Healthcare Industry Leaders Collaborate to Streamline Third Party Assessment Process

Third Parties Continue to Pose Significant Risks and Challenges Associated with Safeguarding Health Information

May 8, 2013

Frisco, TX – May 8, 2013 – The Health Information Trust Alliance (HITRUST) is announcing today that leading healthcare organizations will be requiring their business associates to participate in the HITRUST Common Security Framework (CSF) Assurance Program and submit CSF assessment reports as part of their information protection programs.

Kratos Named HITRUST Common Security Framework Assessor

Will Assist Healthcare Organizations to Mitigate Cybersecurity Risk and Comply with HIPAA Omnibus Regulations

Apr 17, 2013

SAN DIEGO, April 17, 2013 -- Kratos Defense & Security Solutions, Inc. (Nasdaq:KTOS), a leading National Security Solutions provider, announced today that its Kratos SecureInfo cybersecurity business group has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. The HITRUST CSF is the healthcare industry’s most widely adopted framework that reconciles and harmonizes the requirements of existing standards and regulations, including healthcare (HIPAA, HITECH), third party (PCI, COBIT) and government (NIST, FTC).

HITRUST Releases New Guidance for Healthcare Organizations to Assess Cybersecurity Preparedness

Rise in Cyber Threats Targeted at the Healthcare Industry Leads to Increased Industry Awareness

Apr 10, 2013

Frisco, TX – April 10, 2013 – In response to heightened awareness and concerns about cyber threats, attacks and incidents, the Health Information Trust Alliance (HITRUST) announced today new guidance for healthcare organizations wanting to assess the state of their cybersecurity preparedness. The guidance identifies an appropriate subset of controls within the HITRUST Common Security Framework (CSF) that are most directly related to detecting and thwarting cyber-related breaches and allows organizations to assess against the cyber-specific controls and receive a snapshot of their cyber capabilities and readiness.

ComplySmart, LLC designated as a Common Security Framework (CSF) Assessor

Mar 26, 2013

Scottsdale, Arizona – March 25th, 2013 Today, ComplySmart, LLC announced that the Health Information Trust Alliance (HITRUST), a leading authority on healthcare information security, has designated the firm as a Common Security Framework (CSF) Assessor.

Healthcare Industry Establishes New Working Group to Support White House Cybersecurity Executive Order

Industry and Government Already Benefiting from Cybersecurity Collaboration

Feb 20, 2013

Frisco, TX – February 20, 2013 –The Health Information Trust Alliance (HITRUST) announced today the establishment of a new working group to support the White House Cybersecurity Executive Order. Issued on February 12 by President Obama following his State of the Union address, the policy warns that “the cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront.”

How to Prevent Healthcare Data Breaches (and What to Do If You're a Victim)

Jan 7, 2013

Personal health information is worth 50 times more to thieves than credit card or Social Security numbers, so it's no surprise that healthcare organizations are prone to data breaches. Preventing them is difficult, and so is mitigating the damage they can cause. Here experts discuss how organizations can avoid breaches and a nonprofit that suffered a breach in 2011 explains how it responded.

Booz Allen Obtains HITRUST CSF Assessor Designation

DESIGNATION BUILDS ON FIRM'S CYBERM3 MODEL

Jan 7, 2013

McLean, Virginia -- Today, Booz Allen Hamilton (NYSE: BAH) announced that the Health Information Trust Alliance (HITRUST), a leading authority on healthcare information security, has designated the firm as a Common Security Framework (CSF) Assessor.

Press Release: HCMS Group Achieves HITRUST CSF Certification and Maintains High Security Standards

Jan 3, 2013

Cheyenne, Wyoming – January 3, 2013 – Human Capital Management Services (HCMS) Group has announced its achievement of Common Security Framework (CSF) Certified status from the Health Information Trust (HITRUST) Alliance. The HITRUST CSF Certified status allows HCMS to uphold its high security standards in maintaining electronic protected health information (ePHI).

