DATAMATX Completes Second Year HITRUST CSF® Risk-based (r2) Certification
September 16, 2024
Operations Status: Atlanta, GA Phoenix, AZ Richmond, VA | |||
= 100% Operational = Operating and releasing mail at reduced production levels = No current production |
|||
|
September 16, 2024
ATLANTA, Ga, September 16, 2024—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications, today announced that the following systems and platforms have completed a second year of HITRUST CSF® Risk-based (r2) certification for information security for all platforms and facilities. Notably, the assessment was completed with no Corrective Action Plan (CAP) requirements, meaning all controls were found to be in full compliance with HITRUST criteria.
DATAMATX operates the following platforms and locations: DocSight, eTRAX 2 and TRAX residing at DATAMATX Datacenter Atlanta; the DATAMATX – Phoenix office located in Chandler, AZ; its Office Headquarters in Atlanta, GA; and the data centers at its Richmond, VA, and Atlanta, GA locations.
(Part 2: External Audits)
May-June Issue, Mailing Systems Technology
By Steve Berman
“The auditors are here!” Your blood runs cold, like seeing blue flashing lights in the rearview mirror. You needn’t worry. An external audit doesn’t have to incite fear and horror. In fact, the process can be affirming—a strengthening experience for service companies that deal with sensitive client data.
(Part 1: Internal Audits)
March-April Issue, Mailing Systems Technology
By Steve Berman
There are three words no executive wants to hear from their IT staff: “We’ve been breached.” Any mailing or data processing company that deals with sensitive client data likely generates reams of written security policies, because let’s face it, customers want to know that their vendors take security seriously, or they won’t continue to be customers.
A thorough internal audit can be the single most valuable tool for reducing any organization’s cybersecurity risk.
November 16, 2023
ATLANTA, Ga, November 16, 2023—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications, today announced that the following systems and platforms have earned certified status by HITRUST for information security: DocSight, eTRAX 2 and TRAX residing at DATAMATX Datacenter Atlanta; the DATAMATX – Phoenix office located in Chandler, AZ; its Office Headquarters in Atlanta, GA; and the data centers at its Richmond, VA, and Atlanta, GA locations.
May 26, 2023 Issue, Insurance Innovation Reporter
By Steve Berman
Cybersecurity attacks are on the rise and malicious actors are devising increasingly devious ways to hack into our networks and exfiltrate our most sensitive information. According to Juniper Research, cybersecurity criminals will steal over 33 billion records in 2023, a whopping increase of 175 percent over the last five years. Businesses have transferred risk by taking out cybersecurity insurance policies, leading to some hefty payouts in recent years. To stem these losses, insurance carriers are issuing and renewing fewer policies, charging more for what they do offer, and requiring businesses to raise their security game to qualify for coverage.
July-August Issue, Mailing Systems Technology
By Steve Berman
If the last two years have taught us anything it’s that the threat landscape is constantly evolving. With offices reopening as the shadow of the coronavirus pandemic recedes, many business owners hoped life was returning to normal, only to be faced with supply chain disruptions and rising costs due to inflation. Cyber criminals have also been busy, using a variety of schemes to exploit corporate networks for their own ill-gotten gains. Meanwhile, nature continues to test the resilience of businesses as drought, wildfires and disastrous weather events occur with ever-increasing frequency.
March-April Issue, Mailing Systems Technology
By Mike Sanders
The past two years have tested the resilience of businesses in unprecedented ways, proving that change really is the only constant in life. COVID-19 transformed the “work-from-home” option from an occasional perk to standard operating procedure. This has required businesses to quickly adapt their cybersecurity programs to accommodate a remote workforce and defend against increasingly sophisticated attacks from malicious actors. In response to the rise in teleworking, compliance requirements also became more stringent, requiring businesses to find novel ways to validate their teleworking controls.
ATLANTA, Ga, January 19, 2022
DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications, today announced it has successfully completed System and Organization Controls (SOC) 2® Type 2 examinations and the Payment Card Industry Data Security Standard (PCI DSS) onsite compliance assessment for service providers.
DATAMATX, A coalition of 12 independent businesses specializing in the production and delivery of printed and electronic collection communications filed an amicus brief in support of the defendant’s petition for a rehearing en banc following the 11th Circuit’s panel decision in Hunstein v. Preferred Collection and Management Services, Inc.
