Onpoint Health Data Achieves HITRUST CSF Certification to Further Mitigate Risk in Third-Party Privacy, Security, & Compliance

May 2017 -- Onpoint Health Data, a nonprofit organization based in Portland, Maine, powering healthcare transformation with independent, innovative, and reliable data solutions, today announced the company has earned Certified status for information security by the Health Information Trust (HITRUST) Alliance for its Health Data – PODS solution. With the HITRUST CSF Certified Status, Onpoint meets key healthcare regulations and requirements for protecting and securing sensitive private healthcare information.

HITRUST CSF Certified status indicates that Onpoint has met industry-defined requirements and is appropriately managing risk, and places the company in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“Onpoint is incredibly proud to have achieved HITRUST CSF Certification,” says Jeff Stoddard, HCISPP, Chief Information Officer at Onpoint. “As healthcare organizations continue to be targeted by malicious actors, it’s essential that robust information security programs are put into place and validated intensely. With HITRUST CSF as the healthcare ‘gold standard’ for security frameworks, this certification validates the priority that Onpoint puts on ensuring the confidentiality, integrity, and availability of our clients’ data."

 “The HITRUST CSF has become the information protection framework for the healthcare industry, and the CSF Assurance program is bringing a new level of effectiveness and efficiency to third-party assurance,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “The CSF Certification is now the benchmark that organizations required to safeguard PHI are measured against with regards to information protection.”