Hybrid cloud solutions and compliant cloud hosting services provider, Otava, has earned ‘Certified Status’ for information security by HITRUST. The certification covers Otava’s private cloud servers and colocation service offerings, data protection services, five locations in Michigan and Indianapolis and its OTPortal platform.
“Security and compliance are the foundation of everything we do at Otava and we hold ourselves accountable to the highest standards,” said Brad Cheedle, CEO of Otava. “The HITRUST CSF is the gold standard that needs to be met, and Otava is pleased to be recognized for our commitment by achieving HITRUST CSF Certification.”
The HITRUST CSF Certified status would demonstrate that Otava’s solutions and self-service portal have met key regulations, industry-defined requirements and that the organization is appropriately managing risk.
This compliance achievement places Otava in an elite group of organizations worldwide that have earned this certification.
By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges – through a comprehensive and flexible framework of prescriptive and scalable security controls.
HITRUST CSF Certified Status
“HITRUST has been working with the industry to ensure the appropriate information protection requirements are met when sensitive information is accessed or stored in a cloud environment,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “By taking the steps necessary to obtain HITRUST CSF Certified status, Otava is distinguished as an organization that people can count on to keep their information safe.”
This latest certification is part of Otava’s long history of adhering to strict industry-specific regulations. Otava was one of the first hosting providers in the United States to receive certification as Health Insurance Portability and Accountability Act (HIPAA) compliant. HIPAA is a federal law that protects personal health information that all healthcare providers and their business associates must follow. Otava has also successfully passed compliance audits for PCI-DSS, ISO 27001, EU-US Privacy Shield and SOC 1, 2 and 3.