Frisco, TX, April 2, 2019 – HITRUST Assessment XChange™, a wholly-owned subsidiary of HITRUST, today introduced updates to its XChange Manager platform providing organizations with a more streamlined, secure and automated method to request, track, and receive comprehensive security and privacy assessment information in addition to continuous monitoring of their vendors.
To be more in line with how organizations are leveraging the HITRUST Assessment XChange for their vendors with personally identifiable information (PII), protected health information (PHI) or other sensitive information, a new pricing plan allows an unlimited number of vendors to be assigned to the exchange for a fixed annual fee.
The upgraded version of the XChange Manager, now includes an enhanced API for greater integration with vendor risk management (VRM), and governance, risk & compliance (GRC) platforms, more customizable reporting, and improved workflows between customer, vendor and HITRUST Assessment XChange onboarding specialists to allow for continuous monitoring of third parties.
The XChange Manager builds upon HITRUST’s market-leading Assessment XChange and streamlines a third party’s ability to “Assess Once, Report Many” with multiple customers through a centralized, secure, digital platform and eliminating the inefficient processes of fulfilling proprietary customer assessment requests.
“Determining the effectiveness of a third-party’s information security controls and regulatory compliance is an ongoing concern for any organization that leverages outside vendors and business partners,” says Kevin Charest, divisional SVP and chief information security officer at Health Care Service Corporation. “The HITRUST Assessment XChange eliminates the administrative burden in requesting, obtaining and maintaining assessment information and has become an integral part of our third-party risk management program.”
The XChange Manager is a component of the HITRUST Assessment XChange which automates and streamlines the process customers engage when requesting and receiving third-party security and privacy risk assessment information. The HITRUST Assessment XChange replaces the time-consuming and labor-intensive approaches in use by customers who seek and maintain risk management information from their business partners, associates and vendors. The XChange Manager can also be tailored to an organization’s specific contractual and regulatory requirements.
“By reducing the workload and needless duplication, organizations and third parties are realizing increased compliance, reduced costs and greater efficiency,” says Michael Parisi, vice president of Assurance Strategy and Community Development. “The XChange platform provides organizations insightful analysis and monitoring of their third party’s assessment and information risk posture.”