CHARLOTTE, N.C.--(BUSINESS WIRE)--Eye Care Leaders (ECL), an industry pioneer providing performance solutions to ophthalmology and optometry practices, today announced that all of the portfolio’s software products, as well services such as revenue cycle management, hosting, and more, have earned Certified status for information security by HITRUST.
HITRUST CSF (Common Security Framework) Certified status demonstrates that ECL has met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places ECL in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.
“Eye Care Leaders is the only ophthalmology-specific electronic health records (EHR) provider to have this certification,” said Martin Ignatovski, ECL’s chief information and compliance officer. “This is the highest recognition in security compliance that an organization can achieve in the healthcare market, which further demonstrates Eye Care Leader’s dedication to quality and patient security.”
Ignatovski noted that obtaining HITRUST CSF certification required months of preparation, reviews, and audits. “Healthcare providers and their business associates have multiple compliance requirements and obligations, and they must guard their systems against ransomware and other cybersecurity threats that could compromise patient health information (PHI),” he explained. “The advantage of the HITRUST certification is that it ensures that business associates and the providers they serve comply with multiple standards and controls within the broad, rigorous framework, including HIPAA, HITECH, ONC, MU, ISO27001/27002, NIST, COBIT, and others. Furthermore, a HITRUST certification can scale as the organization grows and develops.”
“HITRUST CSF includes controls across nineteen various domains,” Ignatovski added. “ECL met all of its obligations across all of the domains, which include, but are not limited to:
- Data encryption, both at rest and in transit;
- Password management;
- Access controls;
- Various administrative controls, from employee background check to physical security;
- Server and workstation controls;
- Network protections;
- Incident responses and management; and
- Properly handling data across the board.
“HITRUST demands expertise and dedication from health information technology providers,” added Arun Kapur, ECL’s president of software and technology. “Our clients can be confident that their software and services are fully prepared to meet continually changing government regulations and security measures.”
“HITRUST has been working with the industry to ensure the appropriate information protection requirements are met when sensitive information is accessed or stored in a cloud environment. By taking the steps necessary to obtain HITRUST CSF Certified status, ECL is distinguished as an organization that people can count on to keep their information safe,” said Ken Vander Wal, Chief Compliance Officer, HITRUST.
About Eye Care Leaders
Eye Care Leaders (ECL) is a Charlotte, N.C.-based family of companies serving more than 8,000 ophthalmologists and optometrists with the common goal of improving the efficiency, profitability, and competitiveness of those eye care practices. ECL provides electronic health records systems for 40 percent of the market, bringing together trusted names such as myCare iMedicWare, myCare Integrity, MDoffice, ManagementPlus, Medflow, IO Practiceware, KeyMedical, My Vision Express, and EyeDoc. With a sole focus on eye care, ECL understands the challenges physicians face and brings solutions to complex problems to help practices reach their goals and succeed.
Eye Care Leaders Media Contact:
Eye Care Leaders
Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for corporations and institutions across all industries and throughout third-party supply chains. In collaboration with privacy, information security, and risk management leaders from both the public and private sectors, HITRUST develops, maintains, and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.
HITRUST actively participates in many efforts in government advocacy, community building, and cybersecurity education. For more information, visit www.hitrustalliance.net.