News

Mediregs Integrates HITRUST Common Security Framework with ComplyTrack to Accelerate Health Care Information Privacy and Security

MediRegs

Sep 2, 2010

MediRegs, a leading provider of compliance and risk management, reimbursement and workflow solutions for the health care industry, announced today that it will incorporate the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) within its ComplyTrack Suite to offer clients a concise means of addressing privacy and security risks. MediRegs is part of Wolters Kluwer Law & Business (wolterskluwerlb.com).

Avoiding the High Cost of Breaches

Health Info Security

Aug 26, 2010

A total estimated price tag of nearly $1 billion for dealing with the aftermath of major breaches reported to federal authorities so far should motivate healthcare organizations to take aggressive steps to improve security, one analyst advises.

Deloitte Becomes a HITRUST Common Security Framework (CSF) Assessor; Active in CSF Assurance Program

Jul 29, 2010

NEW YORK, July 29 /PRNewswire/ -- As the dramatic rise in breaches, theft of patient health data and increasingly complex regulatory environment continues to put health care organizations and their business relationships under intense pressure and scrutiny regarding security and privacy, Deloitte, a global leader in risk consulting and security advisory services, today announced it has been designated as a Common Security Framework (CSF) Assessor status from the Health Information Trust Alliance (HITRUST).

Humana Endorses HITRUST Program to Promote Health Care Information Security and Achieve Cost Savings

Jul 27, 2010

LOUISVILLE, Ky.--(BUSINESS WIRE)--Humana Inc. (NYSE: HUM) announced today it will accept the results of assessments conducted under the HITRUST (Health Information Trust Alliance) Common Security Framework (CSF) Assurance program as a means to evaluate and verify its business partners" capabilities for protecting health information. The HITRUST CSF Assurance program provides Humana and its business partners with a common approach for managing security assessments that reduces the time, costs and complexities associated with today"s compliance efforts.

HITRUST CSF Now Most Widely Adopted Security Control Framework

CSF adoption and assessments grow as organizations become

Jul 22, 2010

Frisco, TX – July 22, 2010 – The Health Information Trust Alliance (HITRUST) announced today that more than 50 percent of hospitals and 70 percent of health plans with more than 500,000 members are utilizing the HITRUST Common Security Framework (CSF). In addition, the number of organizations undergoing HITRUST CSF assessments is increasing at the same time that a growing number of healthcare organizations have committed to accepting the assessment results as a means of evaluating their business associates' capabilities for protecting health information. The CSF Assurance program, through which the assessments are conducted, was created in response to the information security challenges and inefficiencies associated with evaluating compliance with various regulations and proprietary third party assessment approaches. The program has also become the most widely-used approach for measuring third party information security assurance in the healthcare industry.

E-health records: Embracing privacy

SC Magazine

Jun 1, 2010

The upside of consumer education is that people are more careful when it comes to their personal, financial and medical data. The downside is that consumers expect entities handling their sensitive data to do so without blemish.

WellPoint First in Industry to Accept HITRUST CSF Assessment Results as Assurance for Health Care Information Security

WellPoint, Inc. Press Release

May 28, 2010

INDIANAPOLIS, May 28, 2010 /PRNewswire via COMTEX/ --WellPoint, Inc. (NYSE: WLP), the nation's largest health insurer by medical membership, announced today it will accept the results of HITRUST Common Security Framework (CSF) assessments as a way to evaluate and verify its business partners' capabilities for protecting health information.

HITRUST and Cloud Security Alliance to Collaborate on Cloud Security Solutions

CSA launches Cloud Controls Matrix Tool, incorporating HITRUST Common Security Framework

Apr 27, 2010

London and Frisco, TX – April 27, 2010 – The Health Information Trust Alliance (HITRUST) and Cloud Security Alliance (CSA) today announced a joint collaboration focused on addressing cloud security initiatives related to improving the state of security and compliance in the healthcare industry. The two organizations will work together on cloud-based healthcare information security issues and with one another's respective communities to develop and promote security best practices.

WellPoint's Chief Information Security Officer Joins HITRUST Executive Council

Roy R. Mellinger to Help Drive HITRUST's Mission to Increase Trust Among the Healthcare Industry

Apr 8, 2010

Frisco, TX – April 8, 2010 – The Health Information Trust Alliance (HITRUST) announced today it has elected Roy R. Mellinger, CISSP-ISSAP, ISSMP, CIM, Vice President of Information Technology Security and Chief Information Security Officer for WellPoint, Inc., to the Executive Council. HITRUST is led by a seasoned management team and governed by the Executive Council, which is comprised of leaders from across the healthcare industry and other HITRUST supporting organizations. WellPoint is the nation's largest health benefits company by membership, with more than 33 million members in its affiliated health plans.

