Trillium’s client is an insurance payment integrity consulting firm. Due to the client’s expanding customer base and concerns with HIPAA data concerns, specifically related to protected health information (PHI,) the client wanted to obtain an expanded security certification with the Health Information Trust Alliance (HITRUST.)
To obtain the HITRUST certification, the client needed to complete numerous activities in a specific timeframe related to the Common Security Framework (CSF) created for organizations that create, share, store or access sensitive or regulated health data. The client created tickets in their issue management system for several hundred activities. As the deadline for completion approached, the client determined they needed assistance with issue resolution to close out the remaining open items.
How We Solved It
Trillium to brought rigor and organization to the open item (ticket) resolution process. Tickets were related to physical and cyber security, CSF policies and procedures, and documentary evidence that HITRUST requirements were being met by the client. We reviewed the remaining open items (tickets) to determine the level of expertise needed to remediate the tickets, and drove the remediation of approximately half of the remaining tickets, while also assisting on activities where multiple activities were required. Trillium ensured that the tickets were remediated on time so that the onsite inspection by HITRUST could be scheduled for final approval.
- Client’s technical and physical security was enhanced by meeting HITRUST requirements
- A nominal number of open tickets were completed on time by creating CDF policies and procedures, documenting PHI security, and providing doc
- Client was able to schedule the final site visit to obtain HITRUST certification so they can attract future clients for their services