HITRUST is especially proud to congratulate the HITRUST Business Associate Council for being named an honoree of a 2017 CSO50 Award from IDG’s CSO. This prestigious award is bestowed upon a select group of organizations that have demonstrated that their security initiatives have created outstanding business value and thought leadership for their companies.

Responding to concerns within the industry on how best to balance customer or Covered Entities (CE) requirements to comprehensively evaluate the effectiveness of their vendors’ or business associates’ (BA) security controls and programs, leaders from some of the nation’s largest healthcare organizations and the vendor community collaborated to launch the HITRUST Business Associate (BA) Council. The HITRUST Business Associate Council is comprised of 17 founding members from a variety of organizations.

The BA Council listens to each other’s requirements and concerns and seeks an approach mutually acceptable to customers and vendors. This innovative approach can scale up and down as well as across healthcare organizations and vendors regardless of size and maturity, leveraging the HITRUST CSF Assurance Program.

The BA Council’s work provides the leadership needed to drive widespread adoption by thousands of business associate organizations and advance practices for measuring and mitigating cybersecurity risk, gaining operational efficiencies, and raising consumer confidence.

Please join us in recognizing the effort provided by these professionals to help HITRUST advance third-party assurance for the healthcare industry:

  • Tim Belardi, Director, Technology & Supplier Risk Management – Highmark
  • Troy Bos, Director, Third-Party Assurance – Conduent (Xerox Corporation)
  • Brenda Callaway, Executive Director Information Security Compliance & Disaster Recovery – Health Care Services Corp
  • Chris Drake, CEO and Founder – Armor
  • Andrew Frazier, Healthcare Information Security Officer – Cognizant
  • Travis Good, M.D., CEO and Co-founder – Catalyze
  • Richard Haft, Head of Risk, Information Security, and Compliance – Arvato Digital Services
  • Patrick Heim, Head of Trust and Security – Dropbox
  • Debbie Hutchinson, Senior Manager, Audit and Third-Party Assurance – Availity
  • Rebekah Johnson, Compliance Leader – West Corporation
  • Taylor Lehmann, Chief Information Officer – HealthEdge
  • Brenda Magri, Director, Risk and Compliance, ISO – Fiserv
  • Jeff Martin, Senior Manager, Information Security – Anthem
  • Stirling Martin, Chief Security Officer – Epic Systems Corporation
  • Izak Mutlu, Vice President – Information Security – Salesforce
  • Lee Penn, Chief Financial Officer and Chief Compliance Officer – PDHI
  • Scott Pettigrew, Chief Security Officer – HMS
  • Matt Phillips, Director, Enterprise Information Protection – Humana
  • Susan Richards, Strategic Program Manager, Information Security – Change Healthcare
  • Hector Rodriguez, National Director, Health and Life Sciences – Azure (Microsoft)
  • Brian Sheehan, Senior Director, Information Risk Management – United Health Group
  • Peter Tiemeyer, Chief Information Security and Privacy Officer – RR Donnelley

The HITRUST CSF Assurance Program delivers simplified compliance assessment and reporting for HIPAA, HITECH, state, and business associate requirements. Leveraging the HITRUST CSF, the program provides healthcare organizations and their business associates with a common approach to manage security assessments that creates efficiencies and contains costs associated with multiple and varied assurance requirements. The HITRUST CSF Assurance Program includes the risk management oversight and assessment methodology governed by HITRUST and designed for the unique regulatory and business needs of the healthcare industry.

To learn more, contact HITRUST at sales@hitrustaliance.net.