Partners & Certifications
Partners
ZeOmega partners with organizations representing best-in-class capabilities to enhance our healthcare enterprise management offerings. Some of the companies we have integrated with include:
Certifications
Our platform and suite of care management and population health capabilities comply with the highest industry standards and best practices.
This is ZeOmega’s report on our service organization’s system and the suitability of the design and operating effectiveness of the controls. It reports on controls at a service organization relevant to security, availability and confidentiality. SOC 2® reports are examination engagements performed by a service auditor (CPA) in accordance with AT Section 101, Attest Engagements, of SSAEs (AICPA, Professional Standards) using the predefined criteria in TSP section 100, Trust Services Principles, Criteria, and Illustrations for Security, Availability and Confidentiality. SOC 2 reports specifically address the following key system attributes:
Security – The system is protected against unauthorized access (both physical and logical)
Availability – The system is available for operation and use as committed or agreed
Confidentiality – Information designated as confidential is protected as committed or agreed
Drummond Group LLC offers comprehensive compliance, security, risk management, surveillance, and education services to healthcare, financial and other regulated industries. As an Authorized Certification Body (ACB) and an Accredited Test Lab (ATL) within the Office of the National Coordinator Health IT Certification Program, Drummond specializes in working with health IT developers to test and/or certify their software for use by healthcare providers in regulatory programs.
The Jiva platform, Jiva private cloud, and information systems infrastructure earned Certified status for information security by HITRUST on May 4, 2021. HITRUST CSF Certified status demonstrates that ZeOmega’s Jiva platform, Jiva private cloud, and information systems infrastructure have met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places ZeOmega in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.
Jiva Achieves HEDIS MY2023 Allowable Adjustment Certification
ZeOmega has received certification for its healthcare enterprise management platform, Jiva, for NCQA HEDIS Allowable Adjustments Certified MeasuresSM MY2023. NCQA’s HEDIS Allowable Adjustments (AA) Measure Certification is precise, automated testing that verifies compliance with the Rules for Allowable Adjustments of HEDIS. ZeOmega selected 41 measures that reflect the broad range of coverage provided by Jiva for identification and management of population healthcare issues across the continuum including health and wellness indicators for preventive health and screenings, age- and condition-related measures such as Care for Older Adults, Controlling High Blood Pressure, and Childhood Immunization Status as well as multiple behavioral health measures. Using Jiva’s Care Reminders permits our clients to proactively monitor performance and provide needed interventions to enhance effectiveness and quality of care for their members.
Jiva became a prevalidated solution in 2018 when NCQA’s PHM Prevalidation program began and its PHM Prevalidated status continues, uninterrupted, through 2024.
With this Prevalidation, our clients benefit from reduced burden for Health Plan Accreditation (HPA) as well as Population Health Program (PHP), Managed Behavioral Health Organization (MBHO), or Case Management (CM) accreditation elements designated as eligible for automatic credit or plan support. Because Jiva has been rigorously tested and proven to ease administrative workload, organizations invested in our solutions will regain precious time to focus on patient-centric care and the improvement of overall health outcomes.
The Trusted Network Accreditation Program (TNAP) was developed to directly align with the development of the 21st Century Cures Act required Trusted Exchange Framework and Common Agreement (TEFCA), providing third-party review with accreditation for Trusted Exchange participants, rights management, and compliance with TEFCA regulatory requirements. DirectTrust, in partnership with HITRUST, seeks to promote interoperability by assuring the security and privacy of trusted networks and the use of enabling technologies in the healthcare ecosystem.
The Sequoia Project—an independent advocate for the implementation of a secure, interoperable, nationwide health information exchange (HIE)—has validated Jiva HIE Connect 6.0.2 for use with the eHealth Exchange.
The Sequoia Project developed the eHealth Exchange Product Testing Program to provide a high degree of assurance that participating systems conform to eHealth Exchange Performance Specifications and can interoperate with other systems without error or further customization.
Having successfully passed the eHealth Exchange Product Testing Program’s rigorous conformance test, Jiva HIE Connect can now exchange data with the largest HIE in the United States.
ZeOmega has achieved full Trusted Dynamic Registration & Authentication Accreditation Program (TDRAAP) – Comprehensive accreditation from the Electronic Healthcare Network Accreditation Commission (EHNAC). Developed in collaboration with UDAP.org, TDRAAP-Comprehensive supports interoperability requirements within the Office of the National Coordinator’s (ONC’s) Cures Act Final Rule and related CMS Interoperability and Patient Access Final Rule.
TDRAAP-Comprehensive combines the extensive privacy and security requirements and in-depth validation of traditional EHNAC accreditation programs, with UDAP technical framework certification. It is designed for a diverse cross-section of organizations and systems choosing to demonstrate full HIPAA/HITECH Privacy Security compliance and supporting all relevant UDAP workflows including those for privileged client app or provider access such as in bulk data, broadcast, or targeted cross-organizational queries.