An important question to consider with telehealth applications is: Do you need a health information trust certification for telehealth? We already mentioned that HIPAA is not an actual program where you get a framed certificate at the end of the process. To claim HIPAA compliance in your application is certainly a good standard to have, but if you want to go further than that, you may want to consider HITRUST certification.
The HITRUST Common Security Framework (CSF) program encompasses everything you would expect to see in HIPAA certification, but goes beyond the security recommendations of HIPAA to also include elements of the PCI DSS standard for payment security regulations, NIST and ISO standards, and more.
The CSF includes 149 areas of controls, and your organization must meet at least 64 of them in order to be HITRUST CSF certified. Authorized CSF assessor consultants will certify your application for a fee, which can range widely based on the size of your organization and complexity of your systems.
Before hiring an assessor to sign off on your application, you can do a self-assessment to determine the gaps your application or processes may have. The self-assessment can be downloaded from the HITRUST Alliance website.
- The 5 Areas You Must Secure in your Telehealth Application
Think a Telehealth Solution may be right for your healthcare business?
We have a telehealth platform that is already built and can be quickly white-labeled and licensed for your use. We have decades of experience with over 200,000 hours invested in building real-time applications. You can read a client testimonial here.
Contact us today. We’ll help you get your user-friendly, HIPAA-compliant app — up and running with both the provider and patient in mind.