HITRUST Announces Updates to 2013 CSF and CSF Assurance Program, and Introduces Major Enhancements to CSF Assessment Tool

Customizable Tool Provides Simpler and More Consistent Approach for Managing CSF Assessments, Tracking Compliance, and Benchmarking

Dec 19, 2012

Frisco, TX – December 19, 2012 –The Health Information Trust Alliance (HITRUST) is announcing continuing updates to the HITRUST Common Security Framework (CSF), the most widely-adopted security framework in the U.S. healthcare industry, to ensure the framework remains relevant and practical for those organizations that rely upon it to manage their information protection programs.

HITRUST and (ISC)²® Partner to Develop Professional Standards for Credentialing in Healthcare Information Security

With Healthcare Breaches on the Rise, New Alliance Will Help Fill Market Demand for Qualified Healthcare Security Pros

Dec 12, 2012

Palm Harbor, Fla., U.S.A., December 12, 2012 – (ISC)²® (“ISC-squared”), the world's largest information security professional body and administrators of the CISSP®, and the Health Information Trust Alliance (HITRUST), a non-profit organization responsible for the development, management, education and awareness relating to health information security and the leading organization aiding the healthcare industry in advancing the state of information protection, announced today they have entered into an agreement to meet the growing demand for qualified security professionals who can protect sensitive healthcare information. This relationship was also established to allow both organizations to connect with key stakeholders in the healthcare market that can contribute to building new IT security certification and education programs for healthcare professionals.

HITRUST's Analysis of U.S. Breach Data Finds Little Progress and Concern for Un-reported Breaches

Significant Areas for Concern Continue to Include Smaller Physician Practices and Industry-wide Struggle with Thefts of Laptops, Desktops and Mobile Media, while Hacking and Malware Remain Suspiciously Low

Dec 5, 2012

FRISCO, Texas--(BUSINESS WIRE)--According to the Health Information Trust Alliance's (HITRUST) analysis of U.S. healthcare data breaches from 2009 to the present, the healthcare industry has made little progress in reducing the number of breaches with troubling statistics seen from the same types of organizations, breaches and locations. The retrospective analysis of breaches affecting 500 or more individuals indicates a slight decline in the total number of breaches during the past three years, but overall the industry's susceptibility to certain types of breaches has been largely unchanged since breach data became available from the U.S. Department of Health and Human Services (HHS) and the new HIPAA and HITECH Act regulations went into effect.

Get Real Health Achieves Gold Standard in Electronic Health Record Privacy & Security

Company’s InstantPHR SaaS offering achieves HITRUST Common Security Framework (CSF) Certified status

Nov 29, 2012

Rockville, Maryland – November 16, 2012 — Patients and providers can rest assured that their data and communications are safe and secure when using Get Real Health's InstantPHR platform. The company's InstantPHR SaaS offering has achieved HITRUST Common Security Framework (CSF) Certified status through the HITRUST CSF Assurance Program — the most widely-used security assessment approach in the U.S. healthcare industry.

Health IT group praises senator's cybersecurity effort

Nov 1, 2012

The Health Information Trust Alliance offered its support for an effort by Sen. Jay Rockefeller (D-W.Va.) to raise awareness of what both call a growing cybersecurity threat. In a three-page letter to Rockefeller, HITrust CEO Daniel Nutkis said the organization "applauds lawmakers' and regulators' attention to this issue and is supportive of anything that protects national critical infrastructure and avoids disruptions or losses that can be caused by cyberattacks."

Health Care Group Puts Focus on Current Cybersecurity Efforts

Oct 30, 2012

The health care industry is joining other businesses in urging Congress and federal officials to consider existing cybersecurity efforts before enacting new measures to better protect American computer networks. Congress is expected to revisit cybersecurity legislation before the end of the year and the White House is considering an executive order on the issue.

