• "com.cts.aem.core.models.NavigationItem@70f6158" Careers
  • "com.cts.aem.core.models.NavigationItem@26f33d7c" News
  • "com.cts.aem.core.models.NavigationItem@1aeddf3c" Events
  • "com.cts.aem.core.models.NavigationItem@755f7f39" Investors
Case study
Healthcare case study

Signature Performance’s ClaimsXM gains FedRAMP® authorization for its Facets-based cloud offering

Healthcare administrative services provider works with Cognizant to achieve compliance with the strict federal cloud computing security standard for ClaimsXM, its flagship offering.

At a glance

Industry
Healthcare

Location
United States

Products and services
Facets core administration system

Challenge

Achieve stringent federal security authorization for cloud-hosted managed claims processing service 

Success Highlights

  • Compliance with NIST SP 800-53 Revision 5
  • Earned FedRAMP authorization
  • Introduced new processing capabilities for specialized claims
  • Exceeded federal security standards

The challenge

Our client , offers ClaimsXM, a scalable, next-generation-managed service built on the Cognizant’s TriZetto® Facets® core platform. Signature was required to release ClaimsXM as a hosted platform in the secure government cloud to support a federal government contract and expand into other US federal, state and local agencies. To accomplish that goal, Signature first needed to obtain an interim Authority to Operate authorization for ClaimsXM while working towards Federal Risk and Authorization Management Program (FedRAMP®) authorization.

FedRAMP is a federal initiative that assesses, authorizes and monitors cloud service providers to protect sensitive federal data. The authorization includes more than 300 policies and procedures. Obtaining FedRAMP authorization requires organizations to comply with National Institute of Standards and Technology Security and Privacy Controls for Information Systems and Organizations (NIST SP 800-53 Rev. 5). 

Our approach

Signature Performance saw obtaining the FedRAMP authorization, which was required for a new government contract, as an opportunity to improve overall security. Enhancing security would strengthen Signature’s position in the public health sector, enhance its reputation in the industry and demonstrate its continued commitment to securing sensitive data.

The company’s journey to FedRAMP authorization began with a thorough study of NIST SP 800-53 Rev. 5 and its requirements, followed by a comprehensive gap analysis to identify areas needing improvement. This analysis guided Signature in developing a detailed implementation plan, ensuring that every control was addressed systematically. 

Signature and Cognizant teams worked together to identify and modify aspects of the Facets platform necessary to comply with NIST SP 800-53 Rev. 5. Our teams also collaborated on Signature’s journey to expanding medical claims processing to pharmacy and foreign claims. Together, we conducted an initial needs assessment to identify the appropriate extensions and configurations in Facets that would best support the required functionality. The teams leveraged native Facets functionality alongside custom code to develop a process that met their government contract requirements and allowed for future scalability in terms of client, process or product diversification.

Two people collaborate in a modern server room with multiple monitors

ClaimsXM's unique provider creation process involves multiple layers of data validation and matching to ensure accurate claims processing. The inclusion of foreign claims enabled Signature to meet their government sponsor’s specific needs for external data matching while streamlining the handling of exceptions or deviations in provider data presentation. A new specialty claim type had to be introduced to meet stringent requirements for provider creation based on custom matching to external data sources. This advancement allowed Signature to transition from manual input by development resources for edge cases to automatic or semi-automatic adjudication of complex claims. 

Signature also implemented new data cleansing rules for provider data, addressing a significant cause of claim lifecycle fallout. By laying the groundwork for error codification and handling for providers, Signature has set the stage for expanding this data validation to other claim types.

“Achieving FedRAMP® authorization for ClaimsXM, our flagship product built on the TriZetto® Facets® core application, marks a significant milestone for Signature Performance. This not only underscores our commitment to stringent security standards but also enhances our ability to serve our clients with confidence and reliability. We look forward to continuing to deliver exceptional value to our clients and partners.” 

—Karen Hudgins, Executive Advisor, Signature Performance

Business outcomes

Partnering with their US federal government sponsor, Signature developed a comprehensive System Security Plan (SSP) that detailed security measures, architectural safeguards and risk mitigation strategies. Engaging a third-party assessment organization (3PAO) for independent validation was a pivotal step toward the FedRAMP authorization. 

The implementation of these solutions led to the achievement of FedRAMP authorization. This authorization proved that the VFMP claims processing system exceeded stringent federal security standards, including the NIST SP 800-53 Rev. 5 framework, ensuring robust protection of sensitive veterans’ information. 

A group of four professionals in an office, intently discussing a complex digital diagram on a large screen.

The FedRAMP authorization streamlines the procurement process for Signature’s federal clients. Agencies can now leverage ClaimsXM’s secure environment to efficiently adjudicate and pay healthcare claims, including pharmacy and foreign claims, knowing that their data is protected by industry-leading security measures.

Through meticulous planning and collaboration, Signature Performance and Cognizant successfully navigated the challenges of achieving FedRAMP authorization while expanding ClaimsXM’s capabilities, positioning the company as a trusted and secure partner for claims adjudication and payment. Today, ClaimsXM is equipped with robust monitoring mechanisms to detect and respond to potential security incidents in real time, ensuring the highest level of data protection for our nation's service members.

About our client

Signature Performance is a leading provider of healthcare administrative solutions and services. Since its founding in 2004, its solutions and services have been utilized by many of the country's most respected providers, payers and healthcare IT organizations. Signature's vision is to bend the curve of rising healthcare administrative costs and burdens. Signature Performance is privately held and based in Omaha, Nebraska. For more information, visit www.signatureperformance.com

Related case studies

  • /content/cognizant-dot-com/us/en/case-studies
  • cognizant:industries/healthcare