The Asia Advisory Council (the Council) will help ensure the HITRUST Approach remains current and relevant to the needs of the HITRUST community in Asia-Pacific countries. Members will advise and make recommendations to HITRUST based on their area of expertise.

The Council will support HITRUST in facilitating continuous improvement of information security and individual privacy as HITRUST expands within Asia by providing thought leadership on the emerging laws, policies, and trends impacting regional risk management and compliance.

Key Focus Areas(s)

The key focus area of the Council will be to work directly with HITRUST to facilitate continuous improvement of our programs, services, and initiatives to ensure the HITRUST Approach sets the bar for organizations seeking the most comprehensive yet tailorable privacy and security risk management and compliance framework available in the region.


The Council shall consist of no less than four (4) and no more than twelve (12) organizations from industry, government and/or academia, none of whom may work for HITRUST.


The Council Members are requested to participate in all established meetings; review and comment on materials, as needed, prior to each meeting; and, from time-to-time, as needed, address specific issues pertaining to the work of the Council. Members are expected to have extensive experience in security, privacy and/or risk domains, and an understanding of security and privacy controls relevant to Asia.

Meeting Schedule

The Council will meet remotely, via teleconference, at least three (3) times a year. The Council will also hold in-person meetings at least once annually.

If you have any questions, or need further information, email groups@HITRUSTAlliance.net.