Security

Stringent protection of our healthcare clients’ sensitive information is a central tenet of Advent’s business philosophy

As a company built on the medical records review process, Advent Health Partners adheres to stringent regulations, standards, and frameworks to deliver a technology platform that meets the highest requirements for information protection of our clients’ sensitive data.

HITRUST CSF Certification

Our HITRUST CSF Certified status demonstrates that Advent’s CAVO® enterprise medical records platform, active directory, and SFTP service have met key regulatory requirements and industry-defined requirements and is appropriately managing risk.

HITRUST CSF Certified

SOC 2, Type II Examination

Advent has successfully completed a SOC 2, Type II examination. This report tests the effectiveness of the internal controls over our systems relevant to the AICPA’s Trust Service Principles: security, availability, processing integrity, confidentiality, and privacy.

SOC 2 Examination

“Achieving the HITRUST CSF certification signifies CAVO®’s alignment with healthcare’s highest industry standard for information protection—and simultaneously creates efficiencies during our clients’ vendor risk assessment processes. The result is our ability to now deliver the expedited CAVO® implementation timelines our clients are requesting, despite an exponentially increasing product demand.”

Chief Executive Officer, Advent

Our Organization & Systems

  • HIPAA compliant environment: CAVO is built with AWS and IBM as partners to deliver a secure platform capable of scaling to your enterprise needs.

  • Encrypted data: All data at rest and in transit is encrypted.

  • Session management: CAVO utilizes a JSON Web Token to prove proper user authentication.

CAVO PAYER
CAVO PROVIDER

More about CAVO’s HITRUST CSF Certification

By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.