ClearDATA, a security and compliance expert in the healthcare cloud, achieved HITRUST Common Security Framework (CSF) Version 9.1 certification for its multi-cloud products and services including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) to ensure information security is a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. With the expanded scope of CSF 9.1, ClearDATA and its customers rely on HITRUST to ensure compliance with 36 privacy and security regulations and standards including HIPAA, FedRAMP, National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), Payment Card Industry Data Security Standard (PCI DSS), and the European General Data Protection Regulation (GDPR) which took effect on May 25, 2018.
The new HITRUST CSF v9.1 certificate incorporates broad collection of regulatory requirements to be inclusive of new state regulations increasing controls by nearly 60% over version 8.0. Additionally, ClearDATA expanded the scope of its certification to include Microsoft Azure and GCP in addition to AWS.
The HITRUST Alliance, in collaboration with healthcare, business, technology, and information security leaders, established the HITRUST CSF to be used by any and all organizations that create, access, store, or exchange protected health information (PHI). Considered as the “gold standard” in risk-based data protection controls by healthcare providers, payers and life science companies, ClearDATA has relied on the HITRUST CSF for specific security and privacy policies, procedures, and controls since 2014.
In addition to the HITRUST CSF v9.1 certification, ClearDATA offers customers pursuing HITRUST certification an opportunity to inherit certain controls through the HITRUST Inheritance program.
Editor’s note: On Aug. 10, we published an outdated and incorrect release from ClearDATA. This is the updated and correct version.
