NETWORK INTEGRITY

Here’s how we continuously protect and improve the privacy, security and performance of the Surescripts network and the data it carries.

Watch to learn more about network integrity.
Our Story and only our story

We’re committed to being a trustworthy partner in bringing actionable intelligence to all participants in the Surescripts Network Alliance™.

Our Network Integrity Framework continuously protects and improves the privacy, security and quality of the network and the data it carries.

Using our unique central sightline into network activity at scale, we proactively safeguard the Network Alliance. We monitor activity and take action when needed, working to uphold our commitments to our partners.

NETWORK INTEGRITY FRAMEWORK

Our Network Integrity Framework guides us in managing access to the Surescripts network, enforcing rigorous security standards and continuously raising the bar for content accuracy and completeness.

Access

We manage access to our network and transmit only the data needed for agreed-upon use cases.

Security

We set rigorous standards for ourselves and for our Network Alliance partners, fostering an environment that’s ever more secure.

Performance

We continuously raise the bar for content accuracy and completeness, investing in programs and working across the Network Alliance to improve the reliability and usability of the network.

Learn More 

What does a trusted, nationwide network look like?

Learn how Surescripts makes it possible to exchange patient health information safely and securely between care providers nationwide.

The Trust Series: A Critical Part of Today's Healthcare

What happens without trust in today's healthcare? Learn from experts on the importance of trust, protecting patient data and how we secure the Surescripts network.

FAQ

What is Surescripts doing to improve prescription accuracy?

The Surescripts Network Alliance continuously works to improve data quality for the benefit of every pharmacist, prescriber and patient.

Surescripts Sentinel® monitors and analyzes the electronic prescriptions that cross our network and identifies opportunities to improve their accuracy. We've improved our network-wide Quality Index Score for electronic prescriptions 80% since 2016. The Surescripts White Coat Award™ recognizes EHRs, health systems and pharmacy industry leaders that have taken meaningful steps to improve e-prescription accuracy.

See our Intelligence in Action portal for updates on our work to improve prescription accuracy.

What is the Surescripts Critical Performance Improvement program?

The Critical Performance Improvement program aims to improve the quality of the e-prescriptions flowing through the Surescripts network. Program initiatives include prescription accuracy, process improvements, adoption acceleration and directory integrity.

Who participates in the Critical Performance Improvement program?

We regularly convene more than 200 stakeholders from across the Surescripts Network Alliance to identify, plan and execute 11 critical performance improvements to enhance patient safety and workflow efficiency.

What information does Surescripts store?

Surescripts stores basic demographic information, provided by healthcare providers, for purposes of patient matching and identification. Patient demographics include:

  • Patient ID/Medical Record Number
  • Patient name: first, middle, last, prefix, suffix
  • Patient address line 1 & 2
  • Patient city, state, zip
  • Patient date of birth
  • Patient gender

If a patient has chosen to opt out of Surescripts Record Locator & Exchange, this demographic information will still be stored in the Surescripts database in order to ensure information is not exchanged.

Surescripts does not store clinical records. Clinical records are stored and maintained by healthcare providers. Surescripts simply provides secure electronic transmission of records between providers. To learn more about how Surescripts protects and uses information, please visit our Privacy Policy and Terms of Use.

What steps does Surescripts take to ensure patient privacy and security?

During the admission process, patient consent and HIPAA notification are standard processes, especially for purposes of treatment, healthcare operations, or payment. All queries and responses are made automatically through secured system to system communications. The response is returned to a patient record in a clinical setting and role based security determines which personnel have access to the information. Surescripts also contractually requires all certified software vendors to follow local, state and federal level privacy and security requirements.

Is Surescripts HIPAA compliant?

Surescripts is a HIPAA Business Associate and must comply with HIPAA standards. At Surescripts, we are committed to respecting patients' rights to maintain the privacy of their health information and ensuring appropriate security of all protected health information.

How does Surescripts safeguard personal health information?

Protecting the security and confidentiality of personal health information is of extreme importance to Surescripts. To read how we go about this, check out our privacy policy.

What is identity proofing?

Identity proofing, also known as ID proofing, is the process of verifying that a person is who he or she claims to be. ID proofing is a common practice across industries, including such common tasks as renewing a driver's license, securing new employment, or opening a bank account. Identity proofing, including both in-person and remote ID proofing, is critically important as the first step for the secure electronic exchange of health information.

There are a number of reasons EHR vendors and aggregators should ensure the identity of their customers:

  • Growing public concern regarding privacy and security of personal health information
  • Industry best practices for information security
  • Refusal by business partners to conduct business
  • Legal implications under federal and state laws
  • Possible breach of contract liability and suspension of services under a connectivity agreement with Surescripts