Per Section 12.1.2 of the Common Agreement, QHINs must achieve and maintain third-party certification to an industry-recognized cybersecurity framework demonstrating compliance with all relevant security controls, as set forth in the Standard Operating Procedure (SOP): QHIN Security Requirements for the Protection of TI v2.0.
This page lists the certifying bodies that meet the RCE™‘s security certification requirements as outlined in the SOP.
Certification bodies providing services that meet these requirements, but that have not yet been utilized by a designated QHIN, may also request approval to be included.
A QHIN needs to attain and maintain only one of the approved certifications.
Current Certification Bodies:
Certification: r2 Validated Assessment
Approval Date: 5/10/22
Status: Active
Version 2.0 (updated as of August 2024)
RCE is proud to introduce the designated Qualified Health Information Networks.