Socure and HITRUST

DEVHUB LOGIN

Products
Products Experience the power of graph-defined identity verification.
Platform

Fraud Risk

Compliance

ID Document Verification

Account Intelligence

Decisioning
Platform

. Socure ID + Platform
The new standard for digital identity verification, providing real-time, predictive analytics for the most accurate and comprehensive identity verification and fraud prediction—all through one API.

Socure named a Leader in The Forrester Wave
Identity Verification Solutions Q4 2022
See More

Fraud Risk

. Sigma Identity Fraud
Analyze every dimension of a consumer identity to capture up to 90% of fraud in the riskiest 3% of users.

. Sigma Synthetic Fraud
Identify and isolate synthetic identity risk at enrollment and in existing customer portfolios.

. Address RiskScore
Predict the risk of an address utilizing various risk intelligence and residency attributes.

. Email RiskScore
Predict the risk of an email and its correlation to an identity.

. Sigma Device
Predict the risk associated with a device while binding known identities to known good devices.

. Phone RiskScore
Predict the risk of a phone number as well as ownership utilizing various risk intelligence and phone number attributes.

. Portfolio Scrub
Identify fraud and compliance risks, safeguard customer accounts, and gain actionable insights.

. Sigma First-Party Fraud
Minimize early payment default, investigate disputes, and gain insights into high risk transactions.

Compliance

Compliance Solutions

Protect your organization with market leading data coverage, unmatched accuracy, demonstrable controls and world-class tools to efficiently manage your operations
Overview

. Socure Verify
Automate the customer onboarding process with unrivaled data coverage and industry-leading technology.

. eCBSV
Instantly verify consumer provided name, SSN and DOB with the issuing authority - enhancing compliance and promoting financial inclusion.

. Global Watchlist Screening with Monitoring
Identify risk by matching identities against sanctions and enforcement lists, as well as PEP and Adverse Media registries worldwide.

. Portfolio Scrub
Identify fraud and compliance risks, safeguard customer accounts, and gain actionable insights.

ID Document Verification

. Predictive DocV
Authenticate government IDs, stop spoofing attacks, drive better decisioning, and approve more good users on the first try.

Report
3 Warning Signs That Your ID Verification Process is Robbing You of Revenue
See more

Account Intelligence

. Socure Account Intelligence
Accurately verify account ownership and availability with consortium-powered analytics while supercharging customer conversion and reducing risk.

Decisioning

. Decision Module
Align policy with process, automate decisions, help ensure compliance, and efficiently scale growth.

. Control Center
Prevent fraud across your portfolio, and demonstrate compliance in an evolving regulatory environment.
Industries

Industries Seamlessly onboard more good customers while preventing fraud—no matter your industry.

.

Financial Services
Verify identities and stop fraud throughout the customer lifecycle, while meeting the most stringent compliance requirements.

.

Marketplace
Strengthen the reputation of your ecosystem and instantly onboard more consumers and sellers without increasing risk.

.

Sharing Economy
Ensure trust & safety while instantly onboarding more consumers, sellers, and gig workers without increasing fraud.

.

Online Gaming
Maximize player conversion rates and reduce identity fraud losses while maintaining compliance.

.

Buy Now Pay Later (BNPL)
Auto-accept more shoppers, attract more merchants, and protect your customers from identity fraud.

.

Public Sector
Increase auto-verification rates of eligible individuals, improve program integrity, and eliminate manual reviews.

.

Crypto
Verify identities faster and accelerate time to funding, trading, purchase, and storage.

.

Workforce
Register and onboard more good applicants with passive identity verification.

.

Sponsor Bank
Streamline BaaS management, enhance compliance, simplify partner oversight, and grow your customer base.
Resources
Resources Stay up to date on industry news, trends, and Socure's world-class solutions.
Fact Sheets

Case Studies

White Papers

eBooks

Reports

Infographics

Webinars

Events

Blogs

Videos
Socure Identity Risk Insights
Defining and Solving the Elusive Challenge of First-Party Fraud
Learn More
Partners
Company
Company Learn more about the award-winning people and technologies that power Socure.
About Socure

News & Press

Careers

Events

Socure Risk Insights Network
Socure named a Leader in The Forrester Wave
Identity Verification Solutions Q4 2022
See More

Talk To An Expert

Home Blog Socure and HITRUST

Since announcing Socure’s HITRUST certification, we’ve received several inquiries regarding the reasons we pursued it, the difficulty we had obtaining it, and what we’re going to do with it. All good questions. We’ll do our best to address the top inquiries below.

