ConnXus raises the bar in Cyber Security with HITRUST

At ConnXus, we’re committed to delivering robust and secure software solutions. We continue to innovate and adapt privacy standards to protect your data and your business. On top of complying with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework set by the US Department of Commerce, and the European Union’s General Data Protection Regulation (GDPR) standards for personal data use, as well as satisfying the recently enacted provisions of the California Consumer Privacy Act (CCPA).

Over a year ago, we implemented SOC 2 Type II protocols. Organizations with SOC (System and Organizational Controls) meet rigorous standards designed to keep clients’ sensitive data secure and are audited by independent certified public accountants. The SOC 2 Type II framework is the most comprehensive type of SOC control, built on financial reporting and standardized operation for organizational and regulatory oversight, as well as vendor and risk management.

As a third-party vendor, our SOC 2 Type II protocols give confidence and peace of mind to our partners and clients. They allow us to better serve our stakeholders with consistent, documented standards. Performance and reliability is an essential part of our products. Our in-house technology and security teams creates processes and systems that ensure your information is protected up to the standard of the latest industry best-practices.

With the rise in the number of breaches and information, security-related concerns are on the rise. We have decided in response, to implement another layer of security leveraging HITRUST protocols. HITRUST has created the myCSF framework which can be used by all organizations that create, access, store, or exchange sensitive information. The HITRUST myCSF framework was developed as a way for organizations to assess their compliance with a variety of information security regulations that may be included within a HITRUST.

We are now integrating HITRUST controls within our SOC2 framework for our global supply chain landscape. Fortune 500 companies have with alarming frequency had sensitive information leaked because hackers have targeted their vendors and business partners, organizations that might not be as secure as their corporate buyers. Every supplier and business partner becomes an added risk.

Who are you allowing to manage your spend reporting and data? Are you confident their platform is secure and compliant?

Ask yourself this: Are they compliant with SOC 2, GDPR, CCPA, HITRUST or Privacy Shield? Do they bring in third-party agencies to audit their security protocols to support a robust independent security program?

If you can’t answer these questions, please call ConnXus.



Daryl Hammett CSMP, CSP, C3PRMP


0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *