CareFirst BlueCross BlueShield Selects Governance, Risk, and Compliance Software Solution from NSC, Inc, for Enterprise Deployment
Columbia, Maryland, 9 May 2007
NSC, Inc. a leading provider of information security Governance, Risk,
and Compliance (GRC) software today announced that its Common Compliance
Framework (CCF) methodology and software has been chosen for deployment by
CareFirst BlueCross BlueShield (CareFirst), a leading Mid-Atlantic health
insurer headquartered in Owings Mills, Maryland. CareFirst will
utilize the CCF solution to manage its information security compliance with
numerous federal regulations, including the Health Insurance Portability and
Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA).
“NSC’s solution helps bring structure to the complexity of compliance with
multiple regulations and internal requirements. We will use the CCF to
manage our security compliance implementation and monitor ongoing
compliance,” said Don Horn, Director of Information Security for CareFirst.
“This solution fits well with our strategic approach to information
security.”
Timothy Satterfield, CEO of NSC, is excited about the CareFirst
relationship. “We are very pleased that they have chosen
to implement our compliance management solution.”
NSC’s CCF is a business process and methodology for effectively and
efficiently addressing a wide range of compliance needs within organizations
of any size. By focusing on all the factors that affect compliance —
including regulations and best practices as well as internal, strategic
business needs and mitigations against threats — the CCF ensures that
organizations can approach compliance in a holistic manner, addressing every
possible facet of compliance including security, privacy, financial
responsibility, and both technical and operational controls.
The CCF software is used by organizations to build and maintain an overall
information security program that addresses all of the security threats and
regulations to which it is exposed. Through the software, an
organization sets a security target for which it aims to achieve regulatory
compliance and an overall state of information security. It then
details each step that must be taken by the organization to meet that target
and thus achieve compliance. Progress and compliance levels can be
easily tracked through the unique reporting views by senior management
including compliance officials, I.T. executives, and boards of directors,
through the software’s fully-auditable reports.
About NSC
Currently in its sixth year of business, NSC is an established information
security firm committed to assisting its clients with the creation and
maintenance of their Information Security Business Function through the
implementation of its proprietary, patent-pending Common Compliance
Framework (CCF) software. NSC can be contacted via e-mail at
info@nscsecure.com and by phone at
(410) 872-9202. Learn more about NSC at
www.nscsecure.com.
About CareFirst
In its 71st year of service, CareFirst, an independent licensee of the
BlueCross and BlueShield Association, is a not-for-profit health care
company which, through its affiliates and subsidiaries, offers a
comprehensive portfolio of health insurance products and administrative
services to nearly 3.1 million individuals and groups in Northern Virginia,
the District of Columbia and Maryland. Through its CareFirst Commitment
initiative and other public mission activities, CareFirst supports efforts
to increase the accessibility, affordability, safety and quality of health
care throughout its market areas.