Close up of laptop with group of people working in the background
Protecting Data, Documents, and the Customer Experience 1024 404 Team DataMotion

Protecting Data, Documents, and the Customer Experience

Your enterprise likely has data security tools in place. But are they easy to use? Or flexible? And do they securely communicate with your customer and partner systems?

It is a universal truth: security that is complicated won’t be used. Complicated workflows frustrate your customers and increase the odds that your internal staff will bypass security entirely, leaving your enterprise vulnerable. For many organizations, regulatory compliance supersedes all else, with flexibility and user experience often lower on the priority list—falling into the “nice to have” category. But there is no need to choose one over the other.

DataMotion’s secure message center allows you to have the security and compliance you need while providing a superior customer experience.

Our secure message center offers an experience as frictionless as it is secure. But don’t take our word for it. In today’s blog entry, we’re sharing resources that include the basics around the secure message center and several DataMotion customer success stories. You’ll read about how these enterprises streamlined workflows and processes, improving the customer experience while maintaining a high level of data security and compliance—and how your business can accomplish this too.

Security, Efficiency, and Compliance: The Basics

In this short video, Christian Grunkemeyer shares an overview of DataMotion’s secure message center, including what it is, how it works, who uses it, and why your enterprise should consider our secure email, messaging, and file exchange solutions.

Health Insurance, Wealth Management, and Consumer Finance Walk into a Secure Exchange Company…

Our latest eBook features three real-life case studies where organizations streamlined their workflows, connected disparate departments and systems, reduced inquiry resolution time, and improved customer experience. This was accomplished after implementing DataMotion’s secure messaging solution. Your business can do all this and more while maintaining regulatory compliance and strong data security – download the eBook today.

Fill out the form below to download your free eBook:

Meet the Secure Message Center

Sensitive human resources data and documents. Account numbers. Onboarding information.  Confidential investment outlooks. Research. Proprietary designs. Client and policyholder communications. No matter your organization type or regulation status, there is information that is exchanged daily that should be protected. In the four-part “Meet the Secure Message Center” series, Christian Grunkemeyer offers a full look at the secure message center, going over the basics, several real-life customer case studies, a number of everyday use cases, and finally, covering some FAQs.

Why DataMotion?

As mentioned earlier in this post, your enterprise probably already has some data security tools in place. These may even include a secure exchange solution, similar to a secure message center. What makes DataMotion’s secure message center different? In addition to our military-grade encryption and a zero-trust secure platform, factors such as simplicity and flexibility set our solutions apart. Easily integrated into existing internal and customer-facing workflows, DataMotion’s secure message center allows users to work in their natural environment. Its flexibility enables your enterprise to scale workflows as needed, from pilot to mission critical, and everything in between.

Ready to get started on modernizing your enterprise’s secure workflows and client experience? Contact our team of security experts to set up an introductory call and demo today.

Two businesswomen. Businesswoman on left is using a stylus to write on a tablet. Businesswoman on right typing on laptop
The DataMotion Hot List for April and May 1024 404 Team DataMotion

The DataMotion Hot List for April and May

Welcome to the latest DataMotion Hot List!

Can you believe that we’re already in June? While summer may be just weeks away, here at the DataMotion Blog we’re bringing the heat with some hot topics! In April and May, we published several entries (including one interview) from Team DataMotion members who attended the HIMSS22 conference in Orlando. In each blog entry our team touched on their experience at HIMSS, highlighting topics and themes that resonated with them. We also finished the Meet the Secure Message Center series, where Christian Grunkemeyer shared a few use cases for organizations in non-regulated industries, then wrapped up the series by addressing a few commonly asked questions.

Today’s posts offer unique insight and perspective on a number of topics, and we think you’ll find them to be interesting and valuable reads. Without further ado, let’s dive into what you may have missed in April and May.

What You Should Have Been Reading

Baby’s First HIMSS: Connecting Providers, Payors, and Health IT “We…can talk about how we transmit data, the data that’s being transmitted, and the [data] format. But in the end, it’s all about patient care. If we make technology changes and it doesn’t affect how we care for our patients and members, then it’s not worth changing.” Christian Grunkemeyer touches on key points and takeaways from the HIMSS22 conference, sharing thoughts on empowering the healthcare workforce and why the “future” of healthcare is not as far away as we might think.

Subscribe to the DataMotion Newsletter for Tips, Tricks, and Best Practices Delivered to Your Inbox Once a Month

Reimagining Healthcare Interoperability and Secure Information Exchange “Tremendous strides have been made in healthcare interoperability…that said, this year’s HIMSS conference gave us an opportunity to review the interoperability landscape as it exists today, and more importantly, asked our generation to ‘reimagine’ the future of healthcare.” In this entry to the DataMotion Blog, Doug Rubino reflects on his takeaways from HIMSS22, offering thoughts on the current state of healthcare interoperability and how far it has come, and his take on reimagining healthcare.

Healthcare IT: Challenges and Opportunities in Secure Exchange “There are new technologies that provide endpoints to retrieve data from existing platforms. However…[they] need to be weighed and vetted. It is critical that the content is protected at every step. From a vision perspective, these elements are the cornerstone of our secure exchange solutions.” In this interview, Andrew McKenna shares his overall HIMSS experience, including discussions around challenges and pain points in secure data exchange, and what he sees for the future of healthcare IT.

Protecting Sensitive Information on the Daily: Meet DataMotion’s Secure Message CenterCutting down on paperwork. Keeping projects under wraps. Protecting privacy for vulnerable populations… secure digital exchange [as] part of your daily routine just makes sense, whether or not your organization is bound by compliance.” In the third installment of the Meet the Secure Message Center series, Christian Grunkemeyer discusses a list of reasons why organizations in the non-regulated space can benefit from DataMotion’s secure message center. 

Balancing Security, Compliance, and Usability: Your Secure Message Center FAQs “Here is how I look at it. What if you were to accidentally leave the paper version of something when packing up your laptop bag at, say, a coffee shop or an airport? You would panic when you realized it went missing. If so, you need simple, secure exchange for that type of document and others like it.” In this final installment, Christian Grunkemeyer wraps up the Meet the Secure Message Center series with a brief series overview and answering some commonly asked questions.

Don’t Miss Out

Subscribe to the DataMotion Newsletter for industry thought leadership, perspectives, insights, and much more, delivered to your inbox once per month. (And don’t forget to follow us on LinkedIn and Twitter.)

That is all for now. Thank you for a wonderful April and May in the DataMotion Blog and we look forward to seeing you in June!

