About four years ago, Vita Companies decided to pursue HITRUST certification to differentiate themselves in the market.
In the competitive employee benefits brokerage and consulting world, Vita Insurance Associates, better known as Vita Companies, stands out with a unique approach.
Unlike many in their industry, Vita has no sales staff and thrives on referrals, instead pouring resources into exceptional service rather than advertising. This commitment to service, combined with a distinctive internal culture where no one earns commissions, has kept them in business for over 40 years.
When it came to elevating their security standards, Vita set their sights on the prestigious HITRUST certification. Here’s their journey.
Vita Benefits Group is more than just an employee benefits brokerage firm. Their client-centric model focuses on delivering outstanding service, which generates organic referrals. “We've been in business for 46 years, and I've been here for 25 of those years,” says the Vice President of Operations Jason Lombardi, who oversees finance, accounting, HR, facilities, IT, and marketing.
The firm reinvests profits into the business, ensuring clients receive top-tier service—a model that’s rare in the industry.
A HITRUST Certification offers organizations a comprehensive program for managing information risk and achieving compliance. This integrated approach aligns security and compliance mandates, ensuring consistent support for an organization's information risk management and compliance objectives.
For more information about HITRUST, check out this blog about HITRUST basics.
About four years ago, Vita Companies decided to pursue HITRUST certification to differentiate themselves in the market. They began with the rigorous r2 certification, aiming to set a high standard.
Their decision to seek HITRUST certification came from a desire to avoid the repetitive task of filling out client security questionnaires and to establish a robust security framework to set them apart from competitors.
Right from the start, the journey to HITRUST certification wasn’t a smooth one. The firm’s initial partners provided templated solutions without the necessary guidance, leaving Vita to navigate the complexities alone. “Our HITRUST certification process was rough until we found the proper partners,” Jason admits.
This led to a search for a more reliable partner who could offer the customized support they needed.
In 2023, Vita was introduced to Privaxi, who recommended SecurityMetrics as a trusted partner for HITRUST certification. This partnership marked a turning point.
The transition to working with SecurityMetrics was unexpectedly smooth, thanks to the experienced and understanding assessors who made the process less daunting. “The relationship worked very well,” reflects Jason, emphasizing the importance of having assessors who understand their needs.
A key factor in Vita’s success with HITRUST was moving away from generic templates to creating custom policies and procedures. This shift ensured they were well-prepared for assessments and could demonstrate compliance throughout the year.
“Once we got our policies and procedures tuned up, we addressed documentation so we could prove around assessment time that we’ve been doing things all year,” Jason explains.
The pandemic prompted Vita to transition to a cloud-based infrastructure, a move that came with its own set of challenges.
Privaxi played a crucial role in helping them navigate this new environment, ensuring that all configurations and functionalities were documented and optimized for the cloud. This support was essential in maintaining their operational efficiency and security standards.
With the help of SecurityMetrics and Privaxi, Vita found the HITRUST certification process far less disruptive than anticipated.
“We’re now in a cycle of collecting documentation every year, but other than that, it wasn't much of an interruption, which was amazing,” Jason Lombardi shares. This streamlined process has allowed Vita to maintain high security standards without significant operational disruptions.
When asked if they would recommend SecurityMetrics and Privaxi to others, their response is enthusiastic, “I never thought that it could be this seamless. I'm satisfied with our partners Privaxi and SecurityMetrics. It's been great from the beginning to work with responsive companies that take ownership. And that's what I really appreciate, the ownership of the HITRUST process.”
Vita Insurance Associates’ journey to HITRUST certification showcases their commitment to excellence and innovation in service. By partnering with SecurityMetrics and Privaxi, they not only achieved a significant milestone, but did so in a way that reinforced their dedication to exceptional client service.
Their story is a testament to the power of choosing the right partners and the impact of a customer-focused approach in the insurance industry.
Want to learn more about Vita Companies experience? Watch the case study here.
SecurityMetrics secures peace of mind for organizations that handle sensitive data. They have tested over 1 million systems for data security and compliance. Industry standards don't keep up with the threat landscape, which is why they hold their tools, training, and support to a higher, more thorough standard of performance and service.
.svg)
