HITRUST has announced the expansion of the HITRUST CSF Assessor Council and the creation of a Quality Subcommittee. This development supports HITRUST’s commitment to ensuring the integrity and reliability of the HITRUST CSF Assessment process as adoption and reliance increases across healthcare and other industries for the assessment of security and privacy controls, NIST Cybersecurity Framework attestation and GDPR reporting. You can view the official press release here.

The implications for professional services firms, assessed entities, those who rely on assessment reports and HITRUST are significant. The HITRUST CSF Assurance program continues to set the benchmark for the assessment of security and privacy controls and the NIST Cybersecurity Framework, and continued adoption of the HITRUST CSF hinges on the ability of stakeholders throughout the industry to understand and rely on the quality and integrity of the work supporting a validated assessment.

The HITRUST CSF Assessor Council has proven to be an integral partner to the HITRUST CSF Assurance program, serving as a vehicle to maintain the quality of the assessment and the assurance level while considering the costs to the assessed entity. With the addition of the Quality Subcommittee, HITRUST gives CSF Assessors a more active role.

Now in its second year, the HITRUST CSF Assessor Council has grown to 20 appointees, representing a broad range of experience in information security and privacy. The council provides a forum to ensure that HITRUST CSF Assessors can directly submit input to HITRUST thereby influencing the HITRUST CSF Assurance program to continually ensure and evolve its integrity, effectiveness, and efficiency. The creation of the Quality Subcommittee further upholds the continued focus on maintaining a standard of excellence.

The following individuals, who have been appointed to the 2018 HITRUST CSF Assessor Council, have also been selected to serve on the 2018 Quality Subcommittee:

  • Steve Simmons, Director of Compliance, A-LIGN
  • Andrew Hicks, Managing Principal, Coalfire
  • Allen Foster Bradley, Advisory Senior Manager, Deloitte
  • Nancy Spizzo, Managing Director, Fortrex
  • Todd Bialick, Partner, PwC

The additional 2018 HITRUST CSF Assessor Council appointees are:

  • Blaise Wabo, Managing Consultant, A-LIGN
  • Josh Ayers, Managing Director, BDO
  • Deepak Chaudhry, Director, BDO
  • Mark Ferrari, VP & CISO, BluePrint Healthcare IT
  • Keith Kenna, Manager, Compliance Programs, BluePrint Healthcare IT
  • Abe Dress, Director, Coalfire
  • Erika Del Giudice, Senior Manager, Crowe Horwath
  • Arshad Ahmed, Partner, Crowe Horwath
  • Doug Ochs, President, Fortrex
  • Powell Jones, Senior Manager, Grant Thornton
  • Brad Barrett, Senior Manager, Grant Thornton
  • Jessica Skibbe, VP & Chief Compliance Officer, Kirkpatrick Price
  • Brian Hukriede, Manager IT Security, Optum
  • Dennis Quandt, Director, PwC
  • Gary Nelson, Principal, Schellman & Co.