Virta Health Achieves HITRUST CSF® Certification to Further Mitigate Risk in Third-Party Privacy, Security, and Compliance

Published on 
April 15, 2020
November 26, 2024

Recent HITRUST CSF and SOC-2 Type 1 Certifications validate Virta’s long-standing commitment to safeguarding sensitive information for patients and customers

SAN FRANCISCO, CA: Virta Health, the first company with a treatment to sustainably reverse type 2 diabetes (T2D) without medications or surgery, today announced that Virta’s data stores, web application infrastructure, and physical offices have earned Certified status for information security by HITRUST®.

“Since day one, Virta has been committed to implementing best-in-class privacy and security protocols,” said Sami Inkinen, Virta’s co-founder and CEO. “Trust is paramount to our success as a business. Achieving this third-party verification reinforces to our patients and customers alike that their data meets the strictest standards for protecting PHI and other confidential information.”  

HITRUST CSF Certified status demonstrates that the organization’s data stores, web application infrastructure, and physical offices have met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places Virta Health in an elite group of organizations worldwide that have earned this certification.

By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“HITRUST is continually innovating to help streamline and simplify how organizations assess information risk and manage compliance in a cloud environment,” said Jeremy Huval, Chief Compliance Officer, HITRUST. “We are happy that Virta Health has taken the steps needed to achieve HITRUST CSF Certification—a designation which provides added confidence to their customers.”

Virta Health, which works with health plans and large enterprises across the United States, also recently received its SOC-2 Type 1 certification. This represents another key third-party validation of the company’s long-standing commitment to privacy and security.

These external validations will also serve to help Virta’s partners, which include organizations like Blue Shield of California and the U.S Department of Veterans Affairs, demonstrate their own compliance with HIPAA and other regulations around PHI.

Virta’s security controls will continue to be tested and reviewed on an ongoing basis to ensure the company is maintaining the most up-to-date technology and protocols.

About Virta Health

Virta Health provides the first treatment to safely and sustainably reverse type 2 diabetes without medications or surgery. Among enrolled patients in our clinical trial at one year, 60% achieved diabetes reversal and 94% of insulin users reduced or eliminated usage altogether. Results extend beyond diabetes reversal to other areas of metabolic and cardiovascular health, with sustained improvements in blood pressure, inflammation, liver function, and BMI. For enterprises, Virta puts 100% of its fees at risk and can reduce medical prescription costs by more than 70% in year 1 alone. Delivered through Virta’s novel continuous remote care platform, the Virta Treatment provides unparalleled medical and behavioral support and is transforming the lives of people living with type 2 diabetes. To learn more, visit us at www.virtahealth.com or follow us on Twitter @virtahealth.

Media Contact

Paul Sytsma
press@virtahealth.com

Icon: Envelope with card coming out, featuring Virta spark on the front

Get the latest Virta updates in your inbox

Subscribe to our blog to get Virta updates, delivered directly to you.
Subscribe

Citations