August 07, 2012 | Palo Alto, California: MetricStream, the market leader in enterprise-wide Governance, Risk, and Compliance (GRC) solutions, today announced that a leading health insurer has selected MetricStream to implement an integrated GRC solution which will align with the unified GRC strategy of the company and enable proactive management of its regulatory compliance, risk management, and  IT governance  goals.

The Patient Protection and Affordable Care Act (PPACA) has changed the way health plan providers conduct their business. Already highly regulated by state and federal guidelines, payers will now have their entire book of business regulated by the federal government. Mitigating risks of non-compliance with evolving regulations is a top priority in the industry today, and is driving the adoption of GRC solutions.

The health insurer is among several other regional health insurance providers that have partnered with MetricStream to effectively respond to rapidly changing regulatory and market requirements. Headquartered in Michigan, the company provides health benefits to millions of members.

Being cognizant of the importance of an integrated GRC technology framework, the company conducted comprehensive assessments of hand-picked vendors. MetricStream was found to fully meet the company's business requirements, with solutions that are closely aligned to industry standards. Other factors influencing the selection were MetricStream's holistic approach to GRC and its domain expertise in healthcare. Additionally, MetricStream received excellent feedback from the health insurer's industry peers who have successfully leveraged the MetricStream GRC solution to achieve their goals.

MetricStream will enable the health insurer to proactively meet compliance goals, successfully manage changes in industry regulations, and better align its GRC programs with its business strategy.

MetricStream's integrated GRC solution will replace a number of shared drives, stand-alone software applications, internal systems, and manual processes, enabling various departments in the company to adopt an integrated and unified approach to enterprise-wide GRC management.

MetricStream will support the health insurer in automating the complete range of GRC processes. The solution will also help enhance compliance with a multitude of regulatory requirements such as CMS Medicare and Medicaid requirements, OIG mandates,  HIPAA, FDA, PCI, and ISO 27001. Robust incident tracking and reporting capabilities will help the company manage HIPAA Privacy and Security compliance breaches as well as fraud, waste, and abuse.

The solution will enable the company to proactively embed risk management in the enterprise, thereby meeting evolving regulatory and rating agency requirements. It will also help increase risk management effectiveness and efficiency, and offer the flexibility to adopt any of the standard risk management frameworks.

Integration with threat and vulnerability systems such as Qualys, nCircle, and Nessus will enable the company to quickly identify and report vulnerabilities affecting business critical assets, and map security issues to business applications. The company will also be able to aggregate and rollup risk information across the enterprise for proactive mitigation and assured compliance with IT standards and regulations for data governance, security, and privacy.

The alignment of GRC with business strategy will result in improved business performance for the health insurer. This approach will integrate enterprise GRC and IT governance on a common enterprise-wide platform, enabling accurately correlation of IT, security, and business risks.

About MetricStream

MetricStream is the independent market leader in enterprise cloud applications for governance, risk, compliance (GRC), and quality management. MetricStream apps and software solutions improve business performance by strengthening risk management, corporate governance, regulatory compliance, audit management, vendor governance, and quality management for organizations across industries, including banking and financial services, health care, life sciences, energy and utilities, consumer brands, government, technology, and manufacturing. MetricStream is headquartered in Palo Alto, California, with an operations and GRC innovation center in Bengaluru, India, and sales and operations support in 12 other cities globally.(

Press contact

[email protected]

Get a demo Download RFP Template Pricing Contact