News

HITRUST CSF Continues to Improve with 2012 Release

HITRUST Expands Programs and Offerings as Adoption Grows

Jan 12, 2012

Frisco, TX – January 12, 2012 – The Health Information Trust Alliance (HITRUST) has released the HITRUST Common Security Framework (CSF) version 4.0 and updates to the CSF Assurance Program. The 2012 CSF includes changes and new guidance pertaining to the National Institute of Standards and Technology's (NIST) 800-53 revision 3 (SP 800-53 r3) and reflects industry recommendations, loss data trend analysis, and input from HITRUST Health Information Exchange and Mobile Device Working Groups.

Coalfire Recognized as a HITRUST CSF Assessor for Healthcare Organizations

Oct 12, 2011

LOUISVILLE, Colo., Oct. 12, 2011 /PRNewswire/ -- Colorado-based Coalfire, an independent IT Governance, Risk and Compliance firm, today announced it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. With this achievement, Coalfire is now approved to deliver security risk assessments using the CSF, a comprehensive framework that consolidates and normalizes the existing security requirements for healthcare organizations.

BluePrint Healthcare IT Recognized as a HITRUST CSF Assessor

Sep 20, 2011

CRANBURY, NJ, September 20, 2011 - BluePrint Healthcare IT announced today that it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This achievement will allow BluePrint to provide covered entities, health information exchanges and business associates with greater visibility into the security and privacy risks which can lead to breaches of protected health information (PHI). The HITRUST CSF is the most widely adopted security framework in the healthcare industry.

HITRUST to Include Privacy Requirements in Integrated Security and Privacy Framework and Further Align with Government Standards

HITRUST Plans Enhancements to Assessment Methodology and Revises Scope of CSF to Include Additional Authoritative Sources for Year-End Release

Aug 11, 2011

Frisco, TX – August 11, 2011 – The Health Information Trust Alliance (HITRUST) announced today it will include privacy requirements in an integrated security and privacy framework available in December 2012. This transformative enhancement to the existing framework will ensure better alignment between healthcare organizations" security and privacy programs and ensure organizations have an integrated approach for protecting health information. HITRUST also announced updates to the 2012 Common Security Framework (CSF) (version 4.0) due for release at the end of 2011, with enhancements to its assessment methodology that will provide more prescriptive guidance and ensure greater consistency and efficiency of assessments.

Ernst & Young LLP Bolsters Health Providers and Payer Information Security Services Through Gaining HITRUST CSF Assessor Status

Jun 8, 2011

NEW YORK, June 8, 2011 /PRNewswire/ -- Ernst & Young LLP announced today that it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor, a move that will enhance the firm"s ability to provide clients with increased visibility into the presence and effectiveness of information security and privacy controls that protect company data. The HITRUST CSF is the most widely adopted and recognized standard for information security in the health care industry.

HITRUST Addresses Risk Assessment Issues for Small Healthcare Organizations

New service reduces complexities and incomplete reporting experienced with meaningful use risk assessments

May 25, 2011

Frisco, TX – May 25, 2011 – The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.

Amedisys Joins HITRUST Executive Council

Apr 29, 2011

BATON ROUGE, La.--(BUSINESS WIRE)--Amedisys, one of the nation"s leading home health care and hospice companies, announced today that it has been elected to the Health Information Trust Alliance (HITRUST) Executive Council. Information Security Officer Sanjeev Sah will serve a two-year term on the council as the Amedisys representative.

HITRUST Outlines Plans to Support Healthcare Industry in 2011 and Beyond

HITRUST continues to see broad adoption of CSF and CSF Assurance program

Apr 19, 2011

Frisco, TX – April 19, 2011 – Entering its fourth year of operation, the Health Information Trust Alliance (HITRUST) announced its plans to support the healthcare industry in 2011 and beyond with initiatives aimed at maintaining the comprehensiveness and relevance of the Common Security Framework (CSF) and CSF Assurance program. HITRUST has identified a number of key areas, including cloud computing, data protection, health information exchanges (HIEs), mobile devices and authentication management, that it will focus on in 2011, in addition to making necessary updates relating to relevant federal and state regulations and security standards. These updates and enhancements will influence not only the CSF and other HITRUST programs, but also the guidance offered to the industry, government agencies, software developers and hardware manufacturers. HITRUST will also work to ensure the CSF is being adopted by the entire industry with an emphasis on outpatient, long-term, ambulatory and home health provider organizations.

General Dynamics Receives HITRUST Healthcare Certification

Apr 18, 2011

FAIRFAX, Va. – General Dynamics Information Technology today announced its achievement as the first Healthcare Application Service Provider hosting environment to receive Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). The achievement follows a three-week audit of the processes and procedures of General Dynamics" Health Information Technology Solutions sector. HITRUST established the CSF to be used by organizations that create, access, store or exchange personal health and financial information. The CSF is an information security framework that integrates the requirements of existing government and third party standards and regulations. This certified framework provides organizations with the needed structure, detail and clarity relating to information security tailored to the healthcare industry.

BlueCross Adopts HITRUST Common Security Framework

Effort Strengthens Company

Feb 10, 2011

CHATTANOOGA, Tenn. — BlueCross BlueShield of Tennessee announced today that it has adopted the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most comprehensive and widely adopted security framework in the U.S. health care industry, and that it is accepting assessments conducted by its business partners through the HITRUST CSF Assurance program.

News Archive

Visit the News Archive to view all news postings.

HITRUST Central

A Professional subscription provides access to the online, interactive CSF , the CSF Assurance Kit, and many other resources developed specifically for healthcare information security professionals.

News Events