Skip to Content

Published on May 04, 2021

Cone Health Works to Strengthen Cybersecurity

The health network achieves the highest security certification in health care.


Cone Health has met high standards for protecting medical records and its core operations. The HITRUST CSF® Certification is built upon a comprehensive risk management and compliance framework designed for organizations that use and store sensitive data. Being certified means that Cone Health meets the myriad of standards and requirements to reduce cybersecurity threats in an increasingly hostile online world. HITRUST Logo

“The technology landscape is constantly changing while cybersecurity threats are evolving and growing, such as ransomware,” says Cone Health Vice President and Chief Information Security Officer Doug McMillian. “These changes and threats require that organizations manage their security programs efficiently and effectively.” 

The action places Cone Health in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges.

“In today’s ever-changing threat landscape, HITRUST is continually innovating to find new and creative approaches to address challenges,” says HITRUST Chief Innovation Officer Jeremy Huval. “Cone Health’s HITRUST CSF Certification is evidence that they are at the forefront of industry best practices for information risk management and compliance.” 

The HITRUST Advisory Council is led by members from the American Hospital Association, American Medical Association, America’s Health Insurance Plans, and other privacy and security leaders.


HITRUST Certification | A-LIGN