What is HITRUST?

Companies that interact with medical records, including doctors, hospitals, insurance companies, and software providers, have to comply with HIPAA (Health Insurance Portability and Accountability Act). Founded in 1996, HIPAA is a law that’s meant to protect the privacy of health information. While HIPAA provides the legal framework for security, it does not contain specific technical guidelines or a certification that attests to compliance.  To bridge this gap, healthcare groups are increasingly leveraging HITRUST (Health Information Trust Alliance), a multi-regulatory technology certification system.

Pursuing HITRUST Compliance

This software company helps patients who are medically in need of weight loss. Eighty percent of the company’s subscribers lose at least five percent of their body weight and improve their long-term health outcomes.

Since the company provides a clinical service to hundreds of thousands of patients every month, their CISO decided to pursue HITRUST certification. 

The company assembled the best partners in the healthcare technology industry in order to build its platform. Logicworks is a premier AWS consulting partner based in New York specializing in compliant cloud solutions for healthcare and financial services. Logicworks architected the infrastructure – servers, storage, networking, and platforms – for the company and provides day-to-day management of the environment. 

For security monitoring, the company turned to Alert Logic. Alert Logic provides a full stack cloud security solution covering requirements like intrusion detection, network threats, and log analysis, and offers integration with Logicworks’ cloud platform. With this combination of products, the company can identify the nature and severity of any threats and take immediate action.

Updating features and onboarding new clients quickly are competitive advantages. The development team integrated their Continuous Integration (CI) tools with Logicworks’ Continuous Deployment (CD) capabilities in the cloud, creating a CI/CD Pipeline. They’ve got zero downtime deploys, and everything is automated from start to finish, so that they can make a change and deploy it with confidence in a matter of less than an hour.

Results

The healthcare SaaS company is now HITRUST certified and continues to grow by partnering with Fortune 100 clients. In aggregate, the company has helped its members to lose over one million pounds.