HITRUST 2017: Sessions for Small Medical Practices
<< All Blogs

Date: April 18, 2017

For small medical practices without appropriate resources (time, knowledge, staff), the idea of implementing cybersecurity can be overwhelming. At the same time, it’s imperative that a doctor’s office be in compliance with government regulations while taking appropriate measures to avoid cyber attacks that may disclose patients’ protected health information, cause system downtime resulting in added expenses or otherwise compromise the safety of the practice.

To address this need, HITRUST developed CyberAid, a program that provides small medical practices (75 or fewer staff) with the technology and services required for worry-free cybersecurity protection. Launched in August 2016, the program is a success so far: 40% of the healthcare practices assessed had active malware or spyware on their IT systems – all discovered by CyberAid and immediately remediated.

HITRUST partnered with Trend Micro for the technology, so the CyberAid program includes hardware, software, installation assistance, 24/7 monitoring, training and support, ensuring that smaller healthcare organizations receive effective cyber protection against viruses, malware, phishing attacks, ransomware, and other threats.

In addition to the protection capabilities found in CyberAid, and in direct response to feedback from some of these smaller healthcare organizations looking for a viable means to meet regulatory demands while protecting their business against cyber threats, HITRUST collaborated with the physician community and small businesses to develop and pilot a new program called CSFBASICs (CSF Basic Assurance and Simple Institution Cybersecurity). The CSFBASICs program provides lower-risk organizations with a simplified set of requirements and a streamlined assessment approach that is easier to understand and implement. The program also offers third parties—including regulators—appropriate assurances and transparency into their information privacy and security programs.

At this year’s HITRUST 2017 conference, attendees will have the opportunity to learn more about CyberAid and CSFBASICs – getting a view into how these programs work, how to get started with each, best practices to make them wildly successful, as well as the future roadmap.

These discussions, presentations and more are available in a variety of breakout sessions designed specifically for small medical practices who want to understand how to achieve a technologically secure environment and remain in full compliance with regulations.


  • 360 Degree Assurance: Emerging Business Drivers for Provider Certification
  • Third Party Risk: Achieving Assurance, Coverage & Agreement
  • Malware: What Do You Do When Prevention Fails?


  • SOC 2 + HITRUST: Understanding the Benefits
  • Third Party Assurance – Business Associates & Vendor Roles
  • Starting Your Startup’s HITRUST Certification Initiative
  • HITRUST Cyber Aid Security Program


  • Common HITRUST Certification Pain Points | Lessons Learned & Effectively Addressing Issues Before You Start
  • CSF Roadmap for 2018 and Beyond

If small- and medium-sized business sessions don’t line up with what you’re looking for, perhaps a look at our recent “Sessions for Compliance” post will help. Certainly, the quick What to Expect post will provide an overview that should prove helpful. Regardless of the sessions selected, attendees will have a number of opportunities to take a break for a little networking and socializing with your fellow attendees.

Get all the details, including date, time and all of the speaker information, directly from the Conference Agenda page. If you’re ready to reserve your seat at some of these sessions, you can register for the event now.

We look forward to seeing you there!

<< All Blogs

Chat Now

This is where you can start a live chat with a member of our team