The assessment process moved through HITRUST’s quality assurance review at an accelerated pace, marking one of the fastest cycles in the company’s history. By integrating security into the platform’s daily operations rather than treating compliance as a periodic event, Eligible successfully mapped its internal controls to the rigorous NIST CSF Core Functions of Identify, Protect, Detect, Respond, and Recover.
Eligible Secures Dual Cybersecurity Certifications for Platform Services
New York-based healthcare infrastructure firm Eligible has secured both HITRUST r2 certification and NIST Cybersecurity Framework v1.1 validation for its Platform Services System. The dual achievement, verified by independent assessor A-LIGN, confirms the company’s security posture across all 19 HITRUST domains and five core NIST functions through May 2028.
CEO Katelyn Gleason noted that this milestone represents years of sustained operational discipline. The certifications specifically cover the REST APIs and application infrastructure used to process HIPAA-mandated financial transactions, including eligibility verification and claims processing. While these certifications are now locked in, the company is simultaneously undergoing a SOC 2 examination, which has already returned zero gaps in its readiness assessment, further underscoring the platform’s focus on data protection and risk management.


Comments (0)
No comments yet. Be the first!