Our Security Framework

To provide our clients with the highest levels of security possible, Smart Data Solutions has obtained the HITRUST security certification. This security framework, coupled with our SOC audits, internal audits, and other best practices, provides the most significant levels of data and operational security. Smart Data Solutions provides highly secure, end-to-end data encryption to protect sensitive data. All PHI remains on domestic servers with only user keystrokes sent back to Smart Data Solutions’ systems for any offshore work being performed.

Security Framework

HITRUST Certification

The HITRUST Common Security Framework (HITRUST CSF) is a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. HITRUST certification means that the organization has undergone a thorough assessment of the information security program focused around a given scope which is generally limited to one or more implemented systems. Smart Data Solutions is proud to be HITRUST-certified for all our facilities, systems, and processes.

Security Framework

SOC2 Certification

A SOC 2 Type 2 report is an internal controls report capturing how a company safeguards customer data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third-party technology services. Smart Data Solutions is SOC 2 Type 2 certified, meaning that the SOC 2 audit found that we handle all PHI and protected data with the highest levels of safety and security.

Security Framework

Additional & Internal Audits

Smart Data Solutions performs thorough on-site audits of all requirements conducted annually. In addition, we conduct periodic live, virtual video audits, including visual IP address verification and facility security requirement verification. Immediate action is taken against facilities that don’t meet requirements.

Security Framework

HITRUST Certification

The HITRUST Common Security Framework (HITRUST CSF) is a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. HITRUST certification means that the organization has undergone a thorough assessment of the information security program focused around a given scope which is generally limited to one or more implemented systems. Smart Data Solutions is proud to be HITRUST-certified for all our facilities, systems, and processes.

Security Framework

SOC2 Certification

A SOC 2 Type 2 report is an internal controls report capturing how a company safeguards customer data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third-party technology services. Smart Data Solutions is SOC 2 Type 2 certified, meaning that the SOC 2 audit found that we handle all PHI and protected data with the highest levels of safety and security.

Security Framework

Additional & Internal Audits

Smart Data Solutions performs thorough on-site audits of all requirements conducted annually. In addition, we conduct periodic live, virtual video audits, including visual IP address verification and facility security requirement verification. Immediate action is taken against facilities that don’t meet requirements.

Our Physical Security Measures

At Smart Data Solutions, all our facilities are HIPAA-compliant and meet BAA, NDA, and other healthcare-standard privacy requirements, with strict security access and video surveillance at every location. We also have two highly secure tier IV data centers. We’re constantly performing penetration analysis to ensure our systems are completely secure, making us the most trusted and reliable option for your business. 

9 TONS
of mail per week
500M
Transactions Annually
85
Net Promoter Score
500+
Clients

What type of security and IT infrastructure is in place at Smart Data?

+
x
  • Smart Data Solutions is HITRUST certified
  • All data is stored on-shore in two tier IV co-location facilities
  • Quarterly security review, annual penetration testing, and rigorous HITRUST compliance

What disaster recovery and business continuity systems are in place?

+
x

SDS has a full disaster recovery and business continuity plan in place to effectively react to loss of electrical, loss of network, loss of physical computing facility, loss of employee, and loss of keying facility. The goal of SDS is to restore business continuity within 48 hours of an outage or disaster. SDS maintains a parallel computing infrastructure. Each facility is capable of supporting SDS production. SDS contingency business partners already work some SDS jobs and have high production potential. SDS tests this plan annually.

How does Smart Data Solutions and Smart Data Stream stay current with federal regulations?

+
x

We continually monitor the regulatory environment to understand the full scope of our compliance responsibilities. When changes are made, we respond well in advance, and test all changes to make sure we remain in compliance.

Smart Data adheres to all HIPAA mandates. All employees are trained on the privacy and security aspects involved with HIPAA and Smart Data has taken precautions to make sure we are HIPAA compliant. Our data centers are highly secure, and our scanning centers have multiple security points prior to access. Our log in requires double user name password along with IP address restrictions.

We are very serious about maintaining compliance with HIPAA security requirements. Specifically, we are SOC 2 type two certified and recently completed an extensive security and penetration audit. In addition, we are an active member of both the EDI standards board and WEDI, for which we attend conferences and participate in educational forums to discuss policy updates. Our entire process is secure and adheres to all HIPAA mandates in each of our services — from the initial image upload, through the data-capture, data-scrubbing, archiving and all the way to the file return and EDI routing. All employees are trained on the privacy and security aspects involved with HIPAA.

