Accelerate Your Path to HITRUST Certification by Adopting MTS HITRUST r2 Inheritance Provider Status
May 12, 2025
The healthcare industry has been – and remains – a prime target for cybercrime. According to the HIPAA Journal’s 2024 Healthcare Data Breach Report, an estimated 275 million PHI records were breached in 2024, marking a significant increase from previous years.¹ Across all industries, the average cost of a data breach in 2024 was $4.45 million, but the healthcare industry faced the highest average data breach cost – $10.93 million.²
We know the security of your systems and data – particularly the safety of electronic protected health information (PHI) – is a top priority for your healthcare organization. That’s why MTS puts healthcare IT security at the center of everything we do.
HITRUST – A Shortcut to Attaining a More Mature Security Posture
One effective way to achieve system security is to pursue certification by HITRUST, the global organization that sets industry standards and champions programs to safeguard sensitive information.
For a third, consecutive time, Med Tech Solutions’ Cloud Platform has earned certified status for information security from HITRUST. HITRUST certification is the gold standard and benchmark against which organizations measure themselves when charged with safeguarding personal health information. The HITRUST r2 Certification leverages over 60 healthcare industry security and privacy regulations, standards, frameworks, and other authoritative sources, including HIPAA compliance.
Currently, the HITRUST CSF (certified security framework) monitors over 1,200 potential controls, also known as requirement statements, across multiple regulatory bodies. At the beginning of your HITRUST certification process, your assessor will determine how many of these 1,200 controls your organization must attest to based on a risk assessment. A low risk organization, for example, would require attestation to 200 or 300 controls, while a high risk organization may require attestation to 800 or more.
Reap the Benefits of HITRUST Inheritance Provider Status
Along with our HITRUST certification for information security, HITRUST has granted MTS r2 Inheritance Provider Status. This means, our clients who are pursuing HITRUST certification can inherit attestation to HITRUST controls MTS has already met. Inheritance workflows allow your organization to import control assessment results and scores from the Med Tech Solutions HITRUST assessment. By adopting MTS HITRUST Inheritance Provider Status, your organization can simplify your own HITRUST certification and significantly shorten the timeline, depending on your company’s risk profile.
MTS’ HITRUST r2 inheritance Provider Status simplifies HITRUST certification for your organization, allowing you to inherit attestation to MTS controls for your own HITRUST certification and compliance goals.
Only a handful of companies worldwide enjoy HITRUST Inheritance Provider Status. With this distinction, MTS joins an elite group of other HITRUST partners, including Google, NextGen, and Microsoft Azure.
KEY INHERITANCE BENEFITS
- Reduces the need for duplicative and redundant direct controls testing that is covered and obtained under a prior valid assessment
- Identifies control mappings and leverages assessment results within one system to efficiently process Inheritance information exchange.
- Provides the transparency and visibility needed to fully understand and effectively inherit existing controls assessment data
- As the industry’s only capability for third-party assurance, Inheritance is especially well-suited for shared cloud-based control environments
HITRUST r2 Certification demonstrates that the MTS Cloud Platform has met demanding regulatory compliance and industry-defined requirements and is appropriately managing risk. By including federal and state regulations, standards, and frameworks and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.
The rigorous HITRUST r2 Certification has become the benchmark by which healthcare organizations required to safeguard PHI are measured. By meeting these criteria, we have once again signaled our commitment to maintain the highest standards of data security and privacy protection.
“Organizations like ours are continually under pressure to address current and emerging threats and meet complex compliance, information protection, and privacy requirements,” said Mona Abutaleb, CEO at Med Tech Solutions. “We are extremely proud to have achieved HITRUST certification again, for the third consecutive time. MTS’ HITRUST r2 inheritance Provider Status simplifies HITRUST certification for your organization, allowing you to inherit controls for your own HITRUST certification and compliance goals. By meeting these rigorous criteria, we have once again signaled our commitment to maintain the highest standards of data security and privacy protection.”
Sources:
1 Healthcare Data Breach Statistics (The HIPAA JOURNAL). https://www.hipaajournal.com/2024-healthcare-data-breach-report/
2 Cybersecurity Statistics in 2025 (USA Today). https://www.usatoday.com/money/blueprint/business/vpn/cybersecurity-statistics/#Sources
Are you confident that your network and PHI is secure?
Let MTS help protect your patients and your organization.
Sign up for our newsletter:
