HITRUST to Offer Assurances for AI Risk Management
<< All Blogs

Date: December 12, 2023

AI is transforming the way we do business. From automating tasks like writing emails to providing in-depth data analysis, AI can make us efficient in many different ways. There are innumerable applications for AI with significant business value.

While unleashing the power of AI, we need to be mindful to create a robust security posture. AI raises many risks, such as automated phishing and deepfakes. Hackers can use AI to accelerate password cracking, create difficult-to-identify malware, and automate the extraction of sensitive data. This makes it more critical for organizations to develop strong AI cybersecurity practices.

HITRUST is leading the way in developing and offering AI assurances that help to drive trust. Recently, it announced the first system to provide control assurances for generative AI and related applications. Soon, HITRUST will launch its AI assurance reports.

HITRUST AI Assurance Reports

HITRUST plans to include AI risk management in its assurance reports beginning in 2024. Organizations working with AI systems can assess their risks and demonstrate their capabilities to key stakeholders. This will also allow them to address AI security and privacy risks through HITRUST’s widely accepted, proven, and reliable approach. They can show their proactiveness in AI cybersecurity with transparent, consistent, accurate, and high-quality HITRUST assurances.

The HITRUST portfolio offers three types of assessments based on an organization’s size, needs, and inherent risks. The HITRUST Essentials 1-year (e1) Validated Assessment helps organizations maintain foundational cybersecurity and prepare for more comprehensive assessments. The HITRUST Implemented 1-year (i1) Validated Assessment allows organizations to demonstrate leading security practices. The HITRUST Risk-based 2-year (r2) Validated Assessment is the most comprehensive assurance for organizations demonstrating expanded practices.

HITRUST will offer AI risk management certifications on these assessments to help organizations show their cyber maturity for AI systems and applications. HITRUST Insight Reports will also be available for organizations to illustrate their coverage and quality of AI risk management efforts to customers, partner organizations, and other key stakeholders. The reports will share insights into how the organization is preparing to safeguard its data against AI risks in support of a trustworthy system.

The HITRUST assurance mechanism is based on multiple authoritative sources, making it transparent and reliable. You may check the source of the controls and interpret the reports easily. HITRUST assurances are widely accepted and apply to organizations of different sizes and industries. They follow an objective approach, making the results accurate and consistent even if you opt for other assessors. The assessments are independently verified, offering integrity within the mechanism.

The proven HITRUST approach makes AI risk management efficient and reliable. It helps you establish trust. To learn more about the HITRUST AI Assurance Program, read the strategy document.

<< All Blogs

Chat Now

This is where you can start a live chat with a member of our team