Doctor using tablet and abstract graphics UI, modern medical healthcare IT, interoperability, and technology concept
Healthcare IT: Challenges and Opportunities in Secure Exchange 1024 404 Team DataMotion

Healthcare IT: Challenges and Opportunities in Secure Exchange

DataMotion Director of Product Andrew McKenna sat down with Content Manager Andrea Meyer and Digital Marketing Specialist Sarah Parks to chat about his experience at the recent HIMSS22 conference, which took place in Orlando, Florida. As a newer addition to Team DataMotion and a first-time HIMSS attendee, Andrew offered unique perspective, sharing highlights of conversations with fellow attendees, observations on the current state of the healthcare IT landscape, and thoughts on where he sees the future of digital exchange within healthcare.

DataMotion: Andrew, thanks for speaking with us today. Before diving into HIMSS, your learnings, and discussions around secure exchange, we’d like to learn about you. Tell us a bit about your role and background.

Andrew McKenna: I have a degree in Computer Science from Mount St. Mary’s University, and recently joined DataMotion as our Director of Product. My role links our engineering, operations, customer success, and sales teams together. I am responsible for the full spectrum of product management, from product strategy to road mapping, culminating in the delivery of products to the market. I love this role because I have the opportunity to see use cases in action, how stakeholders leverage our products, and how we can improve. It’s exciting to discuss and plan the future use cases of our products!

Prior to joining DataMotion, I spent most of my career in product and engineering roles in financial services. I also spent time in the supply chain software space. Throughout my career, I have linked disparate systems to create frictionless digital workflows, allowing data to quickly travel from point A to point B for efficient processing. These workflows helped level silos that were created during previous paradigms of technical revolution. My approach has historically been doing all of the above while striving for end user delight, whether it be a factory user in a supply chain, a financial advisor, or a banking operations user.

DM: This was your first time attending the HIMSS conference. As a first-time attendee, what was the experience like?

AM: As I roamed the Orlando Convention center floor, the first thought I had was wow, this is HUGE. I thought I had been to large conferences before, but the size of the exhibitors’ hall was truly overwhelming. HIMSS was my first conference since the COVID-19 pandemic, and my first healthcare conference ever. I was ready to learn about old and new problems the healthcare industry is facing. Because these problems are new to me (from a healthcare perspective) I was excited at the prospect of thinking through innovative solutions to very different and difficult use cases.

While walking the floor, I met with API and call center companies, EMR (Electronic Medical Records) and EHR (Electronic Health Records) vendors, system integrators, emerging technology providers, healthcare payors and providers, and many others. It was great to finally connect in-person with current and potential partners! I was fortunate to walk the halls with our CEO, Bob Janacek. In doing so, I met quite a few industry leaders who are familiar with DataMotion’s history and vision. While speaking with these folks and hearing their stories, I had an opportunity to discuss potential workflows and use cases for our products. Despite the different industry verticals and varying pain points, we were all there with the goal to improve healthcare technology and the flow of information. This commonality made for a wonderful introduction to the needs across other technology companies and the industry as a whole!

DM: You recently joined Team DataMotion, so for context, you attended a new event, in a new role, exploring a new industry. Tell us how DataMotion’s products, services, and mission shaped your perspective going in.

AM: To level set my learnings, it is important to first define who we are at DataMotion. In short, DataMotion is a secure communications platform. At its core, our platform consists of a governed, trust no one, trust nothing database. Let’s focus on security for a moment–the security level of our platform means that every single communication that is transmitted via DataMotion is transmitted securely and compliantly. In fact, our platform is so highly secure that even DataMotion’s admins cannot see any transmitted data!

The other key of our platform is how we deliver to our customers. We provide well-designed RESTful APIs and other flexible connectors that customers can stitch into their systems. This enables seamless integrations for secure data transmission, including transmissions between disparate systems. The final key to highlight is the fact that we have applications and key integrations available. As a Communication Platform as a Service (CPaaS) organization, we meet our customers where we are needed in the method that is required to provide a simple, right-sized solution for secure transmission of content. We have a long history that has brought us to where we are today. This history has shaped our vision for the future, and I am excited to be a driver of that vision.

DM: Can you tell us a little bit about DataMotion’s contributions to secure exchange in the healthcare ecosystem?

AM: As a technology company that began in the regulated space, healthcare is a natural extension for us. We enable the secure, compliant communication that protects our customers and their patients’ health information. Since 2012, DataMotion has been a member of DirectTrust™, providing a safe, secure, and compliant way to transmit health records between providers, allowing the fast, efficient connection of patient information to the correct part of the healthcare ecosystem.

Payors, providers, patients, and others in the healthcare ecosystem need to be securely linked, with content flowing across verticals. DataMotion is an active player in this area—serving as the nation’s catcher’s mitt for COVID-19 test reporting to the government is one example. Another example is how we have enabled secure communications for a state agency that facilitates ambulatory care for patients. DataMotion also provides solutions for health insurance companies that simplify secure communications processes for both customer service agents and policyholders alike.

DM: This was an enormous event, with attendees from just about every aspect of the healthcare ecosystem, each with their own unique challenges and goals. You had a lot of one-to-one discussions—tell us about your conversations in general and any recurring themes.

AM: Many of the conversations centered on secure data transmission being critical in the world of healthcare. I discussed different solutions with representatives from call center organizations, whose focus is on the industry of home health app providers. If Direct is not available, fax and other early-form CPaaS services still seem to rule for many. As such, most of the folks I spoke to did not have a solution for transmitting content securely and compliantly outside of the specific customer’s four walls. Yes, they can collect the pertinent data and they can send the data within their network. But actually crossing into another provider’s ecosystem seems to be an afterthought.

DM: Based on these conversations, what are your thoughts on the current state of healthcare IT?

AM: I found myself speaking within my comfort zone for much of the show, coming across software providers and integrators that are well known in the financial services vertical. Our conversations led back to the challenges facing healthcare IT.

Today, there are regional applications that handle local to local transfer of pertinent data. But not all regional applications play well with others. For example, some don’t accept specific transmissions, causing failover to manual processes. This brought back memories of transferring my children from one primary pediatrician to another. We had requested electronic records transmission; it was sent. The new pediatrician received the records; however, their EHR could not translate the attachment. Therefore, the records were faxed before our first appointment and we brought a printed record.

Let that sink in: in 2022, because the systems didn’t get along, a nurse at the new office had to manually enter the entire medical history of our children – from a fax!

This problem statement resonates across industries. Like financial services, healthcare is an area where protection of content would be an issue if a solution like DataMotion was not present. These organizations require a service like ours. Without DataMotion, our customers have to build their workflows in addition to building secure messaging protocols. The reality is that DataMotion does the heavy lifting of providing a secure, governed, compliant solution that can be inserted where required.

DM: You mentioned having discussions with representatives from other API companies during the conference. What are some of the larger themes that emerged from those conversations?

