Suggested Searches
The HITRUST Common Security Framework (HITRUST CSF) is a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. HITRUST certification means that the organization has undergone a thorough assessment of the information security program focused around a given scope which is generally limited to one or more implemented systems. Smart Data Solutions is proud to be HITRUST-certified for all our facilities, systems, and processes.
A SOC 2 Type 2 report is an internal controls report capturing how a company safeguards customer data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third-party technology services. Smart Data Solutions is SOC 2 Type 2 certified, meaning that the SOC 2 audit found that we handle all PHI and protected data with the highest levels of safety and security.
Smart Data Solutions performs thorough on-site audits of all requirements conducted annually. In addition, we conduct periodic live, virtual video audits, including visual IP address verification and facility security requirement verification. Immediate action is taken against facilities that don’t meet requirements.
At Smart Data Solutions, all our facilities are HIPAA-compliant and meet BAA, NDA, and other healthcare-standard privacy requirements, with strict security access and video surveillance at every location. We also have two highly secure tier IV data centers. We’re constantly performing penetration analysis to ensure our systems are completely secure, making us the most trusted and reliable option for your business.
SDS has a full disaster recovery and business continuity plan in place to effectively react to loss of electrical, loss of network, loss of physical computing facility, loss of employee, and loss of keying facility. The goal of SDS is to restore business continuity within 48 hours of an outage or disaster. SDS maintains a parallel computing infrastructure. Each facility is capable of supporting SDS production. SDS contingency business partners already work some SDS jobs and have high production potential. SDS tests this plan annually.
We continually monitor the regulatory environment to understand the full scope of our compliance responsibilities. When changes are made, we respond well in advance, and test all changes to make sure we remain in compliance.
Smart Data adheres to all HIPAA mandates. All employees are trained on the privacy and security aspects involved with HIPAA and Smart Data has taken precautions to make sure we are HIPAA compliant. Our data centers are highly secure, and our scanning centers have multiple security points prior to access. Our log in requires double user name password along with IP address restrictions.
We are very serious about maintaining compliance with HIPAA security requirements. Specifically, we are SOC 2 type two certified and recently completed an extensive security and penetration audit. In addition, we are an active member of both the EDI standards board and WEDI, for which we attend conferences and participate in educational forums to discuss policy updates. Our entire process is secure and adheres to all HIPAA mandates in each of our services — from the initial image upload, through the data-capture, data-scrubbing, archiving and all the way to the file return and EDI routing. All employees are trained on the privacy and security aspects involved with HIPAA.
We use the above to assess risk after which we prioritize remediation. Many security initiatives are identified internally. For example, we recently implemented password encryption within our database.
Our tools, solutions, and continued research into new AI and machine learning processes help payers nationwide reduce costs, achieve greater process efficiency, and reduce turnaround times.
