IWCO Direct and Mail-Gard® Achieve HITRUST CSF Certification for the Protection of Private Healthcare Information


September 28, 2017

Chanhassen, Minn. (September 28, 2017) — In its unwavering focus to safeguard data, IWCO Direct, a leading provider of data-driven direct marketing solutions, announced it has achieved HITRUST CSF v8.1 Certification for all facilities through ControlCase, an approved HITRUST Assessor. HITRUST CSF Certification includes Mail-Gard®, a division of IWCO Direct that provides business continuity and disaster recovery services. The certification demonstrates all supporting systems meet key regulations and requirements for protecting and securing sensitive personal healthcare information (PHI).

The Health Information Trust Alliance (HITRUST), in collaboration with healthcare, business, technology, and information security leaders, established HITRUST CSF, a certifiable framework that can be used by all organizations that create, access, store or exchange personal health and financial information.

To achieve its certification, IWCO Direct met or exceeded established maturity levels in 19 domains measured by ControlCase. All work was independently validated for compliance with the HITRUST CSF Assurance Program by HITRUST.

“Safeguarding personal information demands a comprehensive approach to data security,” said Jim Andersen, CEO of IWCO Direct. “The HITRUST CSF Certification helps IWCO Direct stay at the forefront of data security and assures our clients that protecting sensitive information is one of our highest priorities.”

“HITRUST CSF has become the information protection framework for the health care industry, and the CSF Assurance program is bringing a new level of effectiveness and efficiency to third-party assurance,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “The CSF Certification is now the benchmark that organizations required to safeguard PHI are measured against with regards to information protection.”

Further validating its data security practices, the HITRUST CSF Certification joins IWCO Direct’s and Mail-Gard’s extensive list of data security certifications, including ISO 27001:2013 and PCI DSS v3.2, both verified by independent, third-party assessors, and self-certified HIPAA compliance. The company’s proven commitment to information security provides confidence to IWCO Direct clients across a wide variety of industries that their information is protected by safeguards that meet or exceed industry requirements.