= Operating and releasing mail at reduced production levels 
= No current production
17 Jul Does Your Service Provider Meet the Rigorous Standards of HITRUST CSF?
As the frequency and cost of data breaches continue to climb, it’s never been more crucial to choose a third-party provider with a demonstrated commitment to cybersecurity. At DATAMATX, we’re proud to have earned and maintained high-level certifications in HITRUST CSF and SOC 2, two distinct security frameworks that ensure we’re using the latest and strongest protections for sensitive customer data.
Now in our fifth year of HITRUST certification, DATAMATX will earn the framework’s highest level of distinction, now called r2. In this blog post, we’ll share what goes into earning certification through HITRUST CSF—as well as why passing its rigorous audits sets us apart from our competitors.
Q: How do organizations in my industry benefit from HITRUST CSF?
A: One common misconception about HITRUST CSF is that its requirements are exclusive to the healthcare industry. While it’s true that the framework was originally designed to help healthcare organizations fulfill stringent HIPAA requirements, it now aligns with a range of additional cybersecurity frameworks, including ISO 27001, PCI DSS, NIST 800-43 and the NIST Cyber Security Framework. At DATAMATX, our HITRUST CSF certification makes us an asset not only to our clients in healthcare, but also to clients in insurance, financial services, and other industries that manage data-sensitive communications.
Q: How did DATAMATX achieve HITRUST CSF Certification?
A: There are three different levels of HITRUST CSF: e1, i1 and r2. The e1 assessment is the least rigorous of the three and covers basic cybersecurity practices that meet the needs of lower-risk organizations. The i1 assessment is more rigorous, as a one-year certification with 219 different requirements. To complete the i1 successfully, organizations must achieve a raw score of 83% in each domain. DATAMATX’s r2 distinction means we’ve achieved the highest level within HITRUST CSF by undergoing a two-year certification with an interim assessment in between. To obtain r2 certification, an organization must meet over 2,000 requirements based on risk factors specific to the organization and its industry as well as achieve a Prism score of at least 3 in every domain.
Q: What makes HITRUST CSF a crucial part of DATAMATX’s security profile?
A: DATAMATX believes strongly in the importance of responding to new and evolving cyberthreats with the latest and strongest innovations in security. For this reason, we consider HITRUST CSF to be a non-negotiable component of our security program and have worked to achieve an r2 level that distinguishes us as a leader among our competitors. As an important part of our profile, our HITRUST certification demonstrates a longstanding commitment to offering you and your customers peace of mind when it comes to cybersecurity.
Want to know more about DATAMATX’s security program? Our next blog post explores the role and benefits of our SOC 2 certification!