First Certified Health Information Network Relieves Audit Burden for Customers

JACKSONVILLE, FL – Availity has become the first health information network to achieve Common Security Framework (CSF) certification from the Health Information Trust Alliance (HITRUST). Achieving HITRUST CSF certification, the leading security benchmark for health care organizations in the United States, enhances Availity’s ability to lower costs for its customers by reducing their need to conduct costly third-party audits, while at the same time reducing their risk of security and privacy breaches.
With continuously evolving security regulation in the health care industry, covered entities are facing greater scrutiny and increased challenges in managing and monitoring their security and privacy practices. HITRUST CSF certification helps companies reduce this burden by affirming adherence to an industry-developed and -supported security framework integrated with state and federal regulations, business requirements and industry standards. The CSF cross-references and harmonizes regulations such as those in the HITECH Act, as well as nationally and globally recognized standards such as ISO, NIST, COBIT, HIPAA and PCI. It is used by organizations that create, access, store or exchange protected health and financial information.
“Our health care business partners and customers quickly recognize the value the HITRUST CSF provides, and respect the rigorous process we undertook to become certified,” said Russ Thomas, Availity’s president and chief operating officer. “Certification removes an administrative burden for Availity and our partners — many of whom would otherwise have no choice but to conduct individual audits.”
Availity sought expert advisors to guide the company through an aggressively scheduled year-long audit process, partnering with executive advisors at Meditology Services. Most companies require multiple years to reach audit readiness, but Availity’s existing high standards accelerated the process.
“HITRUST certification effectively tells business partners that Availity takes protecting their clients’ data seriously” said Chris Hourihan, director at Meditology Services, an Atlanta-based health care IT and risk management firm. “From Availity’s standpoint, that means fewer audits, allowing the company to focus on other things, like helping to reduce the cost of health care nationwide.”