AM: Many API companies talked about potential synergies with DataMotion and how, together, we can connect the entire world of payers, providers and patients efficiently and securely. Sure, there are a variety of APIs available for a whole world of needs. But how can you be sure those APIs are secure and will fit in an organization’s workflow? These elements of secure connection and of trust were the commonly-mentioned gaps that came up across many of the conversations. One aspect of these discussions that resonated with our fellow API companies was DataMotion’s customer self-service portal (CSSP), which fills these gaps in the market.

DM: Tell us more about these companies and their approach, DataMotion’s solutions and customer self-service portal, and how it helps the market.

AM: The API companies I spoke with handle their areas of expertise well. But there is much more work to do concerning the secure transmission of data. When it comes to protecting personal health information (PHI) and remaining HIPPA compliant while data is transmitted (and while it is at rest), there seems to be a major gap in the market. There are many mature API companies that offer different options. When speaking with them, their default answer is, yes, our code is solid, go build your solution.

DM: Let’s follow up on this—could you chat for a moment about DataMotion’s approach and how we fill some of these market gaps?

AM: Yes! DataMotion provides mature APIs that developers use as a foundation for their development process. In addition to providing military-grade encryption, DataMotion allows customers to try before they buy by testing our APIs in a secure environment. With our portal, users can see our APIs in action as part of their secure exchange workflow. We offer complete modern data exchange, balancing secure, compliant communication with superior usability by leveraging our APIs, connectors, and prebuilt solutions.

DM: You also mentioned that you spoke with attendees representing call center IT departments. Tell us a bit about those conversations, and how DataMotion helps call centers expand their services?

AM: When talking to attendees from call center software companies, it was clear there is a tremendous need for the simple, frictionless, efficient, and secure transmission of content, while maintaining compliance and a high level of customer service.

DataMotion provides the ability for call center teams to expand their services to include the secure and compliant transmission of PHI and personally identifiable information (PII) as well as other sensitive data. And they can do this while maintaining their natural workflows. Secure and compliant communication is a cornerstone of their daily operations. Key to these conversations is that DataMotion can link them, through Direct Secure Messaging, to EHR applications.

DM: You mentioned that you talked to software providers who are attempting to digitize healthcare. What resounded with these folks, and what topics came up?

AM: Yes, these were some fascinating conversations. These organizations are working toward digitization of the healthcare ecosystem and they need to play well in the sandbox of modern systems. In some cases, legacy communications are used as an important failover for more modern methods. While this is a workable back-up, in many of these cases the end user is leaving their workflow or system to achieve what I like to call a break-glass procedure—in case of emergency, break glass and grab the fire hose. While this is functional, it is not optimal.

DataMotion’s secure content exchange solutions keep our clients and their customers in an ecosystem that is familiar to them while staying compliant. Because of this frictionless process, there is no need for users to create another username and password, or to enter a foreign portal. There are no extra steps to get content to the provider that needs health records, or the results of a home health application or device. And thanks to DataMotion’s APIs, there is no need to bring a device back to an office to securely and compliantly download data. Legacy CPaaS methods are still important, and will be for years to come. But how can they be delivered with simplicity in mind?  That is one of the goals of DataMotion’s vision and strategy.

DM: Let’s look into your crystal ball. Based on your conversations and the overall themes at HIMSS, what do you see is the future for healthcare IT?

AM: Absolutely! I would be remiss if I didn’t include future views and workflows that were prevalent in conversations at HIMSS. There are “new” protocols coming to light; many of these have been in existence for quite some time, but with limited adoption. There are also new use cases coming onto the scene, as there’s an enormous push to gather any and all information about a specific patient’s care.

In addition, there are new technologies that provide endpoints to retrieve data from existing platforms. However, there is a resounding hesitation that I need to acknowledge. These newer technologies need to be weighed and vetted. It is critical that the content (a.k.a. the payload) is protected at every step. From a vision perspective, these elements are the cornerstone of our secure exchange solutions.

DM: It sounds like your first HIMSS conference was an eye-opener for you, and you learned a lot about the industry landscape and its pain points. Would you like to share any closing thoughts?

AM: The American healthcare ecosystem is begging to be optimized and digitized. There is technology in place to protect the patients, providers, and the payers; however, the industry needs to take a step back to assess the want to digitize. When they take that step back, they will find that a core segment of solutions are available to them that facilitate the secure transfer of the most sensitive data in the world.

DM: Andrew, thanks for taking the time to sit with us and share your takeaways.

AM: It’s my pleasure—I’m already looking forward to next year’s conference!

We invite you to learn more about DataMotion, our healthcare-focused solutions, and how we can keep your organization’s data secure and compliant. Visit our website or contact our team of security experts for a quick demo.

Two men in business suits pulling a rope in opposite directions. Tug of war depiction.
Balancing Security, Compliance, and Usability: Your Secure Message Center FAQs 1024 404 Christian Grunkemeyer

Balancing Security, Compliance, and Usability: Your Secure Message Center FAQs

Did you know that in the event of a hack, your customers are more likely to blame your organization, rather than the hacker? It sounds outrageous, but it is true. If nothing else, this raises the stakes for ensuring that your organization is on top of security measures, and that those measures are used.

They are used…right?

Maybe. Or maybe not–especially if those measures are complicated and time-consuming, and get in the way of getting work done.

You can see where this is going.

Security, compliance and usability are three elements that often work against each other. Many organizations, particularly those in regulated industries, must adhere to stringent compliance requirements. But if security is complicated to use, it won’t be used, leaving an organization wide open for a breach, and an ensuing damage to customer trust. In addition to the PR, regulatory, and financial nightmares that follow a breach, odds are that a breach won’t inspire confidence among your existing and potential customers. To add insult to injury, according to a survey, 64% of respondents said they would blame a company for a breach over the hacker. Read that again.

Staying secure and compliant while delivering a smooth, friction-free internal workflow and customer experience is a difficult equation to balance. But there is a solution.

In the “Meet the Secure Message Center” series, I spoke to DataMotion’s secure message center, and how it has helped numerous organizations in their quest to balance security, compliance, efficiency, and usability. In part one, I explained what the secure message center is, and how it works. In part two, we discussed several real-life customer case studies where integrating the secure message center created smoother internal workflows and an improved customer experience. In part three, we shared potential use cases for organizations in both regulated and non-regulated industries. In today’s final installment, we’ll wrap up the series with a few commonly asked questions.

What is the secure message center?

In short, the DataMotion secure message center is a flexible, highly-secure communications solution. It allows your organization to easily, securely, and compliantly communicate with customers, vendors, and partners. Security is especially important when exchanging Personal Identifiable Information (PII) and other sensitive, confidential messages and documents. The secure message center can be integrated into your existing systems and workflows leveraging our APIs and connectors, implemented as part of an omnichannel approach, or as a stand-alone solution. Additionally, the secure message center is part of DataMotion’s governed, zero-trust core, providing top-notch security for your data.

How does the secure message center balance security, compliance, and usability?

The secure message center connects an organization’s back-end systems (including call centers, CRMs, case management, and email) to client-facing mobile and web apps and portals, enabling easy to use and secure communications. The actual workflow will depend on your existing processes, but as I outlined in the first series installment, the flow can be as easy as listed below:

  • Client logs in to the customer portal or mobile app
  • Client creates a message (potentially including sensitive information, such as account numbers)
  • After creating a message, your client attaches documents and hits send
  • Once the message and documents are sent, they are protected by military-grade encryption
  • The message and documents are securely accessed and responded to by an agent or employee from their internal system or business process

Once the steps are completed, both the client and authorized agents have access to this message and any previous exchanges within a secure repository. Additionally, all message activity is logged & tracked for compliance, which will delight your compliance officer and auditors.

I’m not in a regulated industry. Do I need the secure message center?

Fair question. But a better question is, “What would happen if this information was leaked outside my department or company?”

You might not be legally required to adhere to privacy regulations. That said, it is certainly a good idea to send and store confidential and sensitive communications, documents and data in the equivalent of a digital armored car and secure lockbox. This is especially true if the experience is easy and transparent for all involved. Regulations aside, there are many types of confidential communications, including proprietary design discussions and client information, that should be transmitted and stored securely. And let’s not forget communications to and from human resources, such as performance reviews, confidential surveys and forms, onboarding information (which can include bank routing numbers), etc.

Additionally, while the secure message center simplifies the secure communication experience for all users, DataMotion’s military-grade encryption protects your messages and documents while in transit and at rest. In other words, in the event of a breach, your information is not readable by the data thieves.

To sum up, here is how I look at it. What if you were to accidentally leave the paper version of something when packing up your laptop bag at, say, a coffee shop or an airport? You would panic when you realized it went missing. If so, you need simple, secure exchange for that type of document and others like it.

How will implementing the secure message center affect our existing IT infrastructure?

As a wise person once said, you do you.

The secure message center is highly flexible, and the integration process generally differs across organizations, with a range of APIs and connectors available to seamlessly stitch into the right place in your workflows. Implementation also depends on your current architecture and any other solutions you may wish to add. For instance, one of the customers I discussed in the second installment simplified their environment by consolidating the number of apps they needed to support after they implemented the secure message center. Other customers were able to integrate the secure message center into their workflows with no additional changes—save, of course, changes that resulted from a smoother, frictionless workflow and fewer steps for senders and recipients.

Do I need to re-train my staff?

Probably not. As we mentioned above, the secure message center is designed to seamlessly integrate into existing workflows, so it depends on your process. Your staff will likely need to learn about a new feature instead of a new system. However, if you’re implementing the solution to simplify your workflow, you’ll likely just need to cover the shorter, smoother process steps.

Really, the only thing your staff (and customers) will need to get trained on is what to do with all of the extra time they save from simple secure communications!

My organization is part of the healthcare ecosystem. Is the secure message center an option for us?

If an Electronic Medical Record (EMR) is involved in sending or receiving clinical data, we strongly recommend you learn more about Direct Secure Messaging for clinical exchange and interoperability. That said, however, health insurance companies can for sure benefit from the secure message center! In the second installment of this series, I spoke about a health insurance start-up whose process for sending secure communications involved a lot of steps for both agents and members and forced members to navigate an unfamiliar third-party portal (and likely, also forcing these customers to question all of their life decisions that led them to that portal.) Integrating the secure message center created an easier, shorter, and smoother experience for everyone involved, drastically reducing both frustration and the steps and time required to exchange information.

Key Takeaways

Implementing security into your organization’s digital exchange is more important than ever; doing so in a manner that is simple and efficient and allows your staff and customers to communicate in ways that are natural to them, is just as important. DataMotion’s secure message center offers a number of critically important functions and helpful benefits—let’s revisit our key takeaways from part one of this series:

  • Frictionless Customer Experience Enables easy-to-use and secure communications as part of your existing customer-facing portal and/or web and mobile applications. No need for customers to go to a third-party portal for secure message and document exchange.
  • Increased Efficiency Employees can access previous message exchanges and, without gathering physical documents or going through additional security steps, quickly and securely take action.
  • Versatile and Integrable The secure message center seamlessly integrates with, and securely connects, back-end systems, including email, contact centers, case management, etc.


  • Ironclad Security DataMotion uses a zero-trust, governed database and military-grade encryption, helping to keep data secure and your organization compliant.
  • Ease of Use The secure message center improves the security and usability of systems by enabling single sign on for customers, therefore eliminating additional passwords. It also integrates with your current workflow–there is no need to retrain staff.
  • Co-branded Portal A pre-built message center UI is available that can be customized with your organization’s logo, colors and branding.
  • Tracking Messages and documents are logged and tracked, with reporting available.

Still have questions, or are you ready to get started? Please reach out to me personally, or contact our team of security experts to learn more about the secure message center and how it can assist your organization with balancing security, compliance, and usability. We can also arrange to set up a quick demo. Additionally, I encourage you to follow DataMotion on LinkedIn and Twitter for security-related industry news, thought leadership, and more.

We’re looking forward to helping you get started!

Be Sure To Read the Other Parts of This Series:
Healthcare and technology, Doctor using digital tablet with icon medical network on hospital background to signify healthcare interoperability
Reimagining Healthcare Interoperability and Secure Information Exchange 1024 404 Doug Rubino

Reimagining Healthcare Interoperability and Secure Information Exchange

In November of 1963, Walt Disney flew over Orlando, at the time seeing only swamps and farmland. He imagined building a theme park where families could visit and spend time together.  His imagination of what could be ultimately became Walt Disney World, arguably the number one family fun theme park in the world!  Appropriately, the theme for this year’s HIMSS Conference in Orlando was “Reimagine Health.” Which is precisely what we do here at DataMotion.

Coming out of the pandemic and looking at the state of secure information exchange and the healthcare interoperability landscape in 2022, it is instructive for us to try to reimagine healthcare in the coming decade.  While some of the themes touched on during the conference are not necessarily new to the conversation, such as virtual health, population health management, and interoperability, the approaches and players are changing rapidly right before our very eyes.

Assessing the current landscape and re-imagining how, and maybe more importantly, where care is delivered, as well as the financing, the underlying technology, and the healthcare workforce behind that care, is the ask presented to our generation. And when it comes to innovating that underlying technology, DataMotion is front and center. We act as a strategic and collaborative partner, providing low-code solutions and expert insights so that organizations across the healthcare vertical can innovate within their own organizations, and better-re-imagine the “how” and “where.”

