Validation Framework

Through the Validation Framework, we support rapid, valid, and complete data processing and analytics with automated testing, quality assurance, user acceptance testing, expert review, and external verification. This ensures our final production outputs have been thoroughly vetted internally—and ultimately trusted externally.

Automation

The Accelerator Data Platform includes our Validation Engine—a proprietary application that executes at each stage of the data processing pipeline. The Validation Engine is central to ensuring that as data is processed, it aligns with valid data expectations. It consists of business rules that are applied to summary tables that contain statistics of the underlying data. If a rule is violated, the Validation Engine immediately alerts our analysts for review. Results from the Validation Engine are also available in the Data Completeness Dashboard for internal and external review of data quality over time.

Quality Assurance

Any change to our ecosystem undergoes extensive quality assurance from a cross-functional team of subject matter experts—analysts, actuaries, clinicians, and data scientists—to ensure the security, efficiency, and validity of software updates, new predictive models, new data sources, and data onboarding. This ensures that changes to our ecosystem aren’t just functionally correct but that they’re deemed reasonable by an expert.

Data Governance

Since its founding in 2014, Certilytics has established a climate of trust, collaboration and transparent communication. Our customers know that establishing a single source of data truth is foundational to the highest level of data integrity and validity. Because of this essential mission, a robust Data Governance program is paramount to our success—with Data Governance leadership at the C-level, a dedicated team of analysts supporting Data Governance, and formal processes for ensuring validity, quality, unity, and consistency of our approach to data. Our Data Governance Board and Data Architecture Committee combine key stakeholders from across the company to make deliberate advances in our approach to data management, architecture, and security.

Security Framework

Data security is central to our mission at Certilytics. We have years of experience handling healthcare records in a manner that protects patient privacy. The Certilytics Security Framework includes HIPAA compliance and relevant data security protocols to meet the highest industry standards of security and integrity.

Our framework is based on HITRUST, SOC 2 Type II, NIST CsF, elements of GDPR, and internally defined requirements based on industry best practices, client expectations, and contractual agreements. Requirements are defined at a high level in policies established by our Security and Risk Management Committee, an information security steering committee led by our Chief Information Security Officer, which are then implemented into existing or new business processes through the establishment of supporting documentation such as guidelines, standards, procedures, and baselines.

Regular audits are performed to ensure that the requirements are adequately implemented. To assure Certilytics clients and ourselves of the strength of our security program, we make use of independent third parties to perform risk assessments, penetration tests, social engineering testing, and audit the Certilytics security program against industry standard frameworks to measure for compliance with SOC 2 Type II compliance, and HITRUST CSF for all product offerings. HITRUST compliance requirements are in part based on HIPAA, HITECH, and other federal and regional legislation or regulations, other security frameworks (e.g. NIST, CIS, GDPR), and industry best practices.