QuisLex announces that it has earned certified status for information security by HITRUST. HITRUST CSF certified status demonstrates that QuisLex has met key regulations and healthcare industry-defined requirements and is appropriately managing risk. This achievement places QuisLex in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls, tailored for the healthcare industry.
QuisLex was assessed against 233 controls. The assessment covered 19 domains, including information protection, endpoint protection, portable media security, mobile device security, wireless security, configuration management, vulnerability management, network protection, transmission protection, password management, access control, audit logging and monitoring, education, training, and awareness, third party assurance, incident management, business continuity and disaster recovery, risk management, physical and environmental security, and data protection and privacy.
This latest certification is part of QuisLex’s long history of adhering to strict compliance and security requirements. As one of the first alternative legal service providers to be certified and audited under the ISO 27001, SOC 1 Type II, and SOC 2 Type II standards for data security, QuisLex employs security measures that go above and beyond industry norms.
"Security and compliance are the foundation of everything we do at QuisLex and we hold ourselves accountable to the highest standards," said Michel Sahyoun, CTO at QuisLex. “The HITRUST CSF is the gold standard that needs to be met, in particular for the healthcare industry, and QuisLex is pleased to be recognized for our commitment by achieving HITRUST CSF Certification."
“HITRUST is helping organizations ensure that the highest standards of information protection requirements are met when sensitive data is accessed or stored,” stated Jeremy Huval, Chief Compliance Officer, HITRUST. “QuisLex can be recognized as an organization that can be counted on for keeping information safe.”