ECHO® Achieves HITRUST CSF® Certification to Further Mitigate Risk in Third-Party Privacy, Security, and Compliance

ECHO Health, Inc., a leading provider of healthcare payment processing solutions, today announced the ECHO Payment Administration System has earned Certified status for information security by HITRUST®. HITRUST CSF Certified status demonstrates that ECHO has met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places us in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“Electronic payment systems like ECHO’s must maintain the highest level of diligence in meeting complex compliance and privacy requirements that include technical and process elements to protect our clients’ data,” said Chad Davis, CIO for ECHO Health. “We are pleased to demonstrate to clients and users our standard of excellence for protecting sensitive data and information by achieving this HITRUST CSF Certification.”

“The comprehensive HITRUST CSF information protection framework has seen widespread adoption across industries while the HITRUST CSF Assurance Program brings a new level of effectiveness and efficiency to third-party assurance,” said Jeremy Huval, Chief Compliance Officer for HITRUST. “The HITRUST CSF Certification is now a common benchmark to measure organizations’ safeguards for sensitive data.”

About ECHO Health, Inc.

ECHO Health, Inc. was founded in 1997 by William Davis, a payment visionary and pioneer with over 30 years’ industry experience. He developed a proprietary, patented payment system, and today ECHO offers revolutionary payment solutions for healthcare payers of all sizes.

Payers, vendors, employers, providers and members benefit from the association with ECHO, realizing dramatic reductions in the costs of fulfillment and customer service. ECHO’s services comply with ERISA (Employee Retirement Income Security Act), HIPAA (Health Insurance Portability and Accountability Act), CORE (Committee on Operating Rules for Information Exchange), OFAC (Office of Foreign Assets Control), and Taft-Hartley regulations. For more information, visit echohealthinc.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20200730005746/en/