An ACA International member shares why he pursued the HITRUST health care data security certification.
10/30/2018 9:00
The Health Information Trust Alliance computer security framework, commonly known as HITRUST CSF, is a health care cyber security certification that is little known within the accounts receivable management industry—but that’s slowly changing.
HITRUST CSF is designed to help health care entities and their business partners secure private health information. It addresses requirements from other major data security standards too, like the Health
Insurance Portability and Accountability Act and state regulations, Collector magazine editor Anne Rosso May reports in the October issue.
Earlier this year, ACA International member company PlusFour Inc., a third-party debt collection agency based in Las Vegas, achieved the HITRUST CSF certification after two years of preparation. We spoke
with Richard Bennett, president of PlusFour, about the experience and why he thinks the HITRUST CSF is so important in the accounts receivable management industry.
Q. Do you think many accounts receivable management companies pursue the HITRUST CSF today?
A. When I was at ACA International’s Spring Forum and Expo in March, I was in a data security seminar and there were about 200 people from other agencies in the room. The presenter asked if anyone in the audience was HITRUST certified, and my agency was the only one to raise a hand. Most had never even heard of it.
Q. Why did you decide to get the certification?
A. As a vendor to the health care industry, we want to be ahead of the curve on their fast- moving and ever-changing data security requirements. I believe that not too long down the road, the HITRUST CSF will be a requirement to do business with the major health care organizations and is quickly becoming the template and benchmark for data security in that industry.
I believe that if agencies don’t pay close attention and begin the process now to protect their data to comply with the health care industry standards and requirements, their ability to do business with current and potential medical provider clients will be at risk.
Read more about the certification process for Bennett’s company, advice for others considering the HITRUST certification and more in the October issue of Collector magazine.
Subscriptions to the Collector magazine digital edition and email notifications for each new issue are available for ACA International members by logging in to ACA International’s website here. Members and nonmembers can also purchase a print subscription. Nonmembers can create a guest profile on ACA’s website to subscribe to available publications.