, organizational safeguards, audit trails and other practices.

EHNAC requires that organizations complete the program every two years to maintain accreditation which includes a detailed criteria based assessment and EHNAC audit and site reviews. Change Healthcare has maintained our EHNAC Electronic Health Network accreditation since 2001.

Change Healthcare Certificate of Accreditation

HITRUST

Change Healthcare has earned HITRUST CSF® Certification status for the solutions listed below, and is currently working to achieve HITRUST Certified status for additional solutions in our portfolio.

Why is HITRUST Certification Important?

  • HITRUST is a privately held company which, in collaboration with healthcare, technology, and information security leaders, has established a Common Security Framework (CSF) that can be used by all organizations that create, access, store, or exchange sensitive and/or regulated data. The CSF includes a prescriptive set of controls that seek to harmonize the requirements of multiple regulations and standards.
  • The HITRUST CSF is an industry-agnostic information protection framework for the healthcare industry, and the CSF Assurance Program is bringing a new level of effectiveness and efficiency to third-party assurance.
  • By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps us develop and maintain a comprehensive and flexible framework of prescriptive and scalable security controls.

Change Healthcare Solutions that have achieved HITRUST CSF Certification include:

Change Healthcare Solution NameFormerly Known As
Clinical AbstractionAltegra Health Analytics Chart Complete - Abstractions & Chart Reviews
Medical Record RetrievalAltegra Health Chart Complete - Abstractions & Chart Reviews
Clinical Care VisitsAltegra Health Home Assessments
EMR Risk AdvisorAltegra Health Enterprise Risk
Quality Performance Advisor™Altegra Health HEDISmart
RADV & Validation AuditsAltegra Health Initial Validation Auditor (IVA)
RADV & Validation AuditsAltegra Health Medicare RADV & Validation Audits
Dual Enrollment Advocate™Altegra Health Dual Eligible Enrollment Assistance, Medicare Savings Complete
Part D CompleteAltegra Health Part D Assists
Quality Performance Advisor™Altegra Health Quality Performance Reporting
Recert Complete®Altegra Health Medicaid Recertification
Risk View™Altegra Health Risk Analytics
My Advocate™Altegra MyAdvocate Automated Communication Programs
Risk Adjustment CodingAltegra MyAdvocate Chart Retrieval & Risk Adjustment Coding
Community Advocate™Altegra MyAdvocate Community Link
Smart Appointment SchedulingAltegra MyAdvocate Provider Appointment Scheduling Assistance
Patient Access AdvisorAssistant Patient Access Advisor
Advanced ClaimingAssistant Referrals and Authorizations Network
OfficeChange Healthcare Office Emdeon Office Portal
Claims and Denials AdvisorClaims & Denials Advisor
Claiming and RemittanceClaims & Remittance Network
Clinical Exchange ePrescribeClinician
Clinical Exchange EPCSEPCS
Encounters & Claims Submissions - EDGE Complete™CMS Services EDGE Complete
Encounters & Claims Submissions - Encounter Complete®CMS Services Encounters & Claim Submissions
Eligibility and Enrollment Advocate - Financial CounselingCoverage Discovery Solutions Financial Counseling
Eligibility and Enrollment Advocate - Self Pay CoverageCoverage Discovery Solutions Self Pay Coverage Advocate
SSI Enrollment AdvocateCoverage Discovery Solutions SSI Advocate
Eligibility and Enrollment Advocate - Third Party CoverageCoverage Discovery Solutions Third Party Coverage Advocate
Coding AdvisorCustomer Portal Products Coding Advisor
Eligibility & Patient AccessCustomer Portal Products Eligibility & Benefits Verification Network
Dental NetworkDental Connect
Process and System ModernizationHTMS Consulting Services Business Transformation and Optimization
Analytics and InsightsHTMS Consulting Services Analytics & Insights
Government ProgramsHTMS Consulting Services Government Programs
Population Health HTMS Consulting Services Population Health Advisor
Healthcare ConsumerismHTMS Consulting Services Retail Transformation
Member Correspondence AdvocateMember Correspondence Advocate Multi-Channel Distribution System
Integrated Repricing NetworkPayment Accuracy Insight Integrated Repricing Network
Audit & RecoveryPayment Accuracy Audit & Recovery
Pre-Payment Insight & ReviewPayment Accuracy Insight
Authorization AdvocatePharmacy Benefits Mgmt Systems Authorization Advocate
Pharmacy Claim AdvisorPharmacy Benefits Mgmt Systems Pharmacy Claim Advisor
Rebate Insight™Pharmacy Benefits Mgmt Systems Rebate Insight
Rx Care AdvisorPharmacy Benefits Mgmt Systems Rx Care Advisor
MedRx™Pharmacy Network & Services MedRx Network
Smart Commercial Pharmacy Services™Pharmacy Network & Services Smart PBA
SmartPay™Receivables Advisor
SmartPay™Receivables Advisor - Member Payment Advocate
Payment Network AdvocateReceivables Advisor - Payment Network Advocate
A/R RecoveryRCM / Revenue Optimization - A/R Recovery
Charge InsightRCM / Revenue Optimization Charge Insight
Class Action Settlement RecoveryRCM / Revenue Optimization - Class Action Settlement Recovery
Coverage InsightRCM / Revenue Optimization - Coverage Insight
Denials and Appeals ManagementRCM / Revenue Optimization - Denials & Appeals Management
Patient Financial InsightRCM / Revenue Optimization - Patient Financial Insight
Payment AutomationRCM / Revenue Optimization - Remittance Advisor
Retro MVA RecoveryRCM / Revenue Optimization - Retro MVA Recovery
Settlement AdvocateRCM / Revenue Optimization - Settlement Advocate
RCM / Revenue Optimization - Third Party AdvocateRCM / Revenue Optimization - Third Party Advocate
RCM / Revenue Optimization - Underpayment Audit & Recovery RCM / Revenue Optimization - Underpayment Audit & Recovery
Revenue Network/Revenue Performance - Revenue NetworkRevenue Network/Revenue Performance - Revenue Network
Revenue Performance AdvisorRevenue Network/Revenue Performance - Revenue Performance Advisor
True View™TrueView - Engagement Solutions True View Healthcare Shopping

