
January 30, 2023
Q3 2022 i1 Assessment Update: Control Requirements Analysis
By Brent Zelinski, Standards Senior Manager, HITRUST Q3 2022 Threat-Adaptive Evaluation for the HITRUST Implemented, 1-Year (i1) Validated Assessment Trending Highlights: Data Encrypted for Impact...

June 23, 2022
On the Horizon: Upcoming Cyber Incident Reporting for Critical Infrastructure Act Introduces New Compliance Requirements
By Donna Steward, Director of Government Affairs, HITRUST Complying with the Cyber Incident Reporting for Critical Infrastructure Act — which was passed into law...

June 14, 2022
A Guide to Examining the Return on Investment (ROI) for a HITRUST Certification
By Tom Glaser, Practice Lead and Security Assessor, RSI Security “Why did we ask the IT security auditor to cross the road? … Because...

January 13, 2022
Creating a HITRUST Compliance Culture for IT Security – Part 2: Earning Organizational Buy-in
By Michael Parisi, Vice President of Adoption, HITRUST “Creating a HITRUST Compliance Culture” was a robust breakout session at HITRUST Collaborate 2021 conference. Hosted...

January 6, 2022
Creating a HITRUST Compliance Culture for IT Security – Part 1: Adopting the CSF Framework
By Michael Parisi, Vice President of Adoption, HITRUST Author’s Note: The discussion around creating a successful organizational culture supporting information risk management programs is...

July 9, 2021
HIPAA Compliance, Audits, and the MyCSF Compliance and Reporting Pack for HIPAA
By Leslie Weinstein, Solutions Director, HITRUST With many years of experience in cybersecurity, I can say with confidence that health information security is not...

April 1, 2020
Addressing the Impact of COVID-19 on CSF Assessment Procedures
By Jeremy Huval, Chief Compliance Officer As COVID-19 continues to spread across the globe and affect the way we live and work, countries around...

September 27, 2017
Achieving the Benefits of the NIST Cybersecurity Framework
Comparing the NIST Cybersecurity Framework and HITRUST Common Security Framework The NIST Cybersecurity Framework (NIST CsF) continues to gain traction as a tool for...

November 21, 2017
Why HITRUST?
Written by Sean Murphy, Vice President and Chief Information Security Officer, Premera. Misguided…uninformed…cynical…maybe. Brilliant…accurate…shared by you?…could be! In any case, I thought I’d share...

September 27, 2017
Juggling Act: Effective Security Due Diligence During M&A Periods
Written by Ryan Freeman-Jones, Senior Manager and West Coast Office Lead, Meditology Services Healthcare mergers and acquisitions (M&A) have quickly become one of the...

September 22, 2017
New Self-Paced HITRUST Certified CSF Practitioner Refresher Course Available
HITRUST understands that our practitioners are busy, and to make it easier for them to keep their certification up to date and in good...

July 5, 2017
The HITRUST CSF as a Business Mentality
Written by Glenn D. Stover, CISSP, HCISPP, Beebe Healthcare I have worked in the IT and healthcare field now for several decades — to...