“Why?”

When we received our first SOC 2 report, we had 20 employees. Our Type 2 report came at just over 25 employees. When we achieved our ISO certification (27001, 27017 and 27018), we had about 40 employees.

We then looked around and said, “Now what?” Given our experience of achieving other certifications, it was only natural for us to want to keep reaching higher. That, and the fact that the healthcare industry is in dire need of effective identity verification solutions made obtaining HITRUST a logical next step.

And as our company grew to just over 60 employees, we’ve achieved HITRUST CSF Certification and the HITRUST Certification of the NIST Cybersecurity Framework for our ID+ online identification verification service.

“But you’re a FinTech company! What are you doing with HITRUST?”

That’s a good question, but also a misleading one. Although we’ve primarily catered to the financial services industry, our company is focused on creating and operating online identification verification services. ID+ can be used in any online transaction or similar function where a user’s identity must be confirmed.

Ultimately we are geared to keeping our customer’s data private and secure in a demonstrable, verifiable, and repeatable manner. And as we already operate at high levels for confidentiality, integrity, and availability, the source and purpose of that data — from a financial institution, a medical organization, an online retailer — doesn’t matter to us. We treat all customer data with the utmost care and respect it deserves.

“What can healthcare do with Socure?”

Think about all of the times you may have scheduled a doctor’s appointment online, or managed your prescriptions from a website, or viewed your medical results on your computer or smartphone. Each time — and probably multiple times — you needed to verify who you were. This may include extra knowledge-based authentication (KBA) questions that often seem more invasive than a majority of medical exams.

While there are other methods for identity verification already in place, systems that incorporate Socure’s ID+ can reduce the frustration and friction when trying to prove you are who you say you are to a healthcare provider. Organizations can better identify legitimate users faster and with greater accuracy, ensuring their life-critical services and offerings are delivered to the right person.

“Do you have ICD F41.1?”

Of course, achieving HITRUST CSF certification doesn’t mean we can sit back and relax and rest on our laurels. Socure must continue to demonstrate its capability in meeting the HITRUST CSF framework as we continue to develop new modules, features, and services. We are reviewed annually and run the risk of losing the certification if there is any material deviation from the Common Security Framework — the “CSF” of “HITRUST CSF”.

Far from resting, we are up late and ensuring the data in our system is safe, secure, and private. This is probably why our healthcare colleagues asked if we were diagnosed with ICD F41.1, the billing code for generalized anxiety disorder. (Should you know how we can get “data privacy anxiety” accounted for in ICD-11, please let us know. We will certainly have more details and demonstrable symptoms by 2022.)

“What does HITRUST even cover?

The HITRUST certification covers more than just healthcare-based regulations such as HIPPA, specifications such as CAQH CORE, and standards from the NIH. The controls are based on and match up to a number of specifications, frameworks, and guidelines from a variety of organizations and institutions. These include ISO and AICPA as well as NIST, COBIT, the CSA, and the FDA, among others. Data privacy components of key regulations — GDPR, HIPPA, and various related state laws — are also accounted for within the framework.

Although HITRUST CSF Certification and the HITRUST Certification of the NIST Cybersecurity Framework for ID+ is not a one-to-one substitute for any other certification, it does demonstrate we are adherent to a broad variety of similar tenets concerning data privacy and security.

“Are you ready to tackle the healthcare market?

So as our company grows (we’re over 70 now!), we see our new and exciting opportunities for us, for the healthcare information management industry, and for all of the users who can benefit from our services. Not only are we ready, willing and able to help the healthcare industry with their identity verification needs, all indicators are that the healthcare industry is ready (and in need of) Socure!

We look forward to this new frontier!

Posted by

Mike Sleap

Topics:

Compliance

link

Mike Sleap

Mike Sleap has eked out a 25+ year career in the IT Risk and Information Security, Technical Writing and Marketing in the Financial, Healthcare, and Technology sectors. Although he stays up at night thinking about data privacy, he is often initially awakened by one of his two daughters.

VIEW MORE POSTS