News

HITRUST Update Regarding WannaCry Attack on Healthcare Sector

HITRUST has been following the events surrounding the global WannaCry ransomware attack since it was first reported by the UK Healthcare sector. HITRUST’s Cyber Lab, in partnership with Trend Micro Labs and in cooperation with DHS, law enforcement and our members, is gathering information on the incident and have been providing guidance by regularly updating…

Michael Parisi Joins HITRUST as Vice President, Assurance Strategy & Community Development

HITRUST is extremely pleased to announce the appointment of Michael Parisi as Vice President of Assurance Strategy and Community Development for HITRUST. Michael is a seasoned information security and privacy industry professional and joins us from PricewaterhouseCoopers where he served as a Risk Assurance Senior Director. He also served as a lead healthcare industry expert,…

HITRUST Assessment Exchange to Modernize Vendor Risk Management Process

HITRUST has announced the creation of an assessment exchange to automate and streamline the process customers engage in when requesting and receiving third-party security and privacy risk assessment information from their vendors. View the official press release here. The HITRUST Assessment Exchange replaces the inefficient, time-consuming and labor-intensive approaches often found by customers who seek…

HITRUST’s CSF Assess Once, Report Many Approach: Provides the Foundation for NIST Cybersecurity Framework Implementation, Reporting and Certification

What’s your organization’s priority when it comes to managing cybersecurity risk and demonstrating compliance? For many healthcare CISOs, the most urgent need is focusing on managing cyber threats and improving their own cyber resilience while also communicating the effectiveness of their information security program to various audiences—processes for which are significantly aided by the HITRUST…

HITRUST CEO Testifies Before Homeland Security Committee

On March 9, 2017, Daniel Nutkis, CEO of HITRUST, testified before the Subcommittee on Cybersecurity and Infrastructure Protection of the Homeland Security Committee. The purpose of the hearing entitled: “The Current State of DHS Private Sector Engagement for Cybersecurity” was to hear from private sector stakeholders on the value and effectiveness of current engagement with…

HITRUST Announces HITRUST CSF Roadmap Including a New Simplified Program for Small Healthcare Organizations and NIST Cybersecurity Framework Certification

HITRUST announced its 2017 roadmap for key enhancements to the HITRUST CSF as well as a new CSF initiative targeting smaller healthcare organizations to support their information risk management programs and improve their cyber resilience. HITRUST will also be expanding the controls required for HITRUST CSF Certification, from 66 to no more than 75, to…

HITRUST Threat Catalogue Advances Healthcare Industry Cyber Risk Management, Improves Effectiveness of Organizational Risk Analyses

HITRUST has announced the creation of a Threat Catalogue that will aid healthcare organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF risk factors and controls. The HITRUST Threat Catalogue will provide greater visibility into areas representing the greatest risk exposure and enhance the underlying risk analyses used to…

HITRUST Business Associate Council Receives 2017 CSO50 Award for IDG’s CSO

HITRUST is pleased to announce that the HITRUST Business Associate Council has been named an honoree of a 2017 CSO50 Award from IDG’s CSO. This prestigious honor is bestowed upon a select group of organizations that have demonstrated that their security initiatives have created outstanding business value and thought leadership for their companies. You can…

HITRUST and EHNAC Announce Migration of HIPAA Security/Privacy Modules within EHNAC Accreditations to HITRUST’s CSF Framework

HITRUST and the Electronic Healthcare Network Accreditation Commission (EHNAC) have announced that the two organizations have committed to streamline their accreditation and certification programs for industry stakeholders. After mapping respective programs, EHNAC found a high percentage of overlap between HIPAA-related privacy and security criteria with that of the HITRUST CSF, with only minor differences in…

CTX Transition Announcement

We are pleased to announce some very exciting changes to the HITRUST CTX program. This program has been a big success, and we continue to add new functionality and features to simplify collaboration, tracking and monitoring of threats, along with multiple new technology integrations that will allow organizations to operationalize cyber threat intelligence into their…

x

Chat Now

This is where you can start a live chat with a member of our team