Starling Moving at High Speed Toward HITRUST

What is HITRUST?

National Physician Services (NPS) has engaged with Beyond, LLC to obtain the well-respected designation of HITRUST certification, recognized throughout the industry as the “gold standard” for security.

HITRUST, the Health Information Trust Alliance, is the premier organization for information security with regard to electronic personal health and financial information. HITRUST has established a common security framework with standards that can be implemented, managed and measured, allowing entities to meet multiple compliance initiatives.

Why do we want to be HITRUST certified?

Of course, NPS as an information technology company is interested in the highest standards of security to protect our organization and the information of the patients we serve. The distinction of being HITRUST certified is truly a differentiator in the marketplace and assures all of our business associates that our data is managed and protected with the utmost integrity. Once awarded, in order to maintain this certification, an annual review is required, as well as a full assessment every two years.

What can you do to help support HITRUST?

Starling needs your assistance in order to move this important initiative forward. The beginning stages of HITRUST involve reviewing and refining the policies and procedures already in place around privacy and compliance. During the next phase, Beyond, LLC will be making site visits to ensure that we are following the appropriate protocols and meeting these high standards of information security every day in every way. As always, we will need you to be thoughtful and mindful of our established protocols and the way in which our protected information is being handled.

What are the first steps to HITRUST?

NPS and Starling have developed an aggressive timeline to prepare for HITRUST certification. We are actually on track to implement some of the requirements right away. Please note that the following improvements to our current security environment are coming soon:

• Password Changes: The composition and longevity of passwords is changing to enhance security and protect our systems.
• Time Out Sessions: Inactivity on a device for a certain period of time will require a user to re-enter his/her password to prevent unauthorized access to our systems.
• Privacy Maximization: Workflow improvements to protect information received at shared devices (printers, fax machines) and evaluation of high traffic areas for possible screen shields.
• Security Awareness: Plans are underway to provide more education more often on HIPAA rules, e-mail security, and device encryption/protection.

Cooperation + Collaboration = HITRUST

We thank you in advance for being adaptable and promoting these small changes with the common goal of making Starling Physicians an even more respected organization with this highly valued certification.  

Starling will only succeed in obtaining this important designation with help from all of you, in all areas and in all roles within our company. If you have any ideas or suggestions on how to improve these processes, please let us know – we would appreciate your input and feedback.