TMCnet - World's Largest Communications and Technology Community



Hixny Achieves First HITRUST CSF Certification Among HIEs In New York State
[November 27, 2018]

Hixny Achieves First HITRUST CSF Certification Among HIEs In New York State

ALBANY, N.Y., Nov. 27, 2018 /PRNewswire/ -- Hixny announced today that it is the first health information exchange (HIE) in New York State to successfully meet the requirements of HITRUST CSF® certification on Version 9.1 for patient information security. The framework for HITRUST certification is continuously improved upon and updated, making it the most comprehensive security framework in the U.S. healthcare industry.

Hixny is one of the state's qualified entities (QE) connected by the Statewide Health Information Network for New York (SHIN-NY)—a "network of networks" that allows the electronic exchange of clinical information and connects healthcare statewide–overseen by the New York State Department of Health. Last year, the SHIN-NY required all QEs in its network to become HITRUST certified by the end of 2018 as part of its 2020 Roadmap. The plan supports SHIN-NY's goal of utilizing health information exchange to transform the healthcare landscape.  

"We are pleased to be the first HIE in the state to achieve HITRUST certification and proud to join the elite and growing class of HIEs across the country who have successfully obtained HITRUST certification," said Mark McKinney, CEO, Hixny. "We've always taken the privacy and security of our data very seriously and pride ourselves on being ahead of the crowd—and achieving HITRUST was no exception." 

Hixny invested 11 months to meet the high standards as quickly as possible. In addition to demonstrating compliance across 19 individual security domains and more than 600 different controls, Version 9.1 of the framework also includes controls that address cybersecurity laws specific to NYS. It validates that Hixny meets the highest established security standards, including those set by HIPAA and the Centers for Medicare and Medicaid Services (CS). As noted in HITRUST's report to Hixny, certification is effective as of the submission date—August 28, 2018.

Hixny engaged the third-party firm, Tevora, a specialized management consultancy focused on cybersecurity, risk and compliance services to provide an independent audit, which led to Hixny's HITRUST certification.

"Achieving HITRUST is a significant accomplishment," says John Huckeby, managing director of healthcare for Tevora. "It demonstrates the highest levels of security and Hixny's commitment to safeguarding sensitive patient information. It was a privilege to work with such a passionate group of people all working toward the goal of protecting patient privacy."

Hixny recently announced an expansion to nine counties in Hudson Valley and the Southern Tier of the state, committing substantial funding to meeting physician demand for more reliable and secure patient information.

"In today's world of cyberattacks and ransomware these measures are crucial and bring a whole new level of preparedness to protect the patients and providers relying on Hixny," continued McKinney. "Having accomplished this significant milestone re-emphasizes our commitment to security and delivers assurances to the providers already using Hixny and those considering connecting to us."  

About Hixny:
Hixny is committed to achieving continuity of care in the 28 counties it covers north and west of the Capital District and south of the Hudson Valley by aligning healthcare providers, patients, and their families to securely exchange health information in real-time–resulting in timely, secure and improved quality of healthcare for the territories it serves. Hixny empowers modern healthcare by improving the way in which the healthcare community and patients access, analyze and collaboratively act upon patient-specific information. The not-for-profit is based in Albany, NY. To learn more visit 

Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.

HITRUST actively participates in many efforts in government advocacy, community building, and cybersecurity education. For more information, visit

Media Contact
Glenn Silver
Lazar Partners Ltd.

Cision View original content:


[ Back To's Homepage ]

Technology Marketing Corporation

35 Nutmeg Drive Suite 340, Trumbull, Connecticut 06611 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments:
Comments about this site:


© 2018 Technology Marketing Corporation. All rights reserved | Privacy Policy