NAC Inc. Achieves HITRUST CSF Healthcare Privacy Certification
DUNCANSVILLE, Pa. - November 8, 2017 - In its continual efforts of evolving and investing in its assurance platforms, NAC Inc., an international leader in direct mail marketing, announced it has earned HITRUST CSF v8.1 Certification. As one of the most comprehensive and widely-adopted information security frameworks, the HITRUST CSF Certification process required a rigorous assessment process of NAC’s security controls conducted by an Approved HITRUST CSF Assessor, IS Partners LLC, culminating in the testing of selected controls and validation through the HITRUST CSF.
Achievement of HITRUST CSF Certification not only recognizes NAC’s ability to meet key healthcare regulations and requirements for protecting and securing sensitive, private healthcare information (PHI), but that NAC’s practices and controls are implemented, monitored, and tested to meet the highest level assurance to meet or exceed defined requirements across a broad range of industries. The HITRUST CSF control requirements are comprehensive and address all aspects of an organization’s protection of information and the management of systems and networks and specifically the controls necessary to protect personal health and financial information.
The HITRUST CSF was designed to leverage established information security and management platforms such as PCI DSS, ISO 27001/27002, and NIST to create a practical and measurable approach for validating a company’s implementation of the controls and compliance of their practices.
The HITRUST CSF Certification directly complements NAC’s recent SOC 2 Type II certification. Where the SOC paradigm speaks to the design and effectiveness of control implementation, HITRUST CSF and its prescriptive controls addresses the maturity and scale of the controls applied within specific security domains, assuring that NAC’s practices meet not only the basic requirements, but progressively intensify to meet the level of risk that correspond to the scope of the organization’s activities.
“Achieving HITRUST CSF Certification is an integral part of NAC’s overall information security management strategy,” says Stacey Burket, VP of compliance and operational risk. “With its comprehensive framework, exacting requirements and wide-range of applicability, certification under HITRUST CSF isn’t merely a snapshot of compliance, but an assurance of practices. You simply cannot achieve this type of certification through a single initiative. It requires the demonstration of mature and well managed practices. That is the value to NAC and our clients and we are pleased to be one of the organizations worldwide to have earned this certification.”
The preceding press release was provided by a company unaffiliated with Printing Impressions. The views expressed within do not directly reflect the thoughts or opinions of Printing Impressions.