MHCC

Change Healthcare is a Maryland Healthcare Commission (MHCC) certified Electronic Health Network (EHN).

The Maryland Health Care Commission is an independent regulatory agency whose mission is to plan for health system needs, promote informed decision-making, increase accountability, and improve access in a rapidly changing health care environment by providing timely and accurate information on availability, cost, and quality of services to policy makers, purchasers, providers and the public.

The Maryland Health Care Commission certifies Electronic Healthcare Networks that meet national standards for security, business processes, technical performance, privacy and confidentiality when transmitting patient health information.  As part of the evaluation process, MHCC reviews an EHN’s national accreditation site audit and recommends areas where enhancements would help reduce risks of exposure to data breaches.

Maryland Regulation 10.25.07, Certification of Electronic Health Networks and Medical Care Electronic Claims Clearinghouses, requires third party payors that accept electronic health care transactions originating in Maryland to accept electronic health care transactions only from MHCC certified EHNs.  MHCC-EHN certification demonstrates that Change Healthcare meets a number of national and local standards intended to ensure high quality business operations and the existence of sound privacy and security policies. MHCC certification represents to other networks, payers, and providers that Change Healthcare meets a reasonable level of quality and technical performance.

MHCC requires that EHN’s complete the evaluation process every two years to maintain certification.

NCQA

The National Committee for Quality Assurance (NCQA) is a private, 501(c)(3) not-for-profit organization dedicated to improving health care quality by assessing and reporting on the quality of health-related programs. NCQA certification is a reliable indicator that an organization is well-managed and demonstrates the organization's commitment to meeting and maintaining industry developed quality standards.

NCQA's Healthcare Effectiveness Data and Information Set (HEDIS) Measure Certification is precise, automated testing that verifies compliance with HEDIS Specifications and satisfies the source code review portion of the HEDIS Compliance Audit™. Since its introduction in 1993, HEDIS has evolved to become the gold standard in managed care performance measurement. For the 13th consecutive year, Change Healthcare's Quality Performance Advisor™ solution (formerly HEDIS Smart™) has been NCQA HEDIS Measures Certified in all measures. Quality Performance Advisor™ also received NCQA certification for the California Value Based Pay for Performance (VBPP) program. This statewide initiative is the largest alternative payment model in the United States. Change Healthcare's Quality Performance Advisor™ solution powers a suite of web-based HEDIS offerings, including certified rate reporting and analytics, hybrid medical record reviews, and customizable reporting across measures, enabling health plans to effectively manage and optimize HEDIS processes, reporting, submission, and results.

NCQA's Physician and Hospital Directories certification validates quality measures for online solutions which help eligible individuals choose physicians and hospitals. Change Healthcare's Provider Directory solution has been NCQA Health Information Product Physician and Hospital Directories (HIP4) Certified in all measures. Change Healthcare's Provider Directory solution helps members easily search and compare doctors, specialists, hospitals, imaging centers and more in a user-friendly interface. Combined with our cost transparency solution, Provider Directory empowers members to take a more active role in their health, guiding them to make smarter decisions for healthier outcomes.

PCI Compliance

The following Change Healthcare solutions are Payment Card Industry Data Security Standard (PCI DSS) certified:

SmartPay™ eCashiering
SmartPay™ Consumer Pay Online
SmartPay™ Consumer Lockbox
SmartPay™ Phone Pay

This annual certification verifies that these Change Healthcare solutions have passed the rigorous standards promulgated by the PCI DSS.

The PCI DSS is a set of security requirements created by an association of credit card brands, including VISA, MasterCard and American Express intended to protect cardholder data (credit card data). The steady increase in electronic payment options available makes it extremely important to protect customers’ personal information. You can learn more about the PCI DSS and the standards it requires at www.pcisecuritystandards.org/security_standards.

Change Healthcare abides by all applicable PCI DSS requirements under which we secure any and all cardholder data that we store, process or transmit for our customers. This notification is part of the certification process.

Keeping our customers’ information secure is a top priority for Change Healthcare. We dedicate extensive resources to make sure personal medical and financial information is secure and we strive to build a company culture that reinforces trust at every opportunity.

We appreciate your continued partnership. If you have any questions about the Change Healthcare PCI Compliance efforts or the measures we’re taking to keep your data safe, please contact your account representative or the Security Compliance Team.