As we’ve mentioned a number of times – at Paubox we take securing your data seriously and it’s embedded into our company culture.
HITRUST CSF Certified status demonstrates that our solutions have met key regulatory requirements and industry-defined requirements and is appropriately managing risk.
This achievement places Paubox in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.
At this time we believe Paubox to be the only HIPAA compliant email provider to have their solution achieve HITRUST CSF Certified status.
“Our customers are trusting us to meet complex compliance requirements such as HIPAA, NIST, ISO and COBIT,” said Hoala Greevy, Founder CEO of Paubox. “The HITRUST CSF is the gold-standard that needs to be met, and we are very pleased to be able to demonstrate our commitment by achieving HITRUST CSF Certification for our systems.”
“The HITRUST CSF has become the information protection framework for the health care industry, and the CSF Assurance program is bringing a new level of effectiveness and efficiency to third-party assurance,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “The HITRUST CSF Certification is now the benchmark that organizations required to safeguard PHI are measured against with regards to information protection.”
The HITRUST CSF certification of the aforementioned four Paubox products is valid for two years.
Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain.
In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.