TECH LOCK Incorporated announced RevSpring has raised the security certifications and compliance “bar” by adding the HITRUST Common Security Framework (CSF) to their TECH LOCK® Certified holistic audit. The HITRUST CSF is a certifiable framework of security controls that scales according to the type, size, and complexity of the organization and its systems specifically devoted to the protection of Protected Healthcare Information (PHI).

HIPAA was signed into law in 1996 and includes administrative, technical, and physical safeguards, but allow for considerations of costs, complexity and size of organization to determine when and how to implement security controls — which leads to ambiguous direction for providers. Furthermore, HIPAA is not updated regularly and has not changed to keep up with new technologies like virtualization, cloud services, mobile access; or emerging threats such as evolving malware, third-party plugin exploits, and Advanced Persistent Threats (APT).

The HITRUST Common Security Framework (CSF) is similar to the TECH LOCK® Certified Program in that it incorporates the security controls and requirements from multiple standards applicable in the healthcare industry. HITRUST harmonizes these requirements into a single set of controls and provides references back to the sources for compliance purposes. The authoritative sources incorporated and referenced in the CSF include: HIPAA, HITECH, Payment Card Industry Data Security Standards (PCI DSS), Control Objectives for Information and Related Technology (COBIT), National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), the Federal Trade Commission (FTC), and many others. The resulting framework is no more burdensome than the requirements healthcare organizations, collection agencies, and business associates are already subject to. Instead, the CSF streamlines the risk and compliance process by providing a comprehensive, prescriptive and scalable framework to protect sensitive healthcare information.

“RevSpring is committed to maintaining the highest levels of data security and compliance,” said Tim Schriner, RevSpring’s president and chief executive officer. “To achieve that, RevSpring partners with TECH LOCK, the premier data security and compliance company in the ARM Industry. The TECH LOCK® Certified program fits well with our business model to reduce risk for our clients across the various industries we serve and ensure we are providing secure services. Adding the HITRUST Certification to our list of regulatory compliance further demonstrates our compliance leadership and desire to provide our clients with that assurance.”

“Recently Symantec was quoted stating Anti-Virus software is no longer effective and catches just 45% of cyber attacks,” said Todd Langusch, industry expert and TECH LOCK’s founder. “In addition, Ponemon Institute has published Aftermath of a Data Breach which noted insiders and third parties are most often the cause of a data breach. As we have seen on the news all too often lately, organizations have to rethink their information security program and learn to evaluate risk on a continual basis. RevSpring, a service provider leader, is once again setting the bar higher by adding HITRUST to their TECH LOCK® Certified Assessment. Given RevSpring’s strong commitment to compliance and data security we expect a smooth audit and look forward to announcing their certification.”

About RevSpring

RevSpring is the leading provider of consumer receivables communication and payment technology. Its core service offerings include data hygiene and analytics, secure document creation and delivery, multi-channel communications, electronic billing and archival services and online payment tools, all while ensuring compliance with regulatory guidelines.

RevSpring holds the industry’s most exacting security certifications including TECH LOCK® Certified and PCI DSS with independent third party validation of HIPAA/HITECH, SSAE 16 and SOC 2, Type II and maintains rigorous legislative and regulatory compliance programs. It serves a large and diverse customer base across the receivables management, healthcare, financial services, home services and other end-markets.

RevSpring was formed by the merger of DANTOM Systems, PSC Info Group, Data Image and BestBill.


TECH LOCK, Inc. is a DBA International Approved Auditing Firm, Payment Card Industry Qualified Security Assessor (PCI QSA), Approved Scanning Vendor (PCI ASV), and HITRUST CSF Assessor specializing in holistic information security, compliance, and information technology solutions. TECH LOCK’s CEO is an ACA International Certified Instructor and former CIO of one of the largest debt buyers. TECH LOCK is the only auditing services company in the ARM Industry with these credentials and thus makes TECH LOCK uniquely skilled in serving ARM companies of all sizes as it relates to data security, regulatory compliance, and IT infrastructure needs. TECH LOCK is a Service Disabled Veteran Owned Small Business (SDVOSB). For more information, visit

Emerge CF

5 steps to collecting more payments online

Compliance Audit Services

IWS Video