Reimagining Interoperability

The launch of the ONC EHR Health IT Certification Program in 2010, and the EHR Incentive Programs in 2011, established the initial foundation for the adoption and the ‘meaningful use’ of information technology in healthcare.  In 2018, the EHR Incentive Programs were re-branded as the Promoting Interoperability Programs, and a greater focus was placed on system compatibility, patient access to information, and improving patient outcomes.  DataMotion has played, and continues to play, a critical role within this policy framework.  Through both our role as a Health Information Services Provider (HISP), and our secure message center, our technology enables healthcare organizations to securely transmit personal health information (PHI) among external endpoints, improving interoperability and ultimately, patient outcomes. When assessing the healthcare landscape in 2022, we have come a long way. The opportunities to reimagine improving patient outcomes through heightened interoperability are unlimited!

Ready to Reimagine Your Secure Health Information Exchange?

Learn more about how DataMotion’s healthcare solutions can help.

Interoperability, connectivity, and collaboration are, and have been for some time, the greatest challenges for healthcare. They have once again emerged as major themes at HIMSS22.  Whether through the rollout of a national critical infrastructure by way of the Trusted Exchange Framework and Common Agreement (TEFCA) or through the availability of new secure messaging apps, we continue to look for ways to improve and expand upon the communication flow between all relevant internal and external stakeholders within a healthcare community. One example of this is the emergence of personal connected health devices that have burst onto the scene, focusing on healthy living and well-being from within the home.

Explore More

Reinventing Health Information Exchange

As an API-first company, DataMotion continues to develop its library of APIs to help ensure the greatest degrees of interoperability within the healthcare ecosystem.  DataMotion understands the need to balance data security against business requirements and workflow considerations. Therefore, we provide a flexible platform of APIs and other solutions that enable organizations to think creatively in terms of implementing secure communications into their workflows.

Looking Ahead

Tremendous strides have been made in healthcare interoperability over the last 20 years.  Business models, reimbursement mechanisms, and electronic health record (EHR) certifications have been modeled around the concept of more effective communications with peers and external partners.  With that being said, this year’s HIMSS conference gave us an opportunity to review the interoperability landscape as it exists today, and more importantly, asked our generation to ‘reimagine’ the future of healthcare.

When it comes to the technical aspect of reimagining healthcare, DataMotion remains an industry driver. Our secure exchange platform and robust suite of APIs and solutions offer a key element when it comes to innovation—flexibility. Our customizable options help organizations not only address today’s challenges and pain points, but also prepare for tomorrow’s considerations.

I’m looking forward to discussing how DataMotion’s solutions for the healthcare vertical can help your organization reimagine what is possible! If you have questions, or would like to set up a demo, please feel free to contact me personally, or reach out to our team of security experts.

Thank you to the organizers for an amazing and informative HIMSS22—I’m already excited to attend HIMSS23!

Diverse business people are talking about global project
Baby’s First HIMSS: Connecting Providers, Payors, and Health IT 1024 404 Christian Grunkemeyer

Baby’s First HIMSS: Connecting Providers, Payors, and Health IT

Last month, I had the pleasure of travelling to Orlando, Florida for the HIMSS ‘22 conference. And HIMSS did not disappoint! I admittedly had high expectations, based on my colleague, Doug Rubino’s takeaways from previous events. That said, I was unprepared for how absolutely massive the venue was, the number of attendees, and the incredible speakers and programs provided. In today’s post to the DataMotion Blog, I’ll share a few takeaways from the event, including some of the amazing strides the healthcare industry has made, where we are now, and where we could be (sooner than we think!).

“Stop Talking, Start Doing.”

Tuesday morning (my first full day of HIMSS ‘22) got off to a strong start with Ben Sherwood, former Co-chairman of Disney Media Networks and President of Disney-ABC Television Group, getting our attention by quoting Walt Disney, and advising us to “stop talking, start doing.”

The session concluded on a memorable note as well, with Mr. Sherwood quoting the late film director Mike Nichols, “unlock the secret of every success: only connect.” These words struck a chord with me. Aside from connecting with my peers in the Health Information Technology (Health IT) space, my goal at HIMSS was to learn as much as possible about how DataMotion’s secure messaging platform can help ONLY CONNECT (see what I did there?) payors and providers securely, and how healthcare is leveraging technology to make a real difference in 2022 and beyond.

Powerful, Meaningful, Automated

The lion’s share of my time during day one was educational, and predominantly focused on secure communications and interoperability (e.g. closed-loop messages and asynchronous communications). It quickly became apparent to me that not only were we, as a country, finally adopting technology within healthcare but we’re actually using it to help save lives – further proving Meaningful Use. A few examples that resonated with me:

  1. A hospital system in the Virginia/D.C. area was able to cut 2 minutes, 25 seconds off code blue response times. That is an immediate life-saving impact! Leveraging a secure messaging platform, this new workflow interfaces with their Electronic Medical Record system (EMR) and the background logic identifies where the secure message needs to go.
  2. The automation of post-operation patient care. Providers are able to read a patient’s medical record outside of the hospital environment, as well as the data that the patient supplies, using an internet connection device (for example, an Apple Watch). The device can trigger an event to the appropriate hospital staff, sending secure messages to alert providers to an abnormal change in the patient’s health. An example of this is the device sending three-plus alerts to the hospital, indicating that the patient is hypertensive.

These technological changes were accurately described as powerful, meaningful, and automated.

Learning about how our nation exchanges electronic protected health information (ePHI) is important to me, and as an accredited Health Information Service Provider (HISP), to DataMotion. It was informative to see how clinical data is handled today, as well as what the future of ePHI exchange looks like. For instance, the Trusted Exchange Framework and Common Agreement (TEFCA) is working on a medical record standardization that will (hopefully) solve interoperability issues in the upcoming years.

Get Tips, Tricks & Techniques Delivered Once a Month

Sign up for the DataMotion Newsletter and be the first to know the latest DataMotion news, industry trends, and best practices surrounding secure exchage.

It was also exciting to see how the Office of the National Coordinator for Health Information Technology (ONC) is working on this type of standardization through the concept of a Qualified Health Information Network (QHIN). A QHIN is defined as a “network of organizations working together to share data. QHINs will connect directly to each other to ensure interoperability between the networks they represent.” Requiring all QHINs to go through the correct certification process and follow national cybersecurity requirements will be an important component in protecting the health information of patients and policyholders.

On top of being able to demonstrate a return on investment, leveraging existing clinical protocols and interfaces like Consolidated Clinical Document Architecture (C-CDA) and Fast Healthcare Interoperability Resources (FHIR) will be key in the success of all QHINs. But introducing more standard data types, such as a PDF, will help bridge the gap between payors and providers. Luckily, as a HISP, DataMotion is payload agnostic and can transmit any type of data securely to a trusted endpoint.

In short, flexibility as the technological landscape of interoperability changes over the next five years is extremely important.

