Eyeing Breach Avoidance, MyHealthDirect Gains Security Certification

As more healthcare companies and consumers leverage technology to improve their access to care, protecting and securing sensitive private healthcare information has become paramount. To that end, MyHealthDirect, which enables access to personal and sensitive health info for more than 30 million US consumers, has achieved HITRUST CSF Certification for a second time.

Analyst firm 451 Research recently found that a full 96% of health care companies are bracing for an attack on the personal information that they house in their databases. And no wonder: About 63% have experienced a past data breach, with nearly one in five indicating a breach in the last year. According to HIPAA Journal, 2015 was the worst year ever for data breaches; perhaps best illustrated by the US Office for Civil Rights’ report that reveals data breaches in healthcare totaled over 112 million records in 2015.

451 found that this state of affairs is mainly due to complexity (according to 54% of respondents) and lack of staff (38%), given that healthcare providers are under great pressure to meet complex compliance requirements that include technical and process elements such as HIPPA, NIST, ISO and COBIT.

The certification is meant to address some of this difficulty. Following an extensive assessment, HITRUST certification ensures technology organizations meet key security, privacy and regulatory guidelines. In 2014, MyHealthDirect became one of the first patient-access solutions organizations to gain the certification.

 “MyHealthDirect pursued and received HITRUST certification two years ago because we thought it was the right thing to do. We now see it as an absolute necessity,” said Scott Papador, MyHealthDirect CIO. “Our recertification demonstrates our ongoing commitment to providing a secure environment for patients and providers to access and interact with the healthcare system. Security has become more critical than ever.”

Since its previous certification in 2014, MyHealthDirect has grown extensively both as a business and in the company’s reach to thousands of new patients, payors and providers. This growth required new system developments, updates and four levels of certification confirmed by a HITRUST certified assessor and security professional.

“Two years ago, MyHealthDirect was one of the first patient access solutions organizations to achieve HITRUST CSF certification, and with this re-certification, MyHealthDirect continues to distinguish itself as a system that people can count on to keep their information safe,” said Ken Vander Wal, chief compliance officer, HITRUST.

Photo © wk1003mike

What’s Hot on Infosecurity Magazine?