Security 2019-04-11T09:41:01-06:00

Security

Stringent protection of our healthcare clients’ sensitive information is a central tenet of Advent’s business philosophy

As a company built on the medical records review process, Advent Health Partners adheres to stringent regulations, standards, and frameworks to deliver a technology platform that meets the highest requirements for information protection of our clients’ sensitive data.

HITRUST CSF Certification

Our HITRUST CSF Certified status demonstrates that Advent’s CAVO enterprise medical records platform, active directory, and SFTP service have met key regulatory requirements and industry-defined requirements and is appropriately managing risk.

HITRUST CSF Certified

SOC 2, Type II Examination

Advent has successfully completed a SOC 2, Type II examination. This report tests the effectiveness of the internal controls over our systems relevant to the AICPA’s Trust Service Principles: security, availability, processing integrity, confidentiality, and privacy.

SOC 2 Examination

“Achieving the HITRUST CSF certification signifies CAVO®’s alignment with healthcare’s highest industry standard for information protection—and simultaneously creates efficiencies during our clients’ vendor risk assessment processes. The result is our ability to now deliver the expedited CAVO® implementation timelines our clients are requesting, despite an exponentially increasing product demand.”

Chief Executive Officer, Advent

Our Organization & Systems

  • HIPAA compliant environment: CAVO is built with AWS and IBM as partners to deliver a secure platform capable of scaling to your enterprise needs.

  • Encrypted data: All data at rest and in transit is encrypted.

  • Session management: CAVO utilizes a JSON Web Token to prove proper user authentication.

CAVO PAYER
CAVO PROVIDER

More about CAVO’s HITRUST CSF Certification

By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.