AI innovations are here to stay. The evolving power and capabilities of AI require an understanding of AI-related risks and AI risk management. Getting ahead of these risks is no longer optional for security and technology leaders.
AI is still in its nascent stage and now is the time to act. The pace of change makes fighting AI-related cyber risks challenging. Risk management professionals, cyber security leaders, and regulators are racing to understand, avoid, and manage potential risks while simultaneously working to keep up with the breakneck pace of innovation. It is more than any one organization can reasonably do alone.
Organizations in the private industry must work together to understand and protect against potential AI-related threats. And public and private sector collaboration is essential to manage AI-related risks, especially in high-stakes industries like healthcare and utilities.
HITRUST’s contribution to AI risk management
In October 2023, HITRUST launched its AI Assurance Program focused on supporting organizations seeking security assurances for AI applications and systems. HITRUST has a long-standing experience in assurance, control frameworks, and shared responsibilities. It is using its expertise to drive efficient solutions for AI risk management and security. HITRUST seeks to establish relevant and practical cybersecurity practices to maximize the benefits of AI while minimizing its risks.
Success will require collaboration across the industry. HITRUST is working with experts and industry leaders as participation and support from all sides is non-negotiable for successful outcomes.
Partner organizations
HITRUST’s AI strategy document mentions that leaders from Microsoft and Databricks have already joined HITRUST in this quest.
“Databricks is excited to be working with HITRUST to build on this important foundation and to significantly reduce the complexity of risk management and security for AI implementations across all industries,” said Omar Khawaja, Field CISO at Databricks.
John Doyle, Global Chief Technology Officer, Healthcare and Life Sciences at Microsoft, said, “At Microsoft, we are committed to a practice of responsible AI by design, guided by a core set of principles: fairness, reliability and safety, privacy and security, inclusiveness, transparency, and accountability.”
Microsoft is practicing these principles in developing and deploying AI across the organization. It positions AI risk management and assurance as key tools to enable the successful operationalization of responsible AI.
Microsoft Azure OpenAI Service supports the maintenance of the HITRUST CSF. It quickly maps new regulations, standards, and data protection laws to the CSF. Microsoft also encourages global healthcare compliance, enabling providers to streamline compliance for quick and timely solution adoption.
HITRUST AI Assurance
The HITRUST AI Assurance Program is a step toward making AI risk management efficient. With initiatives like the AI Assurance Report and AI shared responsibilities, HITRUST is helping to boost trust within the AI systems. HITRUST seeks to invite more industry leaders to join its expedition against AI threats. To learn more about the varied HITRUST AI initiatives, download the strategy document.