Building and Empowering the Healthcare Workforce

Day two of HIMSS set the tone and focus around strengthening and building our healthcare workforce, featuring an experienced panel moderated by award-winning 60 Minutes correspondent Scott Pelley. According to the panel, given the dramatic change in the healthcare landscape over the past couple of years, it’s important to think about the following questions:

  1. What brought the workforce into the market?
  2. What is driving them away?
  3. How can we make this industry enticing for the future?

One question proposed to a medical director on the panel was “when is the last time you slept?” and the unfortunate answer was, “honestly, I don’t remember.” The fact this question was even asked, and answered as it was, is incredibly telling about the industry today.

The above question leads me to the overarching message, which is, how can we simplify the hard work of a caregiver by leveraging data and technology? Simplifying and securing our digital workflows empowers our doctors and nurses to not only service more patients, but be more proactive about health, rather than reactive. Making care easier has a domino effect on patient outcomes. Happy caregivers lead to healthy and happy patients – it’s as simple as that!

Explore More:

Leveraging Data and a (Positive) Disruption

Leveraging data to improve patient outcomes is a logical next step on how we can empower our caregivers. But this is only one part of the equation. By empowering caregivers, and better understanding patient data, providers can potentially save lives, and prolong the quality of those lives saved. To this end, I want to share a couple of sessions that filled me with awe and inspiration.

I attended a truly memorable session hosted by Microsoft, where the speakers discussed leveraging FHIR to help consolidate unstructured data sources (with community consensus). The goal of this initiative is to drastically reduce the time it takes to diagnose rare diseases. And the change is already materializing. By leveraging this new “text analytics for healthcare engine” diagnoses of rare diseases are going from five years on average to approximately 5 weeks – which could significantly increase the patient’s life expectancy, and the quality of that life.

Data is, and will continue to be, a huge driver in how the healthcare industry cares for members and patients. During their presentation, one health insurance payor stated that their biggest asset is their data. They spoke about how the line between payor and provider is blurring and moving to more of a “Pay-vider” model. We, as a technology company, can talk about things like the impact on how we transmit data, the type of data that’s being transmitted, and the format in which this data can be ingested. But in the end, it’s all about patient care. If we make technology changes and it doesn’t affect how we care for our patients and members, then it’s not worth changing.

Getting Connected

I’ll end this blog entry with another inspiring quote from Ben Sherwood’s opening keynote, “…I believe that if you want to achieve what you want to achieve, if you want to be a leader in a disrupted time, connection is the thing that’s going to get you the farthest.” If you would like to connect to discuss how DataMotion can help your organization achieve its goals and better connect with patients and policyholders, please feel free to set aside some time to chat. You can also reach out to our team of security experts.

I’m already making plans for next year’s HIMSS! And in the meantime, let’s help you connect…securely. 🙂

Group of young black business people watching product presentation on screen of laptop at meeting
Protecting Sensitive Information on the Daily: Meet DataMotion’s Secure Message Center 1024 404 Christian Grunkemeyer

Protecting Sensitive Information on the Daily: Meet DataMotion’s Secure Message Center

Strong security around communications while staying within regulatory compliance?


Providing a simple, efficient, and convenient process for internal and external users?

Why choose one when you can have both?

If you’ve been keeping up with the Meet the Secure Message Center series, you’ve learned a few basics about DataMotion’s secure message center. You’ve also read several case studies where the secure message center solution helped organizations in regulated industries transform and modernize internal processes while improving the customer experience by enabling secure, convenient communications. Compliance is king in some verticals and can cause royal pain points, particularly where customer experience is concerned. Security and compliance measures don’t have to hinder the user experience. It is entirely possible to have a simple, frictionless experience for staff, caretakers and customers alike—while staying fully secure and compliant.

The glittering crown jewels of regulatory compliance may or may not be a driving factor behind your organization implementing secure exchange. There might be a number of other considerations, including strengthening security to protect non-regulated communications containing sensitive information that are part of your regular workday. In today’s blog entry, we’ll follow up on the case studies from part two of this series and explore a few scenarios where your organization can benefit from incorporating the secure message center into your workflow.

Secure Exchange on the Regular

Cutting down on paperwork. Keeping projects under wraps. Protecting privacy for vulnerable populations. Below are several examples of instances where making secure digital exchange part of your daily routine just makes sense, whether or not your organization is bound by compliance.

A Resource for Human Resources HR tasks, such as onboarding new employees, can involve a whole lot of paperwork. More often than not, that paperwork falls into the “sensitive information” category. Documents include a photo ID, Social Security number, and bank routing numbers. The secure message center helps you skip the physical paperwork (which no one likes anyway, let’s be honest) while protecting this sensitive information. This solution is especially helpful when onboarding remote employees.

Learn More About DataMotion's Secure Message Center

Locking the Design Vault You might be creating the next big food preservative. Or maybe you’re updating a forklift with new safety features.  Perhaps you’re formulating the next “it” fragrance that will roll out in Fashion Week giftbags. Before you have Hollywood’s A-list endorsing your new scent, you’ll want to keep those specs, formulas, and designs secure. The secure message center’s secure exchange and storage functions will keep confidential team and partner exchanges under lock and key.

Addressing Privacy Policies Whether or not your company is subject to data privacy regulations, securing client data is a sensible idea. You might be part of a retail operation, a not-for-profit, or a university fundraising department that transmits financial account numbers, names, addresses, places of business, and phone numbers. Regardless of your organization type or industry, you’ll want to protect this sensitive data and information…and your organization’s reputation.

Ensuring Privacy for Insurance Policyholders The insurance industry is wide spanning and highly regulated, covering everything from health to auto to home to life and more, with sensitive information exchanged on a regular basis. In addition to account numbers and other personal identifiable information (PII), field agents and customers will need to securely exchange additional document types, such as photos. When policyholders reach out for assistance, it is essential that these securely-sent and just-as-securely-stored communications are easily accessible by those who are authorized and available to help.

Caseworker Communications Those who work with vulnerable populations must ensure that addresses, medical and legal records, court dates, and other PII stays secure, for both the protection of clients and for regulatory compliance considerations. The secure message center is an excellent solution to enable secure caseworker communications with entities such as schools, attorneys, doctors, or social services, with both parties able to access previously-exchanged messages and documents.

