BrightLine CPAs & Associates Inc. has certified that Windstream's data centers and network comply with federal and industry standards for protecting consumers' private health and financial data.
BrightLine found that Windstream complies with federal HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) regulations. The HIPAA Privacy, Security and Breach Notification rules protect the privacy of patient health information and require covered entities and their business associates to take specific action to protect electronic health information when it is being processed, transmitted or stored in the data network.
Over a six-month period, Windstream worked with BrightLine to evaluate the Little Rock, Ark.-based company's systems and training processes. BrightLine found that Windstream has adopted the essential elements and requirements of the 2003 HIPAA and HITECH final security rule, including but not limited to administrative safeguards, physical safeguards, technical safeguards and breach notifications.
"We have undertaken this strict examination to demonstrate and ensure that our systems are consistent with HIPAA and HITECH requirements and that we are able to guarantee that both our employees and data centers meet the federal government's stringent security requirements," said Chris Nicolini, Windstream's senior vice president of data center operations. "Completing this examination confirms the trustworthiness of our team, products and services and we are committed to performing this examination year after year in order to maintain compliance and the trust of our customers."
BrightLine also performed Windstream's network Payment Card Industry Data Security Standard (PCI DSS) version 2.0 assessment, validating its status as a Level 1-certified service provider, the highest certification achievable. Windstream can now process and transmit an unlimited amount of transactions annually. To maintain the highest standard of compliance, Windstream will independently scan for network threats and conduct annual audits with BrightLine.