CipherHealth, a provider in patient-centered communications, engagement, and insights for healthcare systems, has earned the HITRUST certification status for its Evolve platform for risk management and compliance.

The HITRUST risk-based, two-year certified status demonstrates that an organization’s risk management and compliance has met key regulations and industry-defined requirements and is appropriately managing risk, according to the company.

“Patients trust hospitals and health systems with some of their most sensitive data—data about their health, their families, their finances,” says Tyler Davis, SVP Technology, at CipherHealth. “Hospitals—and all of their partners and vendors—have a tremendous responsibility to protect that data. We’ve always held data privacy as a chief concern and this certification reinforces that fact.”

By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program aims to help organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“This HITRUST certification comes after the most rigorous security assessment available in the healthtech space,” says Kenny Adedipe, CISM, CipherHealth information security manager. “This sends a clear signal to all of our partners and customers that they can feel secure while also taking advantage of patient engagement tools that are dynamic and interoperable.”

The certification, encompassing CipherHealth’s Evolve Platform residing on Armor and Google Cloud Platform, is the result of a two-year effort and formalizes many of the security and privacy protections CipherHealth already has in place. It serves as a strong addition to other security certifications achieved by CipherHealth, including SOC 2 certification and HIPAA HITECH compliance.

“HITRUST knows that without a sufficient level of reliability, an assurance report doesn’t provide the requisite level of assurances as required to make important business decisions. That’s why we focus on producing the highest quality reports available,” says Vincent Bennekers, vice president of Quality, HITRUST. “The achievement of a HITRUST Risk-based, 2-year Certification provides reliable assurances that CipherHealth is taking information risk management and compliance seriously.”