Share this article on:
Secure healthcare messaging platform provider TigerText has achieved CSF Certification from the Health Information Trust Alliance (HITRUST). TigerText is the first vendor in its class to earn HITRUST CSF certification.
HITRUST CSF was developed to help organizations in the healthcare sector certify that they have implemented the necessary privacy and security controls in compliance HIPAA and HITECH legislation, in addition to globally recognized standards and frameworks developed by NIST, ISO, PCI, FTC, and COBIT.
Since the HITRUST CSF was developed it has fast become the most widely-adopted security framework in the U.S. healthcare industry. In order for organizations to earn HITRUST CSF certification they must be able to demonstrate that they meet key healthcare regulations covering the protection of sensitive healthcare information and that they are effectively managing risk.
As Ken Vander Wal, Chief Compliance Officer at HITRUST, explains “The HITRUST CSF has become the information protection framework for the healthcare industry, and the CSF Assurance program is bringing a new level of effectiveness and efficiency to third-party assurance.” Wal went on to say, “The CSF Certification is now the benchmark that organizations required to safeguard PHI are measured against with regards to information protection.”
The HITRUST CSF certification program is undertaken over a period of months, during which organizations undergo a rigorous vetting process. More than 500 written responses are required across 172 baseline controls, spanning 19 separate domains. Achieving HITRUST CSF certification is not a one-time process. Organizations are required to undergo recertification every two years and must be able to demonstrate that security controls are keeping pace with the latest industry advancements.
In order for TigerText to achieve HITRUST CSF certification it was necessary to demonstrate that robust controls had been put in place to ensure that sensitive data, including electronic protected health information (ePHI), was appropriately secured at all times.
Over 100 data points were analyzed across a wide range of security categories including access control, audit logging and monitoring, business continuity & disaster recovery, data protection and privacy, information protection program, network protection, and password management.
Brad Brooks, co-founder and CEO of TigerText was delighted that TigerText has earned HITRUST CSF certification. “HITRUST is the gold standard for healthcare security certifications, and we are honored to be the first in our category to earn this distinction.”
With the threat of cyberattacks now greater than ever before, healthcare organizations are carefully selecting vendors that can offer assurances that industry regulations are followed and the most stringent controls are adopted to protect the confidentiality, integrity, and availability of ePHI. As Brooks explained, “Every customer wants verification that the vendor they are choosing can be trusted to keep patient information safe, and now TigerText can deliver that added peace of mind to our broad base of customers.”