Insightin Health Achieves NIST SP 800-171 Compliance to Enhance Service for Tricare Members

November 7, 2023
Sandra Omielanczuk

Baltimore, Maryland – In a groundbreaking move for the healthcare industry, Insightin Health, a leading healthcare technology company, proudly announces that its population analytics and engagement platform, inGAGE™ built on Microsoft Azure, is the first of its kind program built to be compliant with NIST SP 800-171 for controlled unclassified information (CUI).

This achievement fortifies Insightin Health's ability to provide enhanced services to health plans that offer coverage to Tricare military members, ensuring their data and care are handled with the utmost security and precision.

Recognizing the urgent needs of customers serving active and retired military families, Insightin Health swiftly pursued this advanced compliance program. With foresight into the continued push for a secured Defense Industrial Base, the company incorporated concepts from the upcoming Cybersecurity Maturity Model Certification program, allowing for accelerated adoption and certification upon finalization of the program.

Erin Rathbone, Senior Vice President of Product and Operations, who is responsible for compliance and privacy at Insightin Health, emphasizes, "Rapidly responding to customer needs is the cornerstone of our culture. Achieving this advanced level of security standards and practices empowers us to assist our clients in providing exceptional service and engagement to their Tricare members."

In collaboration with RISCPoint, Insightin Health combined their existing HITRUST program and secure-by-design methodology with RISCPoint expertise in building a harmonized Enterprise Control Framework. The implementation was executed with remarkable efficiency, achieving the compliance program in under 90 days.

Jake Nix, Founder and CEO of RISCPoint, underscores the unique partnership by stating, "Insightin Health is that rare combination you want to find in a partner. They are pioneers in innovative healthcare solutions, all while upholding an unwavering commitment to protecting users and data through cybersecurity.”

Now in compliance with NIST SP 800-171 program protocols, Insightin Health's population health platform offers health plans a secure, HIPAA-compliant method to analyze data and provide proactive, tailored interventions for Tricare members.

The Insightin Health solution boasts advanced analytics and AI capabilities that unearth actionable insights from complex data. Customizable member surveys and workflows propel member engagement, while integrated reporting ensures the tracking of KPIs and results.

This compliant program represents another stride in Insightin Health's dedication to safeguarding sensitive data through defense-grade security, stringent access controls, and adherence to compliance best practices.

About Insightin Health:

Insightin Health helps healthcare payers eliminate data silos and deliver highly satisfying consumer-centric experiences. inGAGE™ – its software as a service (SaaS) platform – is the industry-leading solution for quickly creating a connected data ecosystem. Using artificial intelligence and machine learning techniques, inGAGE™ leverages the totality of the connected data, in real-time, to produce insights that drive Next Best Action (NBA) recommendations to solve pressing healthcare challenges. inGAGE™ allows healthcare payers to deliver lifetime member value, driving growth and increasing overall plan profitability, all with HITRUST r2 validated and NIST SP 800-171 compliant security. For more information, visit

About RISCPoint:

RISCPoint is proud to offer a comprehensive suite of business focused cybersecurity and compliance services. Our services are custom tailored to your environment and objectives. We have extensive expertise in the areas shown below, and while each engagement is customized to your objective, our methodology covers Program Readiness Assessments, Program Implementation, Remediation, Optimization, Audit Defense, and On-Going Support.

Enterprise Compliance

  • SOC 2
  • ISO 27001, 27017, 27018
  • HIPAA (NIST 800-66)
  • HIPAA Business Associate Governance
  • Privacy (CCPA/CPRA, GDPR, ISO 27701, etc.)
  • WCAG 2.1, VPAT, and ADA

Public Sector

  • FedRAMP
  • StateRAMP
  • CMMC
  • ITAR
  • NIST 800-171
  • NIST 800-172
  • NIST 800-53

Cybersecurity Defense

  • Red Teaming
  • Penetration Testing
  • Ransomware Assessments
  • Vulnerability Assessments
  • Incident Response Program
  • Application Security
  • Security Engineering

Risk Management

  • Risk Assessments
  • Vendor Management
  • Virtual Compliance Team
  • Virtual Executive Team (CISO, ISSO, CIO, CTO)
  • Plan Simulations (Business Continuity, Disaster Recovery, Incident Response)

About RISCPoint Advisory Group

RISCPoint Advisory Group is an industry leader in providing custom-tailored security and compliance services. Founded with the vision to seamlessly integrate with teams, while utilizing only high-performing professionals with deep technical and operational expertise, RISCPoint has successfully served companies ranging from Fortune 10 to pre-Series A startups. To learn more, visit or call (888) 320-1327.


Stay Informed, Stay Secure

Subscribe to our newsletter and get the latest cybersecurity insights, updates, and event invitations delivered straight to your inbox. Join our community and empower your security journey with RISCPoint's expert knowledge.

Thank you! We'll keep you up to date!
Oops! Something went wrong while submitting the form.

Join our newsletter for updates. Terms.