Centering on a Message of Security and Compliance

We’ve now covered a few instances where secure exchange makes perfect sense for any organization. There are countless other scenarios, with possibilities across industries and organization types. Anyone can find a million and one reasons to consider making the secure message center part of your process, including:

  • Fast, secure, and simple document and message exchange
  • Military-grade encryption protects and secures sensitive information contained in your messages and documents while in transit and storage
  • DataMotion’s zero-trust approach adds to your data’s security
  • Versatile platform connects your back-end systems, including call centers, CRM systems, email, and more
  • Single sign on (SSO) allows customers and staff to access the secure message center with their regular credentials rather than create new usernames and passwords
  • Cobranded webmail portal includes your branding guidelines
  • Message notifications let users know that new messages and responses are in their inbox
  • SafeTLS message delivery allows you to securely deliver messages directly to recipient’s inbox
  • Detailed message logging, tracking, and reporting

In our next series installment, we’ll provide a series overview and answer a few questions we frequently receive. To learn more about the secure message center and its many benefits, please don’t hesitate to reach out to me personally, or to our larger team of security experts. Also, please follow us on LinkedIn and Twitter for DataMotion news, updates, and more.

Be Sure To Read the Other Parts of This Series:
Man taking notes in a notebook while working on a laptop
HITRUST CSF® Certification, HIMSS 2022, and More: DataMotion’s March Hot List 731 312 Team DataMotion

HITRUST CSF® Certification, HIMSS 2022, and More: DataMotion’s March Hot List

Greetings, readers, and Happy Spring!

March was a busy month on the DataMotion Blog! First, in case you missed it, DataMotion secure mail and Direct Secure Messaging solutions were recently HITRUST Certified. This recognition supports DataMotion’s diligent approach to risk mitigation through security and compliance. In addition to our press release, we took a deeper dive into the HITRUST Certification and why it matters. We also concluded our Microsoft Visual Studio Code Hot Tips and Tricks series on social media, where our dev team shared some of their tips and tricks for using the platform. We’ve curated that series into a single blog post for easy reference.

A few of our team members broke out their sunglasses, sunscreen and mouse ears and traveled to Orlando in March for HIMSS22! In the lead-up to the conference, Doug Rubino and Christian Grunkemeyer shared a few thoughts on this year’s event, hot topics in healthcare interoperability, and what they looked forward to learning more about. We’re eager to share their takeaways from HIMSS in the coming weeks. The discussion around secure exchange in the healthcare ecosystem continues. We invite you to reach out to Doug or Christian to set up a meeting and learn more about how DataMotion’s suite of APIs and other solutions can help your healthcare organization:

Learn More About DataMotion Secure Email and Direct Secure Messaging

Doug Rubino:

Christian Grunkemeyer:

And now, for your March Hot List.

What You Should Have Been Reading in the DataMotion Blog in March

Healthcare: A Digital Temperature Check from a First-Time HIMSS Attendee “The pandemic quickly accelerated digital transformation for organizations in all industries, particularly the healthcare ecosystem. COVID-19 highlighted the need for touchless, digital communications in healthcare, especially when dealing with PHI and medical records. This has ushered in a wave of process evaluation and change.”  In this post to the DataMotion Blog, Christian Grunkemeyer shared a few thoughts about attending his first HIMSS conference, the critical importance of the frictionless digitizing of healthcare records, and how DataMotion helped organizations achieve compliance with Meaningful Use Stage 2 by enabling the secure transport of clinical information over the open internet.

Connecting the Healthcare Ecosystems: Interoperability, Healthcare IT, and HIMSS 2022 “How can we improve upon the collection and aggregation of data from providers followed by the requisite analysis and reporting to be followed by the dissemination of actionable data back to the healthcare system and communities?” In Doug Rubino’s latest contribution to the DataMotion Blog, he discusses some of the challenges and opportunities around interoperability between the general and public healthcare ecosystems.

HITRUST CSF® Certification: What Is It and Why Does It Matter? “Your inbox (or LinkedIn feed, perhaps) is inundated by organizations that claim to help you keep your data safe. But you need more than claims to know if you can trust their products. One very easy and effective way to establish a trust baseline is to look for HITRUST certification on the product or solution.” You may have read our announcement last month that DataMotion’s secure mail and Direct Secure Messaging solutions are now HITRUST Certified. But what, exactly, does that mean? In this blog entry by Alex Mushkin, you’ll learn more about HITRUST Certification, the requirements involved, and why this is a label that matters.

Microsoft VS Code – Tips and Tricks Roundup “VSCode has over 14 million users worldwide and counting. According to, that’s about 58% of all developers, including the developers here at DataMotion! Since VSCode is a widely used, free, and very proficient IDE, the dev team has put some tips and tricks together to help you better use the platform.” DataMotion’s dev team recently started sharing some of their tried-and-true hot tips and tricks for testing APIs on various platforms. In the latest Tip Tuesday Hot Tips and Tricks Series, the team focused on Microsoft Visual Studio Code, and we’ve curated those recommendations into an easily-referenced blog post.

Explore More

Coming in April

We’re looking forward to sharing a number of items with you in April, including HIMSS takeaways and a deeper look at DataMotion’s secure message center. As always, we invite you to subscribe to the DataMotion Newsletter for industry thought leadership, insights, news, DataMotion updates, and more delivered to your inbox once a month. Finally, don’t forget to follow us on LinkedIn and Twitter for regular updates.

Thanks again for a great March. We look forward to seeing you in April!

Developer programming on a laptop at a desk
Microsoft VSCode – Tips and Tricks Round Up 731 312 Team DataMotion

Microsoft VSCode – Tips and Tricks Round Up

The dev team here at DataMotion has been sharing some hot tips and tricks to our social media channels to help your development processes, with our most recent tip series featuring Microsoft Visual Studio Code. In today’s entry to the DataMotion Blog, our team gathered those four tips and tricks, where we focused on how to integrate VSCode with a source control program (such as GitHub) so you have them in one convenient, easily-accessible toolkit.

For the uninitiated, Visual Studio Code is what developers call an IDE (independent development environment). Unlike Visual Studio, Visual Studio Code is a free, lightweight IDE, focused on quick development, building, and debugging. It has built-in version control, making it easy for you to save and update your code to GitHub, Microsoft TFS, or any other git centered, version control software. Though Visual Studio has additional features for more complex development scenarios, the lighter-weight VSCode IDE provides everything a developer needs for a simple programming cycle.

It appears this is exactly what developers have been looking for, as VSCode has over 14 million users worldwide and counting. According to, that’s about 58% of all developers, including the developers here at DataMotion! Since VSCode is a widely used and very proficient IDE, the dev team has put some tips and tricks together to help you better use the platform. Before we begin, as quick production note that you may notice the below tips are slightly different than those we shared on social media. This is because we added GIFs from v1.65.2, and the original tips were from a different version.

(Note: These tips were created to help enhance an already-basic knowledge of the VSCode platform. For more information on how to get started with VSCode, visit their quick start guide.)

If you would like to follow along with us, feel free to download DataMotion’s GitHub repository/secure-email-postman-collection. You can clone the code here.

Let’s get started!

Hot VSCode Tips and Useful Tricks

Hot Tip #1: Integrate Your GitHub Repositories Within VSCode.

