Providers, Payors, PBMs, etc.

Healthcare organizations benefit from the HITRUST CSF – a scalable, prescriptive and certifiable framework specific to healthcare organizations. The MyCSF tool provides organizations of all types and sizes with a secure, web-based solution for accessing the CSF, performing assessments and managing compliance. HITRUST Academy educates individuals about information protection in the healthcare industry and utilization of the CSF to manage risk. The HITRUST Cyber Threat Intelligence and Incident Coordination Center provides cyber threat warning and intelligence services by informing them of general and sector-specific threats impacting the industry.

Texas Covered Entity Privacy and Security Certification

The Texas Health Services Authority (THSA) and HITRUST have partnered to develop and manage this program in accordance with Texas House Bill (HB) 300 passed in 2011. HITRUST has developed resources and tools to aid organization in understanding the requirements and preparing for and undergoing an assessment.

Read More

Vendors

Business associates can streamline the compliance process and reduce costs with a standardized approach to performing assessments and reporting security controls by utilizing the MyCSF tool to perform a CSF assessment and report once against a multiple sets of requirements and to multiple entities. HITRUST Academy provides individuals with the knowledge and skills to utilize the CSF and perform assessments as well as general knowledge and skills for protecting health information.

Get started on an assessment

You can begin reporting your information security posture to multiple healthcare industry partners using a standardized and user-friendly set of tools and methodologies in 5 easy steps.

Learn More

Consulting

Organizations can partner with HITRUST to provide trained resources to healthcare organizations of varying size and complexity to assess compliance with security control requirements, develop corrective action plans that align with the CSF, and provide remediation for organizations looking to be fully compliant with the myriad of authoritative sources incorporated into the HITRUST CSF. These organizations are called CSF Assessors and have met certain criteria as well as completed courses to become Certified CSF Practitioners.

Read more about becoming an assessor.

HITRUST Academy

HITRUST Academy offers the only training courses designed to educate healthcare security professionals about information protection in the healthcare industry and the utilization of the HITRUST Common Security Framework (CSF) to manage risk.

Read More

Children’s Medical Center Named first Hospital to Receive Texas Covered Entity Privacy and Security Certification

At the HITRUST 2014 conference today in Grapevine, Texas, Children’s Medical Center Dallas announced it is the first and currently the only hospital in Texas to receive the Texas Covered Entity Privacy and Security Certification by the Texas Health Services Authority (THSA) and the Health Information Trust Alliance (HITRUST). By achieving this certification, Children’s is…

Read More

Cyber Attack Exercise Reveals Information Sharing Struggles in Healthcare Industry

Healthcare organizations are still struggling with information sharing both internally and externally, participants in an industry-wide cyber-security exercise said. The Health Information Trust Alliance (HITRUST) teamed up with the U.S. Department of Health and Human Service (HHS) in the CyberRX initiative to determine just how prepared organizations were to handle cyber-incidents. The first exercise was…

Read More

Results of First Cyber-Attack Simulation Point to Need for Collaboration

Healthcare organizations would benefit from greater preparedness and collaboration to handle unexpected cyber attacks. This was among several findings reported by HITRUST, the Department of Health and Human Services (HHS) and other officials working on CyberRx, a series of industry-wide exercises used to evaluate the response and threat preparedness of healthcare organizations against attacks and…

Read More

Go To News Archive

CyberRX Summer Exercise

HITRUST will lead an industry-wide effort to conduct exercises to simulate cyber attacks on healthcare organizations, named CyberRX. The results will be used to evaluate the industry’s response and threat preparedness against attacks and attempts to disrupt U.S. healthcare industry operations. These exercises will be conducted in partnership with the U.S. Department of Health and…

Read More

HITRUST 2014

HITRUST 2014 is the only event dedicated to exploring all aspects of healthcare information protection and utilization of the HITRUST Common Security Framework (CSF) and CSF Assurance Program. With the goal of enabling attendees to more effectively meet compliance requirements and improve information protection, HITRUST 2014 will expose attendees to collaborative discussions of industry trends and market dynamics…

Read More

HITRUST 2014

April 22 – 24, 2014 Gaylord Texan Resort, Grapevine, Texas Mark your calendar now to attend the third annual conference for privacy, security and compliance professionals in the healthcare industry. Overview HITRUST 2014 is the only event dedicated to exploring all aspects of healthcare information protection and utilization of the HITRUST Common Security Framework (CSF)…

Read More

Go To Events Archive