News

HITRUST Threat Catalogue Advances Healthcare Industry Cyber Risk Management, Improves Effectiveness of Organizational Risk Analyses

HITRUST has announced the creation of a Threat Catalogue that will aid healthcare organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF risk factors and controls. The HITRUST Threat Catalogue will provide greater visibility into areas representing the greatest risk exposure and enhance the underlying risk analyses used to…

HITRUST Business Associate Council Receives 2017 CSO50 Award for IDG’s CSO

HITRUST is pleased to announce that the HITRUST Business Associate Council has been named an honoree of a 2017 CSO50 Award from IDG’s CSO. This prestigious honor is bestowed upon a select group of organizations that have demonstrated that their security initiatives have created outstanding business value and thought leadership for their companies. You can…

HITRUST and EHNAC Announce Migration of HIPAA Security/Privacy Modules within EHNAC Accreditations to HITRUST’s CSF Framework

HITRUST and the Electronic Healthcare Network Accreditation Commission (EHNAC) have announced that the two organizations have committed to streamline their accreditation and certification programs for industry stakeholders. After mapping respective programs, EHNAC found a high percentage of overlap between HIPAA-related privacy and security criteria with that of the HITRUST CSF, with only minor differences in…

CTX Transition Announcement

We are pleased to announce some very exciting changes to the HITRUST CTX program. This program has been a big success, and we continue to add new functionality and features to simplify collaboration, tracking and monitoring of threats, along with multiple new technology integrations that will allow organizations to operationalize cyber threat intelligence into their…

HITRUST Appoints CSF Assessor Council Members

HITRUST is pleased to announce the selections for our HITRUST CSF Assessor Council. The CSF Assessor Council, comprised of ten HITRUST CSF Assessors and one HITRUST executive, represents a wide variety of organizations supporting the healthcare and public health sector and hold varying positions with diverse expertise. The Council was created to ensure that HITRUST…

HITRUST Becomes First Healthcare Information Sharing Organization Connected to DHS Automated Indicator Sharing Program

The Health Information Trust Alliance (HITRUST) has become the first healthcare information sharing organization connected and sharing cyber threat indicators with the Department of Homeland Security’s (DHS) Automated Indicator Sharing (AIS) Program. View the press release here. The HITRUST Cyber Threat XChange (CTX), the health industry’s Information Sharing and Analysis Organization (ISAO), is now fully…

The HITRUST MyCSF Experience Just Got Better

HITRUST is continuously improving MyCSF to better serve user needs. As such, our recent enhancements to the MyCSF provide a more intuitive user experience including improved options for multi-factor authentication and enhanced user administration. Additionally, there are several new features available: Controls now indicate if they are required for certification.  This will be visible for…

Healthcare Cyber Shift White Paper Now Available

Every industry that possesses information assets of value faces escalating engagement with cyber criminals and other adversaries. Healthcare organizations possess some of the most valuable information of all and, consequently, are prime targets. In fact, 90% of U.S. healthcare organizations had a cyber breach in 2014.1 Healthcare organizations must make peace with the fact that…

HITRUST Appoints Kaiser Permanente’s George DeCesare to Board of Directors

HITRUST welcomes the appointment of George DeCesare, JD, Senior Vice President and Chief Technology Risk Officer of Kaiser Permanente Information Technology to the HITRUST Board of Directors. Mr. DeCesare is responsible for leading Cyber Security, Technology Governance, Risk and Compliance, and Identity and Access Management at Kaiser Permanente. He also maintains the security and integrity…

CyberAid Program Aims to Help Smaller Healthcare Organizations Manage Cyber Risk

HITRUST like many others has recognized that smaller organizations are struggling with the selection, acquisition, implementation, operation, and training associated with information security tools and processes necessary to demonstrate compliance and manage cyber risk. To address this challenge, HITRUST established CyberAid, an innovative approach designed to help smaller healthcare organizations—specifically physician practices with less than…