April 8, 2021, DOCUMENT Strategy
By Scott Stephens
The Solar Winds cybersecurity attack and the recent zero-day exploit involving Microsoft Exchange servers have exposed vulnerabilities in the IT infrastructure of organizations at every level, from small private businesses to major universities and government agencies, compromising sensitive information and national security in the process. However, practicing good security hygiene for internal systems is only half the battle. To prevent cybersecurity attacks from derailing your business, you must carefully vet your security programs and those of your vendors as well.
Requiring your vendors to maintain industry-recognized certifications is one of the best ways to make sure there are no weak links in your supply chain. When using certifications as part of your vendor risk management, recognize that they vary widely in terms of their scope and the rigor of the assessment process. Long considered the gold standard for healthcare organizations, HITRUST certification employs one of the most comprehensive…
Jan 18, 2021, Insurance Thought Leadership
By Scott Stephens
With the passage of the California Privacy Rights Act (CPRA), U.S. data privacy law entered a new era. In addition to establishing the first data protection enforcement agency in the U.S., the CPRA ushers in several stringent requirements for insurers and their service providers and is likely to serve as a model for other states considering similar legislation. As we head into 2021, your business should be on notice that data privacy requirements are about to get a lot tougher and ensure that your service providers have put the appropriate safeguards in place to protect your personal information.
While laws like the CPRA require insurers to protect sensitive data, they often give businesses little guidance on how to secure the information systems that process that data. If your business is wrestling with the growing patchwork of data privacy and security…
Sep2020, DPS Magazine
By Cassandra Balentine
Many organizations choose to implement a mixed communication strategy that incorporates both digital and physical components. Creating and delivering these offerings in a flexible and secure manner is a complex process.
Established in 1976, DATAMATX is headquartered in Atlanta, GA with additional locations in Phoenix, AZ and Richmond, VA. Its 140 employees are spread out over 103,000 total square feet.
The company started out as a shared mainframe service bureau, when mainframe computers were too expensive for most small businesses and desktop computers did not yet exist. “We provided custom programming and shared mainframe hosting of critical business applications, which our national clients accessed using remote terminals connected through dedicated phone lines,” shares Harry Stephens, CEO, DATAMATX.
Its clients’ demands evolved into the need for more customized solutions, and the company eventually invested in one of the first high-speed laser printers on the market to produce financial output. Stephens explains that from that platform—and as the reliance on mainframe applications waned—DATAMATX moved into printing and mailing mission-critical financial statement, bills, collection letters, invoices, confirmations, insurance documents, and other notices. “Eventually, our customers wanted digital solutions for these services, so today we deliver business to business and business to consumer mission-critical customer communications digitally, as well as via paper and mail,” he shares.
DATAMATX is now a full-service provider of high-volume print and digital transactional communications. “Our advanced document processing and delivery capabilities enable clients to create data-driven, highly targeted communications to their customers. We offer fully customized options like personalization and high-quality color to engage customers and drive revenue for our business customers,” he adds.
Versatility in Capabilities
Processing mission-critical documents is a complex and highly sensitive business. Its clients need to adhere to regulations while maintaining a positive customer experience. DATAMATX finds agility is key to its success. “Our clients tell us our greatest strength is our flexibility and capability to develop customized solutions for complex…
Scott Stephens | August 17, 2020
Like businesses in most industries today, insurance organizations are facing an unusually high level of uncertainty due to circumstances beyond their control. While our nation currently faces the reality of COVID-19, which has wreaked havoc on the U.S. economy, businesses in every industry need to focus on ways to remain viable.
Certainly, when you outsource the production and delivery of your policyholder communications to a third party, it is important to ensure the provider has the resources and staffing required to manage your work. However, to help you sleep at night, today the most critical thing to ascertain is what security measures they have in place to protect the privacy of the data included in your billing notices, policies, quotes, EOBs, and other communications.
Data breaches have become an unfortunate reality of doing business, with the number of reported breaches increasing by more than 50% in 2019 compared to the previous year. As an industry that processes large amounts of private data, insurance is a prime target for criminal enterprises and malicious insiders. The risk of exposure is even greater for enterprises that outsource their electronic document processing, billing and distribution solutions to a third-party provider. With more U.S. states enacting tighter data breach legislation, prioritizing data security is imperative for insurers, particularly those that outsource documents.
