In today’s world of ever evolving cyber threats, it is imperative that the healthcare industry remain diligent in protecting client and patient data. New challenges in data security seem to pop up daily, and it’s a full time job to stay ahead of the game. At Revco Solutions, data security is a top priority.
The History of HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to accomplish four things:
- To assure portability of health insurance by eliminating job-lock due to pre-existing medical conditions.
- To reduce instances of healthcare fraud and abuse.
- To enforce the standards for health information.
- To guarantee the privacy and security of health information
Technological Advances & Challenges
Global advances in technology since 1996 have resulted in a significant increase in cyber-threats. This has created major challenges for healthcare organizations in maintaining compliance with HIPAA. Staying ahead of cyber-threats in 2023 is much more challenging than it was in 1996 and managing data, information risk, and compliance can be a daunting task for providers. In short, it can be a full-time job just to keep up.
The HITA Solution
Healthcare providers needed a workable framework to help them achieve and maintain compliance. The Health Information Trust Alliance (HITA) was founded in 2007 to help organizations (especially healthcare organizations) to provide the highest level of data security. The “HITRUST approach” reduces costs and the amount of effort spent on completing questionnaires, assessments, single-use assurances, and other compliance reports. Streamlining these procedures helps providers to stay ahead of cyber threats and lowers risks.
Revco Is HITRUST Risk-based, 2-year (r2) Certified
Revco Solutions is HITRUST Risk-based, 2-year (r2) Certified. This status demonstrates that Revco’s collection technology platforms, contracted data centers, and call center office locations have all met key regulations and industry-defined requirements and are appropriately managing risk. HITRUST is the gold standard in Healthcare Data Security. Compared to other HITRUST Assessments, the HITRUST Risk-based, 2-year (r2) Validated Assessment requires a higher level of effort, which delivers the highest level of assurance. It is globally accepted as confirmation that information security and privacy controls are effective and compliant with various regulations. We have partnered with an authorized HITA External Assessor to pass a comprehensive security evaluation. This evaluation sets high standards for data loss prevention and information risk management.
The first step in the certification process is a Readiness Assessment to determine if security controls are working. Any gaps that are found at this stage are addressed in the Remediation phase. This is followed by a Validated Assessment which includes interviews with key personnel, a review of supporting documents, sampling, penetration testing, and vulnerability scans. At this point, the assessors review and validate the scores and send it off to HITA for approval. HITRUST then makes the final decision regarding certification and issues a Quality Assurance Review and final report. This process can take six months to a year to complete, and in addition to interim check-ins, recertification is required every two years.
“The HITRUST Assurance Program is the most rigorous available, consisting of a multitude of quality assurance checks, both automated and manual,” Bimal Sheth, Executive Vice President, Standards Development & Assurance Operations, HITRUST points out. “The fact that Revco Solutions has achieved HITRUST Risk-based, 2-year Certification attests to the high quality of their information risk management and compliance program.”
At Revco Solutions we are serious about data security and HIPAA compliance. Let us provide the gold standard in client and patient data security and help you meet your debt recovery needs.