The HITRUST Common Security Framework (CSF) has become the preferred way to prove compliance in healthcare. HITRUST certification helps establish and accelerate partnerships. If you plan to do business in healthcare at the speed of change, you need to be HITRUST CSF Certified.
Datica leads the industry with the first, most complete HIPAA compliant cloud infrastructure. Datica Compliant Cloud is HITRUST CSF Certified on AWS, Microsoft Azure, IBM SoftLayer, and Rackspace, achieving the highest industry privacy and security standards across infrastructure providers.
HITRUST allows for inheritance, which means if you are planning to obtain your own CSF certification, you can inherit Datica’s certificate to shortcut 40% of the time and costs of the process.
From the process to the costs, from the lengthy time required to the certification—not a lot is known about how to be HITRUST CSF Certified. We walked through our journey in an effort to help educate the industry.Read more
The HITRUST Alliance established the Business Associate Counsel for businesses to collaborate on what the future of HIPAA compliance and HITRUST means for them and the industry. Datica has a leading voice in the discussion, while serving with companies like Epic, Dropbox, and Salesforce.
In 2014 Datica open sourced our company policies under a a CC BY-SA 4.0 license. They were written with a modern, cloud-based organization in mind. Since then the response has been overwhelmingly positive—we have had more activity on GitHub than governmental institutions like the FDA. Along the way we’ve helped hundreds of businesses get started by eliminating this portion of HIPAA compliance as a burden.
HIPAA compliance is complicated, but it doesn’t have to be. Datica helps relieve the technical burden with our HIPAA-compliant cloud computing platform and solutions for healthcare.
In an effort to make compliance as easy as possible for companies working with protected health information (PHI), we decided to open source our company policies.
Our policies have been written with modern, cloud-based technology vendors in mind. We looked far and wide for policy examples that fit our company, and couldn’t find any. So we wrote our own. Importantly, these policies have been through three external audits—two HIPAA audits and one HITRUST audit.
Do you handle PHI and not yet have your own company policies in place? Then you’ll find our content useful.
"We believe that for Datica to open source these documents is truly ground breaking in healthcare IT.
In the past we’ve spent an enormous amount of funds creating & updating our policies. We have yearly evaluations of our policies in October and this past October (2014) we were able to update and implement a number of improvements to our existing policies all based off the information we gathered from Datica's policies. This cost us zero dollars in comparison to our expensive updating of policies in prior years.
This is definitely the first time we have seen policies open sourced and we applaud the use of tools like GitHub to manage version control of all policies.
I think this could be revolutionary in helping the industry as a whole collaborate to improve privacy and security practices by gathering information from the highest level security/privacy experts in the field and making it available via similar open source methods.”
CEO & Cofounder, Eligible Inc.