Five security measures you should look for
It is no longer enough that a potential service provider can show written policies and procedures; there must also be evidence and technical solutions in place to support those policies. A robust and mature security program is the best way to head off data breaches and to minimize exposure once they occur. Here are the top five security measures you should look for when outsourcing the management of your company’s transactional documents, along with some guidance on how…
WASHINGTON, DC — Postmaster General Louis DeJoy issued the following statement today: “The Postal Service is in a financially unsustainable position, stemming from substantial declines in mail volume, and a broken business model. We are currently unable to balance our costs with available funding sources to fulfill both our universal service mission and other legal obligations. Because of this, the Postal Service has experienced over a decade of financial losses, with no end in sight, and we face an impending liquidity crisis. Congress and the Postal Regulatory Commission must enact legislative and regulatory reforms to help address the situation. At the same time, it is imperative for the Postal Service to operate efficiently and effectively. Indeed, there are alternatives to every product that we offer, and the only way that the Postal Service can continue to provide prompt, reliable, and affordable universal postal services for all Americans over the long-term is by vigorously focusing on the efficiency of our operations. To start with, we must better adhere to our existing operating plans, which were developed precisely to ensure that we meet our service standards in an efficient and effective manner. It is evident that the Postal Service has the ability to improve in that area. On the day that I was sworn in as Postmaster General by our Board of Governors, the Postal Service Inspector General issued a report entitled “U.S. Postal Service’s Processing Network Optimization and Service Impacts.” In that report our Inspector General indicated that the Postal Service spent $1.1 billion in mail processing overtime and penalty overtime, $280 million in late and extra transportation, and $2.9 billion in delivery overtime and penalty overtime costs in FY 2019. Yet, even after incurring these additional costs, the Postal Service has not seen material improvement in our service performance scores. While we did not fully agree with all aspects of OIG’s report, we did not dispute the fundamental conclusion that we need to redouble our efforts to focus on our plans to improve operational efficiency and to further control overtime expenditures. The Postal Regulatory Commission has also recognized in its most recent reports that the Postal Service is not on a sustainable path, and that we continue to fall short of achieving our service targets with regard to the majority of our market dominant products. The Postal Service has spent the last four years unsuccessfully trying to obtain reform legislation from Congress and pricing reform from the PRC, while remaining focused on the efficiency of our operations. Given our current situation, it is critical that the Postal Service take a fresh look at our operations and make necessary adjustments. We are highly focused on our public service mission to provide prompt, reliable, and efficient service to every person and business in this country, and to remain a part of the nation’s critical infrastructure. However, changes must be made, and we will refocus on all of the items within our control, and propose changes to some that are not, in order to ensure that we will be able to continue to fulfill our universal service obligation to all of America.” ### For U.S. Postal Service media resources, including broadcast-quality video and audio and photo stills, visit the USPS Newsroom. Follow us on Twitter, Instagram, Pinterest, and LinkedIn. Subscribe to the USPS YouTube channel, like us on Facebook and enjoy our Postal Posts blog. For more information about the Postal Service, visit usps.com and facts.usps.com. |
Printing Impressions – June 9, 2020
DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications, today announced it has successfully achieved the HITRUST CSF certification. Additionally, the company achieved certification under the NIST Cybersecurity Framework v 1.0. Achieving this certification places DATAMATX among an elite group of organizations that have been able to meet the rigorous key compliance regulations and industry requirements for the security of protected health information (PHI).
HITRUST CSF is the information protection framework for the health care industry for addressing rigorous…
Security is always a critical concern, but is the current environment, it’s more vital than ever.
When COVID-19 began to spread beyond the epicenter in Wuhan, China, calls for social distancing reached a fever pitch. Governments in hard-hit areas imposed stay-at-home orders and shuttered non-essential businesses. Faced with a rapidly evolving crisis, the private sector scrambled to implement work-from-home arrangements while securing their IT systems and data.
Inevitably, criminals began to capitalize on security vulnerabilities created by…
When the FTC introduced proposed changes to GLBA’s Safeguard Rule last year, security experts sat up and took notice. The updates marked the first major changes in fifteen years and expanded the scope of covered entities under GLBA. In addition, the proposed changes would require financial institutions to perform risk assessments at regular intervals, to report any findings to Board members, and to mitigate risks by encrypting customer data, using…
DATAMATX firmly believes in giving back to the community. I Care Atlanta, Inc. is a 501(c)3 non-profit organization that works to prevent homelessness and provide services that lead to self-sufficiency. Pictured below are DATAMATX CEO/President Harry Stephens and Human Resources Manager Allison Asher with this month’s collection of groceries for I Care Atlanta to provide for those in need in Metro Atlanta and surrounding communities.
