Skip to content Skip to navigation

HITRUST Updates Security Framework, Adds Web-Based Tool

December 19, 2012
by Gabriel Perna
| Reprints

According to the Frisco,Texas-based Health Information Trust Alliance (HITRUST), its latest updates to the HITRUST Common Security Framework (CSF), will allow healthcare organization to more easily perform and manage CSF assessments, through a newly-created web-based tool and other upgrades. HITRUST, a collaboration of various healthcare, security, and risk management leaders, has created the CSF for healthcare organizations to “manage their information protection programs.”

The web-based tool, called MyCSF, integrates the CSF with other sources on data security protection and. It also has a customizable view, where healthcare organizations can see various views of the CSF based on multiple factors. HITRUST says this will allow organizations to capture unique risk information for its environment.  

“HITRUST offers comprehensiveness, scalability and simplicity within a single framework - built for healthcare - that is now supported by a full-featured and user-friendly tool that streamlines the CSF assessment and compliance process,” Daniel Nutkis, chief executive officer, HITRUST.

 According to HITRUST, the web-based tool also allows users to create dashboards and reports, based on the information they find, with a drag-and-drop application. The tool also can help organizations compare themselves to others at a “macro-level and a more granular level.”

In addition, the latest version of the CSF will have updates related to Stage 2 meaningful use requirements, and incorporate new standards and regulations, including “NIST SP 800-53 revision 4, Texas House Bill 300, the CORE security requirements, and a mapping to relevant COBIT 5 controls.” HISTRUST also says there have been updates to the CSF in regards to mobile, cloud, encryption, and third-party assurance.

Topics

News

Report: Cyber Attackers Using Simple Tactics, Tools to Target Healthcare, Other Industries

The number of reported breach incidents in healthcare grew by 22 percent in 2016 from 269 breach incidents in 2015 to 328 last year, according to Symantec’s 2017 Internet Security Threat Report (ISTR).

The Sequoia Project Touts Interoperability Growth in Fifth Year

The Sequoia Project is celebrating its fifth anniversary this month by announcing that its various interoperability initiatives have grown by health organization participants, by geographic reach, and by the sheer number of health records exchanged electronically.

Report: HHS to Open Healthcare Cybersecurity Center

HHS will be opening a Cybersecurity and Communications Integration Center in which healthcare organizations and consumers can get educated about the risks of using mobile apps and data.

Survey: Two-Thirds of Healthcare Employees Share Confidential Data On Occasion

Seventy-two percent of employee say they would share sensitive, confidential or regulated company information under certain circumstances and 68 percent of healthcare employees report that they share confidential or regulated data on occasion, according to the Dell End-User Security Survey.

KLAS Report Examines Adoption of Sepsis Solutions and Impact on Outcomes

Sepsis detection and treatment is taking a big step forward as providers increasingly utilize surveillance and monitoring technology available through electronic medical records (EMR) vendors and third-party providers, according to a new report by KLAS Research.

Partners HealthCare, Persistent Systems Collaborate on Digital Platform for Clinical Care

Boston-based Partners HealthCare has announced a strategic collaboration with Persistent Systems to develop a new industry-wide open-source platform with the goal of bringing digital transformation to clinical care.