Datica Blog

HITRUST CSF Certification Round 3

Laleh Hassibi

Laleh Hassibi

Director of Content Marketing

September 12, 2017   Security Compliance HIPAA HITRUST

HIPAA regulations create a barrier for makers of digital health products to adopt the cloud. Whether you are a digital health startup, a health system, payer, or life sciences organization, it takes an enormous amount of work to get your digital health product off the ground while, at the same time, achieving and maintaining continuous HIPAA compliance.

 

At Datica, we address all the infrastructure-based HIPAA rules and regulations for customers. Customers sign a single Business Associate Agreement with us, which reduces the complexity of managing several BAAs.

Through us and through our BAA, customers are able to build and deploy onto the world’s best infrastructure providers like Amazon Web Services or Microsoft Azure without having to worry about shouldering the immense technical obligations required to achieve HIPAA compliance.

Going for the Gold: Proving HIPAA Compliance with the Gold Standard, HITRUST

With the HITRUST Common Security Framework (CSF) Certification, we have proof the Datica Platform meets the “gold standard” of industry expectations. HITRUST CSF Certification remains an important designation for any organization developing digital health products that handle sensitive PHI. It combines different legislative initiatives that may be similar and yet somewhat contradictory to each other. The CSF provides one set of prescriptive controls from which everyone can work.

diagram - platform-hitrust-inheritance

Customers inherit our security but, more importantly, they inherit our HITRUST CSF certification. Datica has been a leading voice in shaping what HITRUST looks like in the cloud and the fact that we just received our HITRUST CSF certification for the third time gives industry validation to our approach.

This latest CSF Certification is even more comprehensive than the last since it also includes both the Azure and Docker portions of Datica’s platform. With this certification extended to additional components of our platform, we now offer customers greater flexibility with cloud infrastructure choices.

Compliance Facts

5

Total number of independent audits Datica has passed, including HIPAA and SOC1/2.

3

Total number of HITRUST CSF Certifications Datica has received, two full and one interim since 2015.

1000+

Total number of security and risk assessments we have assisted our customers pass.

Having Azure and Docker in the certification makes Datica an easy choice for those who want to be compliant and move to the cloud.” — Lori Meals, Director of Compliance, Datica

As the information protection framework for the healthcare industry, the HITRUST CSF Certification brings a new level of effectiveness and efficiency to third-party assurance. This latest certification provides assurance that we appropriately secure and protect PHI so you can focus on what you do best — building your digital health product in the cloud.

Earlier

Lifting A Fork for Open Source

This Q&A with Datica’s Chief Data Officer, Mark Olschesky, explores what it means that Datica just passed 200 forks of our open-source policies.

Next Post

Webinar: What is the Digital Health Success Framework?

Mark Olschesky will summarize the origins and utility of the Digital Health Success Framework in an upcoming webinar scheduled for Sept. 25th, at 12pm CST.