Privacy and Security Controls

CORHIO collaborates with communities and stakeholders to implement secure systems and processes for sharing clinical information. Our policies to protect the privacy and security of personal health information are developed and maintained by a statewide policy committee consisting of diverse representatives from across the Colorado healthcare community.

A cornerstone of this committee is our shared commitment to privacy and security for all participants and patients in the CORHIO HIE. Our hosted HIE infrastructure, platform and services are provided by a joint partnership between CORHIO and Health Catalyst (formerly Medicity). Learn more

HITRUST Certification

In 2021, CORHIO earned Certified status for information security by HITRUST. The HITRUST CSF Certified status demonstrates that CORHIO's information systems and technical processes met key regulations and industry-defined requirements and are appropriately managing risk to prevent security breaches.

The rigorous certification process involves 19 assessment domains, including third-party management, password management, access control and physical security. By including federal and state regulations, standards, and frameworks and incorporating a risk-based approach, the HITRUST Common Security Framework (CSF) helps organizations address security and privacy challenges through a comprehensive and flexible framework of prescriptive and scalable security controls. Learn more.