The client is a renowned health intelligence organization working on data-driven insights with an aim to provide patients a complete understanding of disease and wellness along with offering science-based solutions to medical needs.
The challenges faced by the Client included:
As information security, specifically Personal Information (PII data) is extremely critical in the US, there are various certifications that healthcare providers must comply with to ensure the privacy of individuals. One of them is HITRUST, which is becoming a de-facto certification for all healthcare organizations in the country. This includes HIPAA SOC 1, and SOC 2. Thus, the client had to fulfill the required mandate of becoming HITRUST certified and secured.
During the Certification Process, we worked closely with the Client to capture all the information, and evidence to prepare the Policies and Procedures to meet the deadline of making the organization HITRUST certified. The re-certification is required every 2 years and every year the company must go through Interim Assessments of the entire process to demonstrate Continuous Compliance is maintained.
JK Tech supported the client in the certification journey from capturing evidences, going through the automation, and getting them HITRUST Certified. As the scope of the certification is complex and defined by an External Certified Authority, we identified the automation areas to reduce the manual effort.
As the generated evidence needs to be uploaded to the HITRUST domain- My CSF which is the repository of HITRUST, we facilitated the process on behalf of the client. We also fine-tuned the Policies and Procedures, defined end-to-end processes for generating all evidences, traceability matrix, and captured additional details surrounding the evidences to make sure it is complying with HITRUST. Additionally, the tools and technologies were identified that are involved in the internal processes and comprehended how they can be automated. Along with this, we made the process seamless so that it can be replicated to other systems as well.
Use the form below to get in touch
Hello, I am Aria!
Would you like to know anything in particular? I am happy to assist you.