Skip to content Skip to navigation

HITRUST Updates Security Framework, Adds Web-Based Tool

December 19, 2012
by Gabriel Perna
| Reprints

According to the Frisco,Texas-based Health Information Trust Alliance (HITRUST), its latest updates to the HITRUST Common Security Framework (CSF), will allow healthcare organization to more easily perform and manage CSF assessments, through a newly-created web-based tool and other upgrades. HITRUST, a collaboration of various healthcare, security, and risk management leaders, has created the CSF for healthcare organizations to “manage their information protection programs.”

The web-based tool, called MyCSF, integrates the CSF with other sources on data security protection and. It also has a customizable view, where healthcare organizations can see various views of the CSF based on multiple factors. HITRUST says this will allow organizations to capture unique risk information for its environment.  

“HITRUST offers comprehensiveness, scalability and simplicity within a single framework - built for healthcare - that is now supported by a full-featured and user-friendly tool that streamlines the CSF assessment and compliance process,” Daniel Nutkis, chief executive officer, HITRUST.

 According to HITRUST, the web-based tool also allows users to create dashboards and reports, based on the information they find, with a drag-and-drop application. The tool also can help organizations compare themselves to others at a “macro-level and a more granular level.”

In addition, the latest version of the CSF will have updates related to Stage 2 meaningful use requirements, and incorporate new standards and regulations, including “NIST SP 800-53 revision 4, Texas House Bill 300, the CORE security requirements, and a mapping to relevant COBIT 5 controls.” HISTRUST also says there have been updates to the CSF in regards to mobile, cloud, encryption, and third-party assurance.

Topics

News

Healthcare Data Breaches: A Year in Review

The latest year-in-review Breach Barometer report from Protenus paints a stark picture—2016 average at least one health data breach per day, affecting more than 27 million patient records.

Healthcare Industry Could Save $9.4B with Full Adoption of Electronic Transactions

The healthcare industry continues to make modest progress toward full adoption of electronic business transactions, but significant gaps remain, representing an opportunity for $9.4 billion in savings, according to new data from the 2016 CAQH Index.

ONC Announces Phase 2 Winners of Consumer, Provider App Challenges

ONC today announced the Phase 2 winners for the Consumer Health Data Aggregator Challenge and the Provider User Experience Challenge.

Health Affairs: ACOs with High Numbers of Minority Patients Struggle in Quality

Accountable care organizations (ACOs) that have a high proportion of minority patients were associated with low scores on about three-fourths of Medicare quality performance measures, according to new research published in Health Affairs.

Trump Taps David Shulkin, an Obama Appointee, for VA Secretary

President-elect Donald Trump announced yesterday that David Shulkin, M.D.—an Obama administration appointee and current VA undersecretary—will lead the Department of Veterans Affairs.

NIST Publishes Draft Update to Cybersecurity Framework

The National Institute of Standards and Technology (NIST) has published proposed updates to the Framework for Improving Critical Infrastructure Cybersecurity—also known as the Cybersecurity Framework.