HITRUST Risk-based, 2-year (r2) Validated Assessment certification underscores Luma’s commitment to information security as it works with 650+ healthcare organizations nationwide to improve their patient success outcomes
Luma Health, creators of the world’s first Patient Success Platform™, which offers providers a streamlined process for patients to navigate their healthcare journey, announced that its platform and other key implemented systems have earned HITRUST Risk-based, 2-Year (r2) Validated Assessment certification.
The certification validates Luma’s compliance with the highest industry standards for data security in the healthcare sector, which means healthcare organizations can confidently act on patients’ healthcare journeys using the Luma platform.
“Luma aims to make patients more successful throughout the healthcare continuum, and the secure use of their sensitive health information is critical to that mission,” said Nick Lees, Luma’s information security and compliance director. “Attaining this HITRUST certification demonstrates Luma’s commitment to data security and integrity.”
The HITRUST r2 certification assessment includes a comprehensive evaluation of an organization’s security posture and control environment against HITRUST’s policy, process, implementation, measured, and managed maturity levels.
Lees notes that compliance is especially important in the healthcare sector, due to the sensitive nature of patient and provider data. Luma has been tracking an uptick in healthcare provider clients requesting data security standards and compliance initiatives as a condition of doing business.
The assessment was directed by 360 Advanced Inc., a cybersecurity and compliance firm with extensive experience as Authorized HITRUST External Assessors to perform the demanding third-party examination.
“Information security has become one of the most pressing priorities in today’s healthcare landscape,” added Lees. “Luma’s customers are some of the top healthcare organizations in the United States and the world, and they expect technology partners like Luma to meet the highest standards of information security and standards compliance.”
In addition to HITRUST Common Security Framework certification, Luma Health is also SOC 2 Type 2 attested. The company’s information security and compliance function comprises a dedicated in-house team and a fully documented set of policies, procedures and controls that are independently audited no less than annually by a third party to ensure they are operating effectively.