Representatives from Express Scripts and IMS Health Join HITRUST Executive Council
<< All Press Releases

Date: October 8, 2009

Broad representation of industry and business organizations serve healthcare industry well in advancing the state of health information protection

Oct 8, 2009

Frisco, TX – October 8, 2009 – The Health Information Trust Alliance (HITRUST) announced today it has elected two new members to the HITRUST Executive Council. Kimberly Gray, Chief Privacy Officer, Americas Region, IMS Health, and Mark Kinnunen, Information Security Officer, Express Scripts have been appointed to the Executive Council for two-year terms. HITRUST is led by a seasoned management team and governed by the Executive Council, which is comprised of leaders from across the healthcare industry and other HITRUST supporting organizations.

As HITRUST moves its focus from development of the Common Security Framework (CSF) to widespread adoption, the ongoing involvement from organizations such as Express Scripts and IMS Health furthers its goal to aid healthcare organizations in securing health information and meeting legal, policy and compliance requirements. The CSF, now publically available at no charge, is an information security framework that harmonizes the requirements of existing standards and regulations, including federal (HIPAA, HITECH), third party (PCI, COBIT) and government (NIST, FTC). The broad representation and collaboration of organizations on the Executive Council strengthens HITRUST’s ability to offer the CSF as a key component in meeting federal and state regulations with regards to health information exchanges.

“Kimberly and Mark, as well as their respective organizations, have demonstrated tremendous commitment in advancing the healthcare industry and protecting health information while reducing the burden of an organization’s compliance efforts,” said Daniel Nutkis, Chief Executive Officer, HITRUST. “We are honored to have them join the Executive Council and work with us to collaborate and lead the industry forward in safeguarding health information in an efficient and cost-effective manner.”

As IMS Health’s Chief Privacy Officer for the Americas Region and its affiliates, Kimberly Gray is responsible for the development, oversight and promotion of IMS’s comprehensive privacy, data protection and data management program, which includes policy development, communications and strategic direction. “My involvement with HITRUST and the other organizations on the Executive Council exposes me, and in turn IMS, to leading-edge, strategic resources and guidance for managing the requirements of health information protection,” said Gray. “I believe that IMS’ commitment to data protection will serve HITRUST and its membership well as we work together to provide healthcare organizations with the tools necessary to comply with HIPAA and the HITECH Act, supporting health information exchanges, and addressing third-party risk.”

As the Information Security Officer for Express Scripts Inc., Mark Kinnunen has responsibility for the strategic direction of enterprise information security efforts including HIPAA security, security policy management and awareness, commercial and government risk assessments, compliance monitoring, and incident detection/response. “Personal health information is the foundation of our business and as such the safeguarding of this data is critical to the trust we strive to build with our customers,” said Kinnunen. “Our involvement with HITRUST allows us to share our own best practices and leverage those of HITRUST, the Executive Council member organizations, and other HITRUST members. The collaboration and knowledge sharing that is fostered through these associations is a win-win for the healthcare industry and the public.”

In addition to the new representatives from IMS Health and Express Scripts, the Executive Council includes leaders from BlueCross BlueShield of Tennessee, Cisco, CVS Caremark, Highmark, Hospital Corporation of America, Humana, Kaiser Permanente, McKesson, Philips Healthcare and UnitedHealth Group as well as HITRUST CEO Daniel Nutkis.

The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit


All product and company names herein may be trademarks of their respective owners.

Chat Now

This is where you can start a live chat with a member of our team