We use the above to assess risk after which we prioritize remediation. Many security initiatives are identified internally. For example, we recently implemented password encryption within our database.

icon

CLIENT TESTIMONY

Debbie Ziegler

“SDS performs all of our front-end services. This includes clearinghouse, scanning, imaging, OCR and mailroom. SDS also facilitates and performs ...”
View Story
icon

CLIENT TESTIMONY

Brian Janssen

“Smart Data operates as the EDI clearinghouse, paper claims and enrollment intake, and 834 enrollment hub for our commercial products. The development ...”
View Story
icon

CLIENT TESTIMONY

Matthew Estes

“SDS does EDI file translation mapping, eligibility checking, and routing to/from our business partners. SDS handles a lot of the heavy lifting for us ...”
View Story

CLIENT TESTIMONY

Debbie Ziegler

Debbie Ziegler
Executive Director of Operations
“SDS performs all of our front-end services. This includes clearinghouse, scanning, imaging, OCR and mailroom. SDS also facilitates and performs automated routing to PPOs and networks, thereby ensuring that we expediently maximize client discounts. SDS also does pre-adjudication edits, such as member and provider matching. Finally, SDS provides custom IT services such as file format conversion and transfer for our Amerihealth and BCI partnership claims. SDS has a comprehensive service suite thereby allowing “one-stop shopping’ for all our front-end services. This is both cost-effective and much easier to manage. In addition, their IT aptitude allows us to fill in the gaps for one-off type projects. The process runs smoothly without much intervention. When we do have an issue they are quick to respond with a solution.”
“SDS performs all of our front-end services. This includes clearinghouse, scanning, imaging, OCR and mailroom. SDS also facilitates and performs automated routing to PPOs and networks, thereby ensuring that we expediently maximize client discounts. SDS also does pre-adjudication edits, such as member and provider matching. Finally, SDS provides custom IT services such as file format conversion and transfer for our Amerihealth and BCI partnership claims. SDS has a comprehensive service suite thereby allowing “one-stop shopping’ for all our front-end services. This is both cost-effective and much easier to manage. In addition, their IT aptitude allows us to fill in the gaps for one-off type projects. The process runs smoothly without much intervention. When we do have an issue they are quick to respond with a solution.”
View Solution

CLIENT TESTIMONY

Brian Janssen

Brian Janssen
VP, System Solutions
“Smart Data operates as the EDI clearinghouse, paper claims and enrollment intake, and 834 enrollment hub for our commercial products. The development and execution of these solutions is always done partnered with the business leaders to ensure meaningful improvements are achieved. Because of that, Smart Data is considered a valuable partner by business leaders. When we start a Smart Data initiative, as a corporate leader I do not have to worry about whether the outcome will be successful.”
“Smart Data operates as the EDI clearinghouse, paper claims and enrollment intake, and 834 enrollment hub for our commercial products. The development and execution of these solutions is always done partnered with the business leaders to ensure meaningful improvements are achieved. Because of that, Smart Data is considered a valuable partner by business leaders. When we start a Smart Data initiative, as a corporate leader I do not have to worry about whether the outcome will be successful.”
View Solution

CLIENT TESTIMONY

Matthew Estes

Matthew Estes
Chief Information Officer
“SDS does EDI file translation mapping, eligibility checking, and routing to/from our business partners. SDS handles a lot of the heavy lifting for us and allows us to focus on what we do best. No matter how complex the setup and routing, SDS has always been able to make it work for us.”
“SDS does EDI file translation mapping, eligibility checking, and routing to/from our business partners. SDS handles a lot of the heavy lifting for us and allows us to focus on what we do best. No matter how complex the setup and routing, SDS has always been able to make it work for us.”
View Solution

Recent Articles

View All 

The Future of Healthcare: Digital Transformation

Digital transformation is a buzzword in the healthcare industry, but what does it mean to “digitally transform” your ...
Read Article

16 Minutes Can Reform Medical Prior Authorizations — ...

Prior authorizations are a standard operating procedure across almost all insurance plans. Not all medical events need prior ...
Read Article

The Basics of Pharmacy Claims Adjudication

From Payer to Patient: The Ins and Outs of Pharmacy Claims Adjudication Prescription use is on the rise, a trend attributed to ...
Read Article

Why handle the heavy lifting of your claims workflow when a smart team enhanced by AI can?

Our tools, solutions, and continued research into new AI and machine learning processes help payers nationwide reduce costs, achieve greater process efficiency, and reduce turnaround times.

Start Customizing Your Solution