Risk Advisory Services Blog

HITRUST Security

HITRUST Certification Offers Healthcare Organizations Sizeable Benefits

In an increasingly technology driven world, information security has become an essential business process in today’s healthcare industry. Healthcare providers rely more and more on emerging technologies to create, access, store and transmit sensitive data. This reliance on technology, as well as publicized, large-scale healthcare data breaches, has led to more healthcare organizations becoming aware of increasing cybersecurity risks.

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a build upon of HIPAA information security guidelines and requirements, has become the information protection framework for the healthcare industry. The HITRUST CSF is a collaboration of healthcare, technology, and information security leaders charged with creating a certifiable framework that provides organizations with a comprehensive, flexible and efficient approach to regulatory compliance and risk management.

In the past, the standard for information security in the healthcare industry was the Health Insurance Portability and Accountability Act (HIPAA). Instituted in 1996, the primary goal of HIPAA is to make it easier for people to keep their health insurance, to protect sensitive healthcare information, and to reduce healthcare administrative costs. HIPAA standards require healthcare providers to ensure the confidentiality, integrity and availability of any data they create, access, store or transmit, and also provide reasonable protection of this sensitive data. Oftentimes however, HIPAA guidelines are too vague and allow too much latitude in their interpretation. As a result, healthcare providers that adhere to HIPAA requirements are often unsure of what constitutes “reasonable and appropriate” protections. At times, providers may introduce security policies that are unnecessary, or even at times, inadequate.

Related: Skoda Minotti Achieves HITRUST CSF Assessor Designation for Healthcare Organizations

HITRUST helps organizations by laying out a comprehensive and efficient framework for managing security requirements described in HIPAA. HITRUST should be looked at as an important, industry-managed approach to meeting HIPAA security requirements.

Many healthcare providers, including Anthem, Health Care Services Corp., Highmark, Humana and UnitedHealth Group, are requiring business associates to demonstrate compliance with the HITRUST CSF. Providers are requiring their business associates to obtain HITRUST CSF certification as a means of demonstrating effective security and privacy practices aligned with the requirements of the healthcare industry.

Skoda Minotti is an approved HITRUST CSF assessor and can help covered entities and business associates with HITRUST readiness assessments, including CSF self-assessments, implementation and consulting, and validated reports with certification. To learn more about Skoda Minotti’s HITRUST services and readiness assessment, please contact Chris Shaffer today—call 440-449-6800 or email Chris.

HIPAA / HITECH Compliance Ebook



This entry was posted in Mailchimp RSS, Risk Advisory Services and tagged , , , , , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Comments are closed, but you can leave a trackback: Trackback URL.
© Copyright 2016 Skoda Minotti | Privacy Policy | Disclaimer | Remote Support
Cleveland 440-449-6800 | Akron 330-668-1100 | Tampa 813-288-8826
Website designed and developed by Skoda Minotti Strategic Marketing