Infinx gains HITRUST i1 attestation

Infinx said on April 14 that its revenue-cycle and patient-access platforms earned HITRUST i1 certification for a defined scope after a validated assessment. (accessnewswire.com) The Cupertino, California, company said the certification covers its in-scope platforms, supporting environments, and a HITRUST Common Security Framework version 11.5.1 i1 assessment. Infinx said it provides artificial-intelligence, automation, and human-led services for healthcare revenue cycle management. (infinx.com) Revenue cycle management is the back-office work that turns patient visits into payments, from insurance checks before an appointment to claim submission and collections afterward. Patient access covers front-end tasks such as eligibility verification, prior authorization, scheduling, and registration. (infinx.com) HITRUST is a security and compliance framework used widely in healthcare to show that vendors handling protected health and financial data have documented controls and outside validation. Its i1 program is a one-year certification built around 182 fixed controls that HITRUST says are updated quarterly to track current cyber risks. (hitrustalliance.net) That makes the announcement less about a new product than about proof points for selling existing software into hospitals, physician groups, and other providers that increasingly ask vendors for third-party security reviews. HITRUST says its e1, i1, and r2 certifications are designed as a tiered path, with i1 positioned above the entry-level e1 and below the more extensive r2 assessment. (hitrustalliance.net) Infinx said the certification is valid for one year, subject to HITRUST program requirements. The company was founded in 2012, according to its press release, and markets tools that combine software, automation agents, and staff services for healthcare administrative workflows. (newswire.com) (infinx.com) Outside advisers that help companies prepare for HITRUST assessments describe i1 as a moderate-assurance option that requires more work than e1 but less customization than r2. Those firms are vendors in the compliance market, but their descriptions broadly match HITRUST’s own framing of i1 as a fixed control set for organizations that want validated assurance without full risk-based scoping. (cloudsecurityalliance.org) (hitrustalliance.net) For healthcare software vendors, certifications like this have become part of routine procurement language: not a guarantee against breaches, but a credential buyers can compare across products that touch claims, eligibility, and patient financial data. Infinx is now using that credential as part of how it presents its revenue-cycle and patient-access platforms to customers. (hitrustalliance.net) (infinx.com)