HITRUST Letter to Congressional Leader on Cybersecurity

Oct 29, 2012

HITRUST takes seriously its commitment to supporting the healthcare industry in all aspects relating to the advancement of information protection. The recent proliferation of media coverage on escalating cybersecurity threats, and the White House and Congress' indication of a coming executive order has led HITRUST to become more proactive in educating members of Congress on its healthcare-specific experience and knowledge on cyber attacks.

FireHost Dominates in Compliance Again; Cloud Hosting Company Achieves HITRUST CSF Certification

Company again proves commitment to securing electronic personal healthcare information

Oct 17, 2012

Dallas, Texas - October 17, 2012 – FireHost, the leading secure cloud hosting company, today announced that it has successfully achieved Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). In doing so, FireHost has attained certification from what is considered to be the most widely used program for assessing the security posture of business associates and managing third-party compliance. FireHost proactively secured the certification based on its unerring commitment to securing electronic personal health information (ePHI) from malicious cyber-attacks that become more sophisticated every year. FireHost offers HIPAA-ready cloud hosting options for healthcare customers that need to meet the stringent compliance standards required of the industry.

WellTok Achieves HITRUST CSF Certification

Aug 23, 2012

Denver, Colo. – August 23, 2012 – Welltok, Inc., today announced that it has achieved Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). The CSF is the most widely adopted information security framework in the U.S. healthcare industry and the foundation of the HITRUST CSF Assurance Program, the most commonly utilized program for assessing the security posture of business associates and managing third-party compliance.

Health Care IT News HITRUST Launches Cyber Defense Platform for Health Care

The Health Information Trust Alliance has launched a service that enables an exchange of intelligence on cyber threats facing the health care industry.

Jul 26, 2012

The Health Information Trust Alliance (HITRUST), a group of health care business technology and information security leaders, has launched the Cyber Threat Analysis Service (C-TAS) to provide intelligence on computer network threats facing the health care industry.

HITRUST Expands Cybersecurity Center with Launch of First Cyber Threat Analysis Service for the Healthcare Industry

“Community Defense” Model a Major Step Toward Proactively Protecting Electronic Health Data and the Nation's Critical Infrastructure Against Cyber Attacks

Jul 24, 2012

Frisco, TX – July 24, 2012 – The Health Information Trust Alliance (HITRUST) today launched the HITRUST Cyber Threat Analysis Service (C-TAS), a unique collaborative platform for cyber defense specific to the healthcare industry and a new component of the recently announced HITRUST Cybersecurity Incident Response and Coordination Center. HITRUST C-TAS participants represent the full spectrum of the healthcare ecosystem such as health systems, health plans, pharmacy benefit managers (PBMs), pharmacies and pharmaceutical manufacturers, as well as government organizations such as the Department of Health and Human Services (DHHS) and the Department of Veterans Affairs (VA). By combining world-class intelligence analysis capability with broad industry collaboration, a “community defense" model can be achieved.

HITRUST Working Group to Propose Standards for De-Identification of Protected Health Information

Healthcare industry struggles to effectively de-identify data needed to support research and quality of care

Jul 11, 2012

Frisco, TX – July 11, 2012 – The Health Information Trust Alliance (HITRUST) has formed the HITRUST De-Identification Working Group to propose standards for health data de-identification and the appropriate use and handling of de-identified data as defined by the HIPAA Privacy Rule. The working group will also suggest qualifications for the professionals who can certify de-identification methods and de-identified data sets.

Kaiser Permanente Chief Technology Risk Officer Elected to HITRUST Executive Council

Kaiser Permanente’s Jim Doggett is First Risk Officer Elected to HITRUST Executive Council

Jul 9, 2012

FRISCO, Texas - July 9, 2012 - The Health Information Trust Alliance (HITRUST) is pleased to announce that Jim Doggett, chief technology risk officer for Kaiser Permanente, has been elected to the HITRUST Executive Council. HITRUST is led by a management team and governed by the Executive Council, made up of senior leaders from a variety of healthcare organizations.

Marlabs Achieves HITRUST Common Security Framework (CSF) Assessor Status

Jun 28, 2012

PISCATAWAY, N.J., June 28