Why Medical Centers Should Prioritize HITRUST in Cloud Providers

As medical centers have moved their operations and data from local infrastructure to the cloud, their ability to directly secure data has decreased. This change in security landscape makes it challenging for medical centers when they need to assess third-party vendors to ensure data is handled in a secure and compliant manner. One of the preferred methods is for providers and vendors to adopt the Health Information Trust Alliance (HITRUST) Certification standard as a way to streamline the vetting process. From a provider’s standpoint, that process saves substantial resources.

In August 2019, DNAnexus announced that its cloud-based genomics platform earned Certified status for information security by HITRUST.  As the first and currently only genome informatics platform to receive HITRUST CSF Certification, this certification further establishes DNAnexus as an industry leader with a demonstrated commitment to protecting the privacy of its healthcare clients patients’ confidential information.

The University of Pittsburgh Medical Center (UPMC), a world-renowned health care provider and insurer, has moved many of their applications and data services to the cloud via the DNAnexus Platform. As a result, UPMC requires vendors to become HITRUST certified so that can more effectively manage information risk and know that all organizational and patient data will remain protected.

UPMC is at the forefront of security and compliance standards. In the future, we predict more medical centers will require vendors to be HITRUST Certified as it streamlines the assessment process. With the DNAnexus Platform, UPMC’s entire network is given the ability to analyze hundreds of thousands of samples efficiently and share data and tools with collaborators – all while maintaining peace of mind that their patients’ data is being handled with the greatest level of care and confidentiality.

“Our customers require that our genome informatics platform protects the privacy and security of their patients’ confidential data,” said E. Loren Buhle, Jr. PhD, Vice President of Security, Quality and Compliance at DNAnexus.  “Becoming HITRUST CSF Certified is another important milestone in becoming the industry leader in data security and protecting ePHI. We now have earned certifications from HITRUST, FedRAMP ‘Moderate’ Authority to Operate, ISO27001 and Privacy Shield.”

Want to learn more about how DNAnexus has met key regulations and is appropriately managing risk? Get in touch! Email us at info@dnanexus.com.