Skip to content Skip to navigation

HITRUST Updates Security Framework, Adds Web-Based Tool

December 19, 2012
by Gabriel Perna
| Reprints

According to the Frisco,Texas-based Health Information Trust Alliance (HITRUST), its latest updates to the HITRUST Common Security Framework (CSF), will allow healthcare organization to more easily perform and manage CSF assessments, through a newly-created web-based tool and other upgrades. HITRUST, a collaboration of various healthcare, security, and risk management leaders, has created the CSF for healthcare organizations to “manage their information protection programs.”

The web-based tool, called MyCSF, integrates the CSF with other sources on data security protection and. It also has a customizable view, where healthcare organizations can see various views of the CSF based on multiple factors. HITRUST says this will allow organizations to capture unique risk information for its environment.  

“HITRUST offers comprehensiveness, scalability and simplicity within a single framework - built for healthcare - that is now supported by a full-featured and user-friendly tool that streamlines the CSF assessment and compliance process,” Daniel Nutkis, chief executive officer, HITRUST.

 According to HITRUST, the web-based tool also allows users to create dashboards and reports, based on the information they find, with a drag-and-drop application. The tool also can help organizations compare themselves to others at a “macro-level and a more granular level.”

In addition, the latest version of the CSF will have updates related to Stage 2 meaningful use requirements, and incorporate new standards and regulations, including “NIST SP 800-53 revision 4, Texas House Bill 300, the CORE security requirements, and a mapping to relevant COBIT 5 controls.” HISTRUST also says there have been updates to the CSF in regards to mobile, cloud, encryption, and third-party assurance.

Health IT Summit Series - Focus: CYBER-SECURITY

Get the latest information on Cyber-Security, and attend other valuable sessions at this two-day, intimate event bringing together C-level, physician, practice management and IT decision makers for strategy discussions, knowledge exchange, and one-on-one meetings.

Beverly Hills, November 3-4   |   Atlanta, December 2-3   |   Houston, December 8-9


Lahey Hospital and Medical Center Fined $850K for Potential HIPAA Security Violations

November 25, 2015
Burlington, Mass.-based Lahey Hospital and Medical Center this week agreed to pay $850,000 to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules stemming from a 2011 security breach.

Genomic Medicine Clinic in Alabama Opens its Doors

November 25, 2015
Last week, a genomic medicine clinic opened in Huntsville, Ala. with the aim of utilizing the power of the genomic sequence to identify the causes of illness in children and adults with undiagnosed disease.

DoD, VA Say Interoperability Requirements Have Been Met

November 24, 2015
The Department of Defense (DoD) says that it has met the interoperability requirements for electronic health records (EHRs) as called for in the National Defense Authorization Act (NDAA) of 2014.

Senate Committee Advances Rural Health Care Connectivity Act

November 24, 2015
The U.S. Senate Committee on Commerce, Science and Transportation last week passed a bipartisan bill that would enable rural nursing facilities to tap into funding from the government’s Universal Service Fund for telecommunications and broadband services.

Black Book Research: IT Outsourcing Poised for Growth in Healthcare Payer Sector

November 23, 2015
A new Black Book Research report estimates the demands of data security, population health and value-based benefits solutions—and revenue cycle modernization—will drive the payer IT outsourcing market in excess of $60 billion by the end of 2017.

EHRA, HIMSS Comment on CMS Value-Based Payment Models

November 23, 2015
The Electronic Health Record Association (EHRA) and the Health Information and Management Systems Society (HIMSS) last week weighed in on the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) and voiced concerns about new data reporting requirements and new certification criteria for alternative payment models.

CMS Online Drug Mapping Tool Details Opioid Prescribing Patterns

November 20, 2015
The Centers for Medicare & Medicaid Services (CMS) recently unveiled an interactive online mapping tool which shows geographic comparisons at the state, county and ZIP code levels of de-identified Medicare Part D opioid prescription claims data.

Physician Optimization Project Proves Successful at Emory Healthcare

November 20, 2015
Physicians at the Atlanta, Ga.-based Emory Healthcare removed up to one-third of clicks from their ambulatory workflow and, on average, are spending 36 percent less time finishing charts from home as a result of its physician optimization project.

USDA Awards $23.4M in Grants for Rural Telemedicine Projects

November 20, 2015
In conjunction with National Rural Health Day yesterday, Agriculture Secretary Tom Vilsack announced that the United States Department of Agriculture (USDA) is investing $23.4 million in distance learning and telemedicine projects in rural areas.

Geisinger Health System Launches Patient Refund App

November 20, 2015
Geisinger Health System unveiled last week its ProvenExperience pilot program, which will offer refunds to dissatisfied patients.

Health IT Now Coalition Supports Veterans Telemedicine Bill

November 20, 2015
The Health IT Now Coalition, an organization comprised of healthcare providers, payers, patient groups and employers, wrote an endorsement letter of the Veterans E-Health and Telemedicine Support Act to the bill's cosponsors Senators Joni Ernst and Mazie Hirono.

KLAS: Providers Turn to Outside Firms for Value-Based Care Transitions

November 20, 2015
While some providers may have the ability to make the transition to value-based care (VBC) on their own, the vast majority of them are turning to firms who provide VBC consulting services and VBC managed services, according to a new survey from Orem, Utah-based KLAS Research.

Can Digital Health Tools Help People with Mental Illness Manage Chronic Conditions?

November 19, 2015
Dartmouth Centers for Health and Aging has partnered with Boston-based digital health startup Wellframe to examine the use of mobile technology to help older adults with serious mental illness, such as schizophrenia, self-manage chronic medical conditions.

NIH Announces Funding Opportunities for Precision Medicine Initiative

November 19, 2015
This week the National Institutes of Health (NIH) announced the first set of funding opportunities for the precision medicine initiative, a project unveiled by President Obama back in February that will enroll 1 million volunteers in the next three to four years.

Apixio Launches Cognitive Computing Platform That Extracts and Analyzes Patient Data

November 19, 2015
Apixio Inc., a San Mateo, Calif.-based data science company, announced the launch of its Iris cognitive computing platform designed to bring advanced data insights into healthcare by extracting and analyzing patient data from electronic medical records (EMRs).