The headline in USA Today blared, “2019 on track to be worst year ever for data breaches.” There were more than 3,800 breaches reported in the first half of the year, a 52% increase from last year. That’s the bad news.
The worse — and franly, scary — news is that it only takes one…
It’s October and the last quarter of the year! We have been busy at DATAMATX making sure that we are keeping on top of the latest in all things USPS and taking every opportunity available to keep our pulse on the industry.
“PayThink Breaches are unavoidable, but damage can be mitigated”
We’ve all heard about data breaches over recent months at credit card companies and retailers such as Capital One and, in some cases, even with state and federal information and communications systems.
There is no doubt these situations are disastrous for the organizations involved, for reasons no business wants to experience. The thought of diminishing the good will of customers and consumers, possibly millions of dollars in lawsuits to compensate customer losses, and even potential damage to internal systems if the breach is the result of some virus or malware is bound to keep anyone up at night.
“DATAMATX Certified as a Veteran-Owned Small Business”
ATLANTA, Ga, October 16, 2019—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications and payment services, today announced it has been certified as a Veteran-Owned Small Business (VOSB) by the Veterans Administration. The VOSB certification is awarded to companies that are majority owned and managed by a veteran who is directly involved in daily operations. Harry Stephens, CEO at DATAMATX served in the U.S. Army.
“Security Must-Haves: A Guide to Selecting Third-Party Providers”
When a data breach makes the news, high-profile attacks on data centers and hacking incidents get most of the attention. What you may not hear about is the many data breaches that are caused by basic security lapses, like using the wrong size envelope and exposing sensitive customer information. For lending institutions working with third-party service providers, basic mistakes like these can lead to costly regulatory penalties and litigation. Knowing what to look for when selecting a secure provider can prevent…
“DATAMATX Announces Prelude Software as New Solutions Partner”
Atlanta, GA, May 22, 2018—DATAMATX, a leader in the distribution of critical business communications and payment services, today announced that Prelude Software (Prelude), a leading provider of payment management technology, has joined DATAMATX as a solutions partner. With Prelude’s Pay Pilot® disbursement hub solution accelerator, insurers can automatically upload payment request and check information via Pay Pilot to DATAMATX for print and distribution. Additionally, Prelude’s Pay Pilot disbursement hub solution accelerator has been integrated into DATAMATX’s automated Micro output solution system for the print and distribution of MICR check processing on behalf of their insurance industry clients.
ATLANTA, GA, March 22, 2018—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications and payment services, further strengthened its privacy and security controls by completing its second consecutive audit for Service Operational Controls (SOC) 2 aligned to the Health Information Trust Common Security Framework (HITRUST CSF).
The SOC 2 + HITRUST audit was conducted by an outside assessor organization, certifying that DATAMATX meets and exceeds the requirements for handling sensitive health care information under rigorous HIPAA standards. This year’s audit included additional controls specific to HITRUST, focusing on risk exposure, compliance…
DATAMATX Successfully Meets Requirements for Payment Card Industry Data Security Standard (PCI DSS v3.2)
ATLANTA, GA, March 13, 2018—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications and payment services, announced it has once again met the rigorous certification requirements as a service provider for the Payment Card Industry Data Security Standard (PCI DSS) version 3.2. As payment security continues to be a top priority for businesses and consumers, the Payment Card Industry Security Standards Council (PCI SSC) has added stringent requirements, examining service provider change management processes, continuous monitoring, and maintaining seven critical security…
DATAMATX Successfully Completes Requirements for Federal Information Security Act (FISMA) Compliance
ATLANTA, GA, February 14, 2018—DATAMATX, a national outsourcing provider and leader in the distribution of critical business communications and payment services, today announced it has successfully completed an independent external audit of its information security policies, procedures and controls to measure compliance with the Federal Information Security Act (FISMA) and the National Institute of Standards and Technology (NIST) 800-53 Moderate baseline security controls. FISMA requires specific documentation, policies and procedures and defined processes to be in place to meet…