Evolve IP Achieves HITRUST Certification

Evolve IP has achieved Common Security Framework (CSF) Certified status from the Health Information Trust (HITRUST) Alliance.

The HITRUST CSF Certified status ensures that the company’s cloud computing and cloud communications services adhere to the strictest security standards for electronic protected health information (PHI), credit-card and financial information and more. As a provider of solutions and infrastructure certified to the HITRUST Common Security Framework, Evolve IP is able to help clients streamline the process of attaining their own HITRUST certification in order to fulfill the service provider mandate issued by the five major healthcare payers.

HITRUST certification is a designation earned through adherence to a series of risk-based security and operational controls that are third-party audited and validated. It incorporates all of the requirements of HIPAA/HITECH for healthcare-specific security, privacy and regulatory concerns, as well as the requirements from 20 other regulatory bodies or compliance standards including PCI/DSS, ISO 27001, Sarbanes Oxley, and NIST. HITRUST provides a single, harmonize, and rigorous control framework that provides assurance to all organizations, irrespective of industry, that Evolve IP maintains, transmits, and manages data in a continuously improving security environment.

“This is another significant milestone in the continuing development of the Evolve IP Compliance Cloud, and I am incredibly proud of the team for their hard work around this accomplishment,” said Joseph Pedano, executive vice president of Cloud Engineering of Evolve IP. “We view compliance as a practice, not a part-time pursuit, and while we have historically entered into business associate agreements and enabled HIPAA compliance to support clients’ contractual requirements, we felt that it was important to do more. With HITRUST certification, we are making a clear statement to all of our clients and prospects – both inside and outside of healthcare – that data security and compliance is our No. 1 concern.”