Largest Health Benefits Company to Achieve HITRUST CSF
Certification Under 2013 Assurance Criteria
INDIANAPOLIS--(BUSINESS WIRE)--Sep. 30, 2013--
WellPoint, Inc. (NYSE: WLP) announces it has achieved Common Security
Framework (CSF) Certified status from the Health Information Trust
Alliance (HITRUST). Certification was obtained through the HITRUST CSF
Assurance Program, the most widely-used information security framework
used by United States health care organizations. WellPoint is the
largest health benefits company to achieve HITRUST CSF Certified status
under 2013 assurance criteria.
The CSF Certified status under new 2013 assurance criteria assures
WellPoint’s members, clients, and business partners that the company is
meeting the highest standards within the health care industry for
managing security risks and protecting health information. CSF assurance
criteria is reviewed annually and modified based on changing regulations
and loss data analysis.
“Given the multitude and complexity of state and federal regulations
with which we need to comply, the HITRUST CSF Assurance Program allowed
us to proactively obtain a level of assurance that we are appropriately
managing information risk and protecting health information while
demonstrating compliance internally and with third parties,” said Roy
Mellinger, WellPoint chief information security officer. “WellPoint is
committed to protecting customer data and demonstrating how we are a
trustworthy business partner.”
With continuously evolving security regulations in the health care
industry, organizations are facing greater scrutiny and increased
challenges in managing and monitoring their security and privacy
practices when creating, accessing, storing or exchanging protected
health and financial information. HITRUST
CSF certification helps companies reduce this burden by affirming
adherence to an industry-developed and industry-supported security
framework integrated with state and federal regulations, business
requirements and industry standards.
“WellPoint has been a vocal proponent of streamlining and enhancing
regulatory compliance and information protection internally, across the
industry and with their business partners,” said Daniel Nutkis, HITRUST
chief executive officer. “Obtaining CSF Certified status is confirmation
of their commitment.”
WellPoint will leverage the CSF Assurance Program in its own business
associate compliance program and require the submission of CSF
assessment reports from its business associates. Achieving HITRUST CSF
Certified status and the continued reporting process validates
WellPoint’s commitment to protecting data.
About WellPoint, Inc.
At WellPoint, we believe there is an important connection between our
members’ health and well-being—and the value we bring our customers and
shareholders. So each day we work to improve the health of our members
and their communities. And, we can make a real difference since we have
nearly 36 million people in our affiliated health plans, and nearly 68
million people served through our subsidiaries. As an independent
licensee of the Blue Cross and Blue Shield Association, WellPoint serves
members as the Blue Cross licensee for California; and as the Blue Cross
and Blue Shield licensee for Colorado, Connecticut, Georgia, Indiana,
Kentucky, Maine, Missouri (excluding 30 counties in the Kansas City
area), Nevada, New Hampshire, New York (as the Blue Cross Blue Shield
licensee in 10 New York City metropolitan and surrounding counties and
as the Blue Cross or Blue Cross Blue Shield licensee in selected upstate
counties only), Ohio, Virginia (excluding the Northern Virginia suburbs
of Washington, D.C.), and Wisconsin. In a majority of these service
areas, WellPoint’s plans do business as Anthem Blue Cross, Anthem Blue
Cross and Blue Shield, Blue Cross and Blue Shield of Georgia and Empire
Blue Cross Blue Shield, or Empire Blue Cross (in the New York service
areas). We also serve customers in several additional states through our
Amerigroup subsidiary and in certain markets through our CareMore
subsidiary. Our 1-800 CONTACTS, Inc. subsidiary offers customers online
sales of contact lenses, eyeglasses and other ocular products.
Additional information about WellPoint is available at www.wellpoint.com.
About HITRUST
The Health Information Trust Alliance (HITRUST) was born out of the
belief that information security should be a core pillar of, rather than
an obstacle to, the broad adoption of health information systems and
exchanges. HITRUST, in collaboration with healthcare, business,
technology and information security leaders, has established the Common
Security Framework (CSF), a certifiable framework that can be used by
any and all organizations that create, access, store or exchange
personal health and financial information. Beyond the establishment of
the CSF, HITRUST is also driving the adoption of and widespread
confidence in the framework and sound risk management practices through
awareness, education, advocacy and other outreach activities. For more
information, visit HITRUSTalliance.net.

Source: WellPoint, Inc.
Media Contact: WellPoint, Inc. Gene
Rodriguez, 317-488-6168 geraldine.rodriguez@wellpoint.com
|