HITECH Act increases HIPAA security requirements

Information Security Magazine

Mar 3, 2010

The health care industry was buzzing with the news: For the first time ever, a hospital was being audited for compliance with HIPAA security requirements. The audit of Piedmont Hospital in Atlanta by the U.S. Department of Health and Human Services' inspector general in 2007 was surprising for hospitals, health insurers and others in an industry accustomed to a lack of enforcement of federal privacy and security requirements.

Highmark Deploys Agiliance GRC Solution To Reduce The Cost of Compliance

Agiliance Inc. Press Release

Feb 25, 2010

San Jose, Calif. February 24, 2010 – Agiliance Inc., the leading independent provider of integrated Governance, Risk and Compliance (GRC) solutions, today announced that Highmark, Inc., a leading health insurer, is deploying the Agiliance RiskVision™ platform to automate the compliance process, reduce audit costs and ensure Highmark meets strict healthcare industry mandates for HITRUST, HIPAA, and DIACAP.

Fortrex Technologies Achieves HITRUST Common Security Framework Assessor Status

Feb 22, 2010

FREDERICK, Md., Feb. 22 /PRNewswire/ -- Fortrex Technologies Inc., a trusted security and risk management advisor to its clients throughout the world, today announced it has achieved Common Security Framework (CSF) Assessor status from the Health Information Trust Alliance (HITRUST). As a CSF Assessor, Fortrex is now approved to perform readiness assessment, remediation and certification work associated with the CSF, the standard for protecting health information that harmonizes the requirements of existing standards and regulations, including federal (HIPAA, HITECH), third-party (PCI, COBIT) and government (NIST, FTC).

Hospital CISOs Offer Security Tips

Healthcare Info Security

Feb 15, 2010

Too many hospitals fail to involve a cross-section of staff in efforts to ensure the security of health information, one security director says. At many hospitals, "The risk management office and the security office don't talk well to each other and that's a big issue to address," says Bryan Cline, Ph.D., director of information security at Catholic Health East, a 34-hospital system based in Newtown Square, Pa.

HITRUST Announces InfoSec Award Winners for 2009

General Dynamics and Kaiser Permanente recognized for outstanding leadership and contributions

Feb 4, 2010

Frisco, TX – February 4, 2010 – The Health Information Trust Alliance (HITRUST) announced today the recipients of the HITRUST InfoSec Awards for 2009. The InfoSec Awards recognize organizations and individuals that have demonstrated outstanding contributions to the advancement of information security in the healthcare industry. The organization honored for its contributions is Kaiser Permanente and the individual recognized is Jason Taule, Director, Corporate Information Security for ViPS, a General Dynamics Information Technology company.

Healthcare Information Security: Getting Beyond Compliance

Healthcare Information Security Podcasts

Feb 3, 2010

For too many healthcare organizations, information security is about regulatory compliance - requirements and checklists. It's time for patients, privacy and true information security to be prioritized, says Cliff Baker, Chief Strategy Officer with the HITRUST Alliance.

HITRUST Common Security Framework Matures with Enhancements for 2010

Updates to industry's most widely-adopted framework reflect new regulations and user experiences

Feb 1, 2010

Frisco, TX – February 1, 2010 – The Health Information Trust Alliance (HITRUST) announced today enhancements to the HITRUST Common Security Framework (CSF), the healthcare industry framework for protecting health information.

Answering the HITECH Act wake-up cal

Health Management Technology E-Newsletter

Jan 26, 2010

If your estimated cost to establish compliance with the Health Insurance Portability and Accountability Act (HIPAA) across a company were $1 million but the penalties for a breach were capped at $50,000, what risk decision would you make? It’s a no-brainer. You could suffer 20 breaches before the cost of compliance would equal the penalties for non-compliance, so from a risk management perspective the risk of non-compliance is minimal.

The Future of Health Care Information Security

Advance for Health Information Executives

Jan 13, 2010

Why do information security at all? It's an interesting question.and one that's simple to answer. We "secure" or protect information that has value. Often-cited examples include national security information, battlefield intelligence and trade secrets. In the health care industry, patients and their families entrust us with their personal information along with their personal health and safety. A violation of this trust can have consequences ranging from personal embarrassment to medical identity theft.

HITRUST CSF offers path through healthcare security maze

SearchSecurityChannel

Dec 7, 2009

Security solution providers can leverage the Health Information Trust Alliance's (HITRUST) Common Security Framework (CSF) to simplify and standardize their healthcare customers' path to HIPAA compliance.

HITRUST Expands Certification Program to Target Inefficiencies, Complexities and Risk in Healthcare Compliance Reporting

Common and cost-efficient approach simplifies assessment and reporting process for healthcare industry

Nov 16, 2009

Frisco, TX – November 16, 2009 – The Health Information Trust Alliance (HITRUST) announced today a program that significantly alters how the healthcare industry assesses security and reports compliance for HIPAA, HITECH, state and other third-party requirements.

HITRUST Central

A Professional subscription provides access to the online, interactive CSF , the CSF Assurance Toolkit, and many other resources developed specifically for healthcare information security professionals.

News Events