Our first tip and trick for Microsoft Visual Studio code is to integrate your GitHub repositories within VSCode.

(Note: You can do this with other version control programs as well, but for this example and those going forward, we will stick to GitHub.)

To do this, open a new VSCode window and select “Clone Repository…”. At the top of the screen, either select your repository or enter the repository URL. You will then be prompted to choose a location to save your repository code locally.

There you have it! You have now pulled down a copy of your repo to save locally and work on. Next, we will review how you can easily switch branches within this repo as well as push changes to your source control program.

Hot Tip #2: Easily Switch Repository Branches Within VSCode.

Now that you have connected Visual Studio Code with GitHub, let’s review how to easily switch repository branches. You can do this by selecting your current branch name in the bottom left corner of the VSCode window. In the search bar that appears at the top of the screen, choose the branch you want to check out, or create a new branch. You can create a new branch by selecting the “+Create new branch…” option followed by entering a new branch name and hitting “Enter”.

Now you can easily switch between branches or create a new branch without leaving your IDE. Talk about efficient.

Hot Tip #3: See All the Code Changes on the Local Repository

The next VSCode tip and trick is an easy short cut to see all the changes you have made on your local repo that have not yet been pushed to your remote repo. To do so, hit Ctrl + Shift + G and you will see a list of files with changes made on your local repository within the Source Control panel. Select any file listed in the Source Control section to compare the changes on your local repo and the latest version on GitHub.

This makes it very easy to see what changes you are planning to push, as well as to quickly make some rollbacks.

Hot Tip #4: Push Changes from VSCode to GitHub

Now that we can quickly see where changes are, it’s time to review how to push these changes to GitHub. To push changes from VSCode to GitHub, there are three steps you will need to take:

First, stage your changes. To stage your changes, select Ctrl + Shift + G to open the Source Control panel, then select the + button next to each file you would like pushed to GitHub.

Next, commit your changes. To do this, locate the message bar at the top of the Source Control panel and add a commit message that describes the changes you are pushing such as “Added header”. Once your message is created, hit the check mark button next to the message box.

Finally, it’s time to push your changes. Select the “Sync Changes” button located below the message box.

There you have it! As easy as one, two, three. Your changes have now been pushed to your version control repository.


If you are one of the 14 million developers using VSCode (or someone who is looking to start using it) we hope these tips and tricks helped! You will now be able to easily integrate your source control software into your IDE for quick, easy and continuous development and version control.

In the meantime, stop by DataMotion’s GitHub profile to find our projects and development resources. You can also put these new VSCode tips and tricks to the test today by signing up for a free trial of our secure message center API. If you have any questions, feel free to visit our documentation site or contact our sales team.

Businessman reviewing a piece of paper with a pen in his hand. Surrounded by data points and security locks
HITRUST CSF® Certification: What Is It and Why Does It Matter? 731 312 Alex Mushkin

HITRUST CSF® Certification: What Is It and Why Does It Matter?

Your inbox (or LinkedIn feed, perhaps) is inundated by organizations that claim to help you keep your data safe. But you need more than claims to know if you can trust their products. One very easy and effective way to establish a trust baseline is to look for HITRUST certification on the product or solution. In this article, we’ll review what HITRUST CSF is, its rigorous requirements, and why this important certification matters to you.

What is HITRUST and the HITRUST Certification?

HITRUST is a non-profit organization that was founded in 2007 by a consortium of healthcare, technology, and security organizations, with the goal to help organizations better and more easily safeguard information and manage risk. While the HITRUST Common Security Framework (CSF) was originally established to assist healthcare organizations, HITRUST now serves, and is applicable to, all industries, particularly those that work with a high volume of sensitive information. Achieving HITRUST Certification is no small feat; this certificate is considered the “gold standard” for demonstrating the seriousness and robustness of an organization’s approach to security, privacy, and compliance protection.

What Does the Framework Look Like?

The HITRUST framework is a set of controls that brings together over 40 standards and regulations. HIPAA, HITECH, PCI, GDPR, NIST, ISO and state-specific regulations are included, among others. The HITRUST certification mark means that a service or product meets the requirements laid out by all these standards and regulations. As the most comprehensive framework available, HITRUST CSF includes 14 control categories:

0.0 Information Security Management Program

1.0 Access Control

2.0 Human Resources Security

3.0 Risk Management

4.0 Security Policy

5.0 Organization of Information Security

6.0 Compliance

7.0 Asset Management

8.0 Physical and Environmental Security

9.0 Communications and Operations Management

10.0 Information Systems Acquisition, Development and Maintenance

11.0 Information Security Incident Management

12.0 Business Continuity Management

13.0 Privacy Practices

Within each of these categories, there are objectives. Each category has one or more objectives for a total of 48 among the 14 categories. Each objective can also have one or more “references” or requirements. Adding up all the objectives, categories and requirements, there are a minimum of 156 and a maximum of well over 500 controls (or requirements) a company must implement to become certified. In addition to implementing the controls, each requirement must also be verified, either through a self-assessment, or by a third-party assessor. Each response must be backed by specific evidence demonstrating that the company not only has policies and procedures in place, but also follows them on a regular basis. HITRUST certifications are valid for two years and after that, must be recertified. The certification process typically takes nine months to a year. Because of this rigorous process, you can be assured that HITRUST certified services and products will provide your organization’s data with some serious protection.

Learn More About DataMotion Secure Email and Direct Secure Messaging

Why Look for HITRUST Certification?

Information security and privacy mechanics tend to live in the background, rather than front and center where we can easily see them. This makes it challenging to fully evaluate a product or service’s trustworthiness at first. But when that product or service is HITRUST certified, you can rest assured that a rigorous set of controls have been applied to keep your organization’s information secure and protected.

In short, it’s all about trust, and seeing the company’s credentials for yourself.

Using HITRUST-certified products and services also demonstrates to your customers and partners that you are serious about their information privacy and security. In today’s security-conscious world, customers will often switch businesses after a security breach. In fact, a 2019 study from PCI Pal shows that after a breach, 83% of customers will stop spending with a business for several months. Using a HITRUST certified product can help mitigate both the risk of a breach and of losing customer trust.

No matter what you do, there will always be security risks for your information. It’s no different than getting in the car every morning and driving to work. There’s always a risk of having an accident and sustaining an injury. But by following safety procedures and rules, such as staying alert and wearing a seatbelt, you can mitigate risk, even if you have an accident. HITRUST certified products and services – like DataMotion’s secure mail and Direct Secure Messaging platforms – do the same thing for your information. Reduce your risk by choosing a HITRUST certified service.

Read more about DataMotion’s HITRUST CSF Certification in our press release

Still have some questions on what the HITRUST CSF Certification is? Stop by our frequently asked questions.