Providers, Payors, PBMs, etc.
Healthcare organizations benefit from the HITRUST CSF – a scalable, prescriptive and certifiable framework specific to healthcare organizations. The MyCSF tool provides organizations of all types and sizes with a secure, web-based solution for accessing the CSF, performing assessments and managing compliance. HITRUST Academy educates individuals about information protection in the healthcare industry and utilization of the CSF to manage risk. The HITRUST Cyber Threat Intelligence and Incident Coordination Center provides cyber threat warning and intelligence services by informing them of general and sector-specific threats impacting the industry.
Texas Covered Entity Privacy and Security Certification
The Texas Health Services Authority (THSA) and HITRUST have partnered to develop and manage this program in accordance with Texas House Bill (HB) 300 passed in 2011. HITRUST has developed resources and tools to aid organization in understanding the requirements and preparing for and undergoing an assessment.
Vendors
Business associates can streamline the compliance process and reduce costs with a standardized approach to performing assessments and reporting security controls by utilizing the MyCSF tool to perform a CSF assessment and report once against a multiple sets of requirements and to multiple entities. HITRUST Academy provides individuals with the knowledge and skills to utilize the CSF and perform assessments as well as general knowledge and skills for protecting health information.
Get started on an assessment
You can begin reporting your information security posture to multiple healthcare industry partners using a standardized and user-friendly set of tools and methodologies in 5 easy steps.
Consulting
Organizations can partner with HITRUST to provide trained resources to healthcare organizations of varying size and complexity to assess compliance with security control requirements, develop corrective action plans that align with the CSF, and provide remediation for organizations looking to be fully compliant with the myriad of authoritative sources incorporated into the HITRUST CSF. These organizations are called CSF Assessors and have met certain criteria as well as completed courses to become Certified CSF Practitioners.
Read more about becoming an assessor.
HITRUST Academy
HITRUST Academy offers the only training courses designed to educate healthcare security professionals about information protection in the healthcare industry and the utilization of the HITRUST CSF to manage risk.
HITRUST CSF Validation: Accelerating Trust in Office 365
Published on: April 6, 2015 By: Dr. Mohamed Ayad | Industry Specialist, U.S. Health and Life Sciences, Microsoft In my role at Microsoft, I evangelize for adoption of Microsoft’s Office 365 cloud platform at healthcare organizations as a way to: modernize communication, collaboration and productivity tools; lower cost and complexity of managing IT; and improve…
Read MoreHITRUST Streamlines and Simplifies Cyber Related Compliance and Risk Assessments
Cyber Risk Assessments in Healthcare Cyberattacks targeting healthcare organizations continue to escalate in frequency and sophistication. Recent cyber breaches and events within the healthcare industry have significantly increased the attention and focus on cyber risk management, and compelled more organizations to understand their current level of cybersecurity preparedness and the level of effort required to…
Read MoreSilect Software and HITRUST Partner with Microsoft to Release New Real-time Compliance Solution
The Health Information Trust Alliance (HITRUST) and Silect Software Inc., a leading provider of management solutions for System Center 2012, announced that they have been chosen by Microsoft to partner to deliver a new real-time compliance monitoring solution that is fully integrated with System Center 2012. The HITRUST Real-Time Compliance (RTC) Pack will be previewed…
Read MoreGo To News Archive
HITRUST to Launch First Comprehensive Study of Targeted Cyber Threats Impacting Healthcare Industry
Lack of Empirical Data to be Addressed by Collecting and Analyzing the Methods, Magnitude and Pervasiveness of Cyber Threats Frisco, TX – April 6, 2015: HITRUST announced today that it is undertaking the first empirical and comprehensive study, called HITRUST Cyber Discovery, to analyze the methods, severity and pervasiveness of cyber threats targeting a variety…
Read MoreHITRUST to Improve Patient Privacy with New Framework for De-Identification of Health Information
De-Id framework to simplify and standardize key process of de-identification of healthcare data Frisco, TX – March 12, 2015: The Health Information Trust Alliance (HITRUST) announced today the new HITRUST De-Identification Framework, developed to improve patient privacy, enhance innovation and streamline the appropriate use of healthcare data. The framework meets the need of healthcare organizations…
Read MoreHITRUST Transforms Model for Effective Cyber Risk Management
Healthcare Organizations Lack Tools for Cyber Situational Awareness and Threat Assessment HITRUST Transforms Model for Effective Cyber Risk Management Frisco, TX – March 4, 2015: The Health Information Trust Alliance (HITRUST) has completed a three-month review of its approach to cyber risk management for the healthcare industry. The effort was focused on understanding the challenges…
Read MoreGo To Archive
HITRUST De-Identification Framework Webinar
The Health Information Trust Alliance (HITRUST) announced the new HITRUST De-Identification Framework, developed to improve patient privacy and enhance innovation and the improved use of healthcare data. The framework meets the need of healthcare organizations for greater guidance and consistency in the de-identification and use of de-identified healthcare data, while simplifying and streamlining the process….
Read MoreJoin NIST and HITRUST in a discussion about Cyber Security Frameworks
Published on: November 12, 2014 On February 12, 2014, NIST issued the Framework for Improving Critical Infrastructure Cybersecurity in response to Executive Order 13636. The Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to help critical infrastructure, including the Healthcare and Public Health Sector, manage cybersecurity risk. To learn…
Read MoreCyberRX 2.0 Playbook and Webinar Now Available
The CyberRX 2.0 Level I Playbook is now available for download, and a webinar has been scheduled to provide insights and expectations for those considering participation and guidance for those wanting to get started. Discussion topics will include program overview, value of participation, what to expect, getting started, how to get help and rules and…
Read MoreView Current Events View Past Events