Vetting your vendors: Certifications & HIPAA compliance | Paubox SECURE 2019

Vetting Your Vendors: Certifications & HIPAA Compliance - Paubox SECURE 2019

    • The second panel was called, “Vetting Your Vendors: Certifications & HIPAA Compliance” (moderated by Paubox CMO, Rick Kuwahara)

SEE ALSO: Free Spam Musubi for the First 100 Attendees – Paubox SECURE

Its panelists were:

Michael Parisi, Vice President – Assurance Strategy & Community Development | HITRUST
Michael Parisi has led over 500 controls-related engagements primarily in the healthcare and financial services industries. He has extensive experience with third-party assurance reporting including HITRUST readiness, HITRUST certification, SOC 1, SOC 2, SOC 3, Agreed Upon Procedure and customized AT-101 engagements.

He also has several years’ experience implementing large Oracle ERP systems specializing in the General Ledger and Governance Risk and Compliance modules. He has extensive knowledge of financial reporting and regulatory standards through his external audit and consulting experience, including Sarbanes Oxley, HIPAA, NIST, CMS and state specific standards.

Michael holds a Bachelor of Science in Accounting, a Bachelor of Science in Computer Information Systems and an MBA from Quinnipiac University. He is an active member of ISACA and IAPP.

Nick John, Senior Security Engineer | Redox
Nick started his 14 year digital health career working at Epic as the Director for Interface Implementation. After eleven years, he made the move to working for digital health startups. His first startup role was leading the Customer Success Team at, a clinic visit automation company.

Nick now serves as the Data Privacy Officer at Redox, a healthcare data integration platform. Nick has built Redox’s security program from the ground up, and has led the company through both HITRUST and SOC2 audits.

When not at the office, you’ll find Nick climbing mountains, swimming in the river, or on stage with his performance company Tempos Contemporary Circus.

Insightful Tweets

It goes back to the adage: “Trust, but verify.” – #MichaelParisi @HITRUST #PauboxSECURE

“We’re all in this together.” – Nick John of @redox on Healthcare IT Security #PauboxSECURE

“We’re all fighting the same enemy. So it behooves us to have transparency.” – #NickJohn @Redox. #PauboxSECURE

“I think it’s important to understand the level of integrity behind a certification.” Mike Parisi ⁦@HITRUST⁩ #PauboxSECURE

“One of my initiatives is to be data-driven around risk management.” Nick John @Redox #PauboxSECURE

#MichaelParisi of @HITRUST says that soon the question to ask when selecting doctors will be “Are they secure?” instead of “Are they in-network?”. #PauboxSECURE

We take preference to vendors with SOC II and HITRUST- Nick John ⁦@Redox⁩ #pauboxsecure

#MichaelParisi @HITRUST introduces the philosophical approach to trust and presents a key question: “If I trust them, will they harm me?” #PauboxSECURE

75% of breaches are linked back to a third party – Mike Parisi ⁦@HITRUST⁩ #pauboxsecure

Evaluating risk comes down transparency – Mike Parisi ⁦@HITRUST⁩ #pauboxsecure

#NickJohn of @Redox recommends combining 2 methods to evaluate a vendor: seeing their recent tests + their certifications. #PauboxSECURE

Here at #PauboxSECURE, #MichaelParisi of @HITRUST has just talked about his good friend @sean_martin and @ITSPmagazine and their focus on “the intersection of technology and society.”!

On evaluating a vendor: “It all starts with trust.” – #NickJohn @Redox #PauboxSECURE

Try Paubox Email Suite for FREE today.

About the author

Hoala Greevy

Founder CEO Paubox. Kayak fishing when I can.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader