Connectria is Now HITRUST CSF Certified

Connectria has announced it has achieved HITRUST Common Security Framework (CSF) Certification for its dedicated customer hosting environments.

The HITRUST CSF is a common framework that contains a set of prescriptive controls that ensure compliance with a range of industry regulations and standards. The framework includes the standards laid down in regulations such as the ISO/IEC 27000-series, GDPR, PCI, and the Health Insurance Portability and Accountability Act (HIPAA).

HITRUST has a healthcare focus and many healthcare organizations have adopted the HITRUST CSF to demonstrate their privacy and security controls are compliant with HIPAA and the HITECH Act, and they are ensuring the security and privacy of personally identifiable information (PII) and protected health information (PHI) in the cloud.

Achieving HITRUST CSF Certification, which requires the successful completion of a comprehensive independent compliance audit, demonstrates Connectria’s data centers are secure and meet the requirements of HIPAA and the HITECH Act. Healthcare clients that partner with Connectria are assured of the most stringent safeguards to ensure any PHI stored within Connectria’s cloud infrastructure is properly protected.

Connectria works directly with healthcare organizations, but also partners with independent software vendors (ISVs) that serve the healthcare industry and deploy their Software as a Service (SaaS) solutions within Connectria’s cloud infrastructure.  Since those SaaS system are used to store regulated healthcare data it is vital, as HIPAA business associates, to ensure their systems are secure.

One of those SaaS providers is ComplyAssist, which has been using Connectria to host its customers’ clouds for more than a decade. “HITRUST certification gives us an added assurance that we can pass on to customers wanting to use our SaaS certification application,” said James Schroeder, Cofounder of ComplyAssistant.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.