In an effort to evaluate and verity its business partners’ capabilities for protecting health information, WellPoint, Inc. (Indianapolis), confirmed it will accept the results of the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) assessments. WellPoint says it is the first health benefits company to accept the results of HITRUST CSF assessments from its business partners as evidence that they have the necessary controls in place to effectively manage information security risks within their environment.
Organizations undergoing assessments through the HITRUST CSF Assurance program can choose to become either CSF Validated or CSF Certified, both of which leverage the same processes, tools and requirements, but offer different degrees of assurance.
"HITRUST certification and assurance programs allow WellPoint to ensure the companies with which we partner and exchange protected health information meet specific requirements for information security, and that they have standardized assessment and reporting processes," said Roy R. Mellinger, WellPoint’s VP president, IT Security, and Chief Information Security Officer, in a press release. "We are responsible for the security and privacy of health information belonging to more than 33 million Americans who have entrusted their information to us. We take this responsibility very seriously, and we ask the same of our business partners.”
The Health Information Trust Alliance (HITRUST), in collaboration with healthcare, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving adoption and widespread confidence in the framework and sound risk management practices through education, advocacy and other outreach activities.
Katherine Burger is Editorial Director of Bank Systems & Technology and Insurance & Technology, members of UBM TechWeb's InformationWeek Financial Services. She assumed leadership of Bank Systems & Technology in 2003 and of Insurance & Technology in 1991. In addition to ... View Full Bio