Edifecs HIPAA File Certification

The Time is Now for Certification

Edifecs has been participating in numerous standards communities across several different industries since 1996. As part of this involvement when the X12N 4010 Implementation guides were released for the health care industry Edifecs monitored their progress with great interest. We actively participated within the WEDi/SNIP TCS workgroups and provided insight to the DSMOs. As a result Edifecs learned first hand the struggle many organizations were having due to the lack of maturity and saturation in regards to the Implementation Guides. We understood that at the time it was too early in the HIPAA Implementation Guide lifecycle to offer certification that would be meaningful within the health care industry.

With the finalization and release of the X12N 4010 Addenda, it is now possible to offer a service that provides organizations evidence of successful testing and have it mean something. As a result Edifecs is now offering a certification service built upon clear and unambiguous rules for what certification means.

What Certification Means

By requesting a certificate of conformance an organization is agreeing to the following terms:

1. The file being validated is a real data file that has been generated by processes that truly exist within the organization.
2. During the testing lifecycle, when an error was received, the organization modified the actual processes and procedures used to create the file, and did not simply modify the final data file in order to receive a “passed” report.
3. The data file is representative of the lines of business that the organization supports for the transaction being certified.

While these rules are simple, they depend upon trust and integrity between trading partners, and not just the automated validation process. By certifying individual files for compliance, Edifecs is enabling each organization to set its own implementation priorities. When an entity receives a certificate, it indicates that the submitter was able to generate a valid HIPAA file. It means that the partners have done their best to shorten the time between testing and production.

Making the Most of Your Certificate

The result of the certification process is a unique self-contained image file that allows your organization maximum control over access to information about its certification efforts.

Each certificate contains the following features:

1. EDIFECS Certified Logo. The Certification Logo is your assurance that the certificate was created on HIPAADesk using the Edifecs HIPAA Certification Engine.
2. Certification Definition. Each certificate contains a clear definition of what certification does and does not mean.
3. Certifying Organization. Each certificate contains a set of distinguishing information about the certifying organization.
4. Implementation Guide. The HIPAA implementation guide used for certification is clearly displayed on each certificate.
5. Watermark. A watermark, an embossed version of the certification logo, is located in the background of the certificate with the organization and file information written on top.
6. Status. The certification status is clearly indicated in bright blue text.
7. File Attributes. This section contains attributes about the file that has been certified making it easy to manage certificates and test files.
8. Unique Certificate ID. Each certificate contains a unique certificate ID. This ID can be used by Edifecs to retrieve the original file used for certification, as well as detailed information about the submitter and testing scenario should a question ever arise about a certificate’s authenticity.