HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

TigerText Receives HITRUST CSF Certification

Secure healthcare messaging platform provider TigerText has achieved CSF Certification from the Health Information Trust Alliance (HITRUST). TigerText is the first vendor in its class to earn HITRUST CSF certification.

HITRUST CSF certificationHITRUST CSF was developed to help organizations in the healthcare sector certify that they have implemented the necessary privacy and security controls in compliance HIPAA and HITECH legislation, in addition to globally recognized standards and frameworks developed by NIST, ISO, PCI, FTC, and COBIT.

Since the HITRUST CSF was developed it has fast become the most widely-adopted security framework in the U.S. healthcare industry. In order for organizations to earn HITRUST CSF certification they must be able to demonstrate that they meet key healthcare regulations covering the protection of sensitive healthcare information and that they are effectively managing risk.

As Ken Vander Wal, Chief Compliance Officer at HITRUST, explains “The HITRUST CSF has become the information protection framework for the healthcare industry, and the CSF Assurance program is bringing a new level of effectiveness and efficiency to third-party assurance.” Wal went on to say, “The CSF Certification is now the benchmark that organizations required to safeguard PHI are measured against with regards to information protection.”

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The HITRUST CSF certification program is undertaken over a period of months, during which organizations undergo a rigorous vetting process. More than 500 written responses are required across 172 baseline controls, spanning 19 separate domains. Achieving HITRUST CSF certification is not a one-time process. Organizations are required to undergo recertification every two years and must be able to demonstrate that security controls are keeping pace with the latest industry advancements.

TigerText - The leading provider of secure messaging solutions for the healthcare industryIn order for TigerText to achieve HITRUST CSF certification it was necessary to demonstrate that robust controls had been put in place to ensure that sensitive data, including electronic protected health information (ePHI), was appropriately secured at all times.

Over 100 data points were analyzed across a wide range of security categories including access control, audit logging and monitoring, business continuity & disaster recovery, data protection and privacy, information protection program, network protection, and password management.

Brad Brooks, co-founder and CEO of TigerText was delighted that TigerText has earned HITRUST CSF certification. “HITRUST is the gold standard for healthcare security certifications, and we are honored to be the first in our category to earn this distinction.”

With the threat of cyberattacks now greater than ever before, healthcare organizations are carefully selecting vendors that can offer assurances that industry regulations are followed and the most stringent controls are adopted to protect the confidentiality, integrity, and availability of ePHI. As Brooks explained, “Every customer wants verification that the vendor they are choosing can be trusted to keep patient information safe, and now TigerText can deliver that added peace of mind to our broad base of customers.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.