Newsroom Background

Waystar achieves HITRUST CSF® Certification to manage risk, improve security posture and meet compliance requirements

HITRUST CSF Certification validates Waystar’s commitment to meeting key regulations and protecting sensitive information.

CHICAGOApril 8, 2021Waystar, a leading provider of healthcare payments software, today announced that the Waystar platform has earned HITRUST CSF Certified status. The platform is hosted at the Flexential colocation facility in Louisville, KY. With this certification, Waystar continues to demonstrate its commitment to providing clients with the strongest and most trusted security measures possible. When clients know data security is taken care of, they can focus their resources and energy on their patients and communities.

HITRUST certification, which combines best-in-class standards from HIPAA, NIST, COBIT and many others, as well as key regulations, further validates Waystar’s commitment to providing clients with easy to use, reliable and secure technology while protecting sensitive information.

“Protecting the privacy and security of patient data is at the heart of everything we do at Waystar. The HITRUST certification is the gold standard for information security and provides an added level of confidence to our clients who rely on Waystar to keep sensitive information safe and secure,” said Chris Schremser, Chief Technology Officer of Waystar. “The HITRUST certification process really cemented Waystar’s culture of continuous security improvement.”

More about HITRUST Certification:

HITRUST CSF Certified status demonstrates that an organization has met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places Waystar in an elite group of organizations worldwide that have earned this certification.

By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

HITRUST requires that providers maintain internal policies, procedures, processes and controls—which are then audited by Authorized HITRUST External Assessor organizations, such as Coalfire—to ensure the security of their clients’ data.

“Waystar has partnered with Coalfire to undergo an independent HITRUST Validated Assessment. Waystar’s efforts to demonstrate operational maturity against the HITRUST CSF provides a high degree of confidence and assurance to Waystar’s customers that Waystar has established controls which are suitably designed and operating effectively. At Coalfire, we believe that any organization who can meet the cybersecurity maturity requirements established by HITRUST has shown a clear dedication to their cybersecurity posture. Especially in healthcare, we commend those companies, like Waystar, that demonstrate an ongoing commitment to operating effective security programs that generate value for their customers and the patients who entrust them with sensitive data,” says Jason Kor, Senior Manager, Healthcare Assurance, Coalfire.

As part of its ongoing efforts to protect clients’ sensitive health information, Waystar has also completed its Service Organization Control 2 Type II examination and achieved Payment Card Industry Data Security Standard compliance.

For more information about Waystar’s security and privacy programs, please visit www.waystar.com.

About Waystar:
Waystar provides next-generation, cloud-based technology that simplifies and unifies healthcare payments. The Waystar platform removes friction in payment processes, streamlines workflows and improves financials for providers in every care setting. Waystar products have won Best in KLAS® or Category Leader every year since 2010 and earned multiple #1 rankings from Black Book™ surveys since 2012. The Waystar platform supports more than 500,000 providers, 1,000 health systems and hospitals, and 5,000 payers and health plans. Waystar is backed by EQT, Canada Pension Plan Investment Board and Bain Capital. For more information, visit waystar.com or follow @Waystar on Twitter.

Contact: waystar@missionnorth.com