Skip to main content

ZeOmega First in U.S. to Achieve “Security & Interoperability Trifecta”

 ZeOmega is the first and only population health management (PHM) organization to have successfully passed all three comprehensive data security and interoperability testing programs, known as the “Security and Interoperability Trifecta.” By passing all three testing programs, ZeOmega and its interoperability platform, platform, HealthUnity, are certified as meeting and exceeding the highest industry-defined requirements for data exchange and information security.

“In an industry full of companies making all kinds of compliance and performance claims, these certifications provide clear and objective third-party testaments to our unmatched accuracy, security, scalability and performance,” said Shaun Newton, Chief Compliance and Security Officer, ZeOmega. “ZeOmega consistently exceeds industry and government standards for data security and integrity, giving all of our customers and partners the confidence that their data is safe and accurate, and their operations will stand up to the most stringent audit or review. I am extremely proud of our team for achieving this milestone.”

The three data security and interoperability certifications ZeOmega has uniquely attained are:

  • HITRUST’s Common Security Framework (CSF) certified status for information security for Jiva Platform, Jiva Private Cloud, and Information Systems Infrastructure
  • Drummond Group’s Payer and Patient Access Fast Healthcare Interoperability Resource (FHIR). Application Programming Interface (API) certification.
  • EHNAC’s Comprehensive Trusted Dynamic Registration & Authentication Accreditation Program (TDRAAP) accreditation. TDRAAP combines the technical framework using Unified Data Access Profiles (UDAP) in a FHIR ecosystem with interoperability related Privacy and Security requirements.

HITRUST, Drummond Group, and EHNAC represent the pinnacle of testing programs for healthcare data security and interoperability in the United States, certifying the highest standards of information safely and security. The security of health care data and systems is especially critical today, as the risk of ransomware and other cyber-attacks continues to grow. Safe data exchange is also key to accomplishing critical goals related to regulatory compliance, mitigating risk, and achieving optimal performance in value-based care.

“If a software vendor does not achieve these data security and interoperability certifications, there are no guardrails protecting the privacy of the healthcare information they are sharing or the data’s ability to flow quickly and accurately to the appropriate medical teams,” continues Newton.

ZeOmega earned HITRUST CSF certification in December of 2020, with a score of 100% . HITRUST CSF includes federal and state regulations, standards, and frameworks, and incorporates a risk-based approach, to help organizations identify and address challenges through a comprehensive and flexible framework of prescriptive and scalable security controls. Beyond security and peace of mind, HITRUST CSF certification assures ZeOmega’s clients that the company’s best practices are aligned with their own.

In January of 2021, ZeOmega earned TDRAAP Comprehensive accreditation status from EHNAC, which combines extensive privacy and security requirements, and in-depth validation of traditional EHNAC accreditation programs, with UDAP technical framework certification, including full HIPAA/HITECH Privacy Security compliance.

“Over the last year and a half, our industry has been humbled with reminders of the importance of prioritizing a focus on security, accountability, confidentiality and efficiency when electronically exchanging healthcare data,” said Lee Barrett, Executive Director and CEO of EHNAC. “We applaud ZeOmega for achieving these important voluntary goals which not only exemplify the standard of excellence when it comes to health IT security and related interoperability, but more importantly, provide a high-level of assurance to all its stakeholders. We encourage healthcare IT organizations of all sizes to follow the lead in prioritizing these initiatives.”

This past August, ZeOmega and its HealthUnity platform completed the third branch of the “Security and Interoperability Trifecta” by earning Drummond Group certification.

“As the first product to complete Drummond’s Payer and Patient Access FHIR Certification Program, ZeOmega’s HealthUnity interoperability platform has demonstrated full compliancy with the HL7 U.S. Drug Formulary FHIR Implementation Guide,” said Brian Gibb, Drummond’s CEO and president. “Drummond commends ZeOmega for its successful certification and initiatives focused on driving interoperability in payers’ real-world settings. This greatly benefits payers by offering certified software they can trust to help them meet FHIR-related interoperability standards mandated by CMS.”