Health Information Trust Alliance Designates WellPoint Common Security Framework Certified Status

Health Information Trust Alliance Designates WellPoint Common Security Framework Certified Status

Largest Health Benefits Company to Achieve HITRUST CSF Certification Under 2013 Assurance Criteria

INDIANAPOLIS--(BUSINESS WIRE)-- WellPoint, Inc. (NYS: WLP) announces it has achieved Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). Certification was obtained through the HITRUST CSF Assurance Program, the most widely-used information security framework used by United States health care organizations. WellPoint is the largest health benefits company to achieve HITRUST CSF Certified status under 2013 assurance criteria.

The CSF Certified status under new 2013 assurance criteria assures WellPoint's members, clients, and business partners that the company is meeting the highest standards within the health care industry for managing security risks and protecting health information. CSF assurance criteria is reviewed annually and modified based on changing regulations and loss data analysis.

"Given the multitude and complexity of state and federal regulations with which we need to comply, the HITRUST CSF Assurance Program allowed us to proactively obtain a level of assurance that we are appropriately managing information risk and protecting health information while demonstrating compliance internally and with third parties," said Roy Mellinger, WellPoint chief information security officer. "WellPoint is committed to protecting customer data and demonstrating how we are a trustworthy business partner."

With continuously evolving security regulations in the health care industry, organizations are facing greater scrutiny and increased challenges in managing and monitoring their security and privacy practices when creating, accessing, storing or exchanging protected health and financial information. HITRUST CSF certification helps companies reduce this burden by affirming adherence to an industry-developed and industry-supported security framework integrated with state and federal regulations, business requirements and industry standards.

"WellPoint has been a vocal proponent of streamlining and enhancing regulatory compliance and information protection internally, across the industry and with their business partners," said Daniel Nutkis, HITRUST chief executive officer. "Obtaining CSF Certified status is confirmation of their commitment."

WellPoint will leverage the CSF Assurance Program in its own business associate compliance program and require the submission of CSF assessment reports from its business associates. Achieving HITRUST CSF Certified status and the continued reporting process validates WellPoint's commitment to protecting data.

About WellPoint, Inc.

At WellPoint, we believe there is an important connection between our members' health and well-being—and the value we bring our customers and shareholders. So each day we work to improve the health of our members and their communities. And, we can make a real difference since we have nearly 36 million people in our affiliated health plans, and nearly 68 million people served through our subsidiaries. As an independent licensee of the Blue Cross and Blue Shield Association, WellPoint serves members as the Blue Cross licensee for California; and as the Blue Cross and Blue Shield licensee for Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri (excluding 30 counties in the Kansas City area), Nevada, New Hampshire, New York (as the Blue Cross Blue Shield licensee in 10 New York City metropolitan and surrounding counties and as the Blue Cross or Blue Cross Blue Shield licensee in selected upstate counties only), Ohio, Virginia (excluding the Northern Virginia suburbs of Washington, D.C.), and Wisconsin. In a majority of these service areas, WellPoint's plans do business as Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia and Empire Blue Cross Blue Shield, or Empire Blue Cross (in the New York service areas). We also serve customers in several additional states through our Amerigroup subsidiary and in certain markets through our CareMore subsidiary. Our 1-800 CONTACTS, Inc. subsidiary offers customers online sales of contact lenses, eyeglasses and other ocular products. Additional information about WellPoint is available at


The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit

Media Contact:
WellPoint, Inc.
Gene Rodriguez, 317-488-6168

KEYWORDS: United States North America Indiana


The article Health Information Trust Alliance Designates WellPoint Common Security Framework Certified Status originally appeared on

Try any of our Foolish newsletter services free for 30 days. We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.

Copyright © 1995 - 2013 The Motley Fool, LLC. All rights reserved. The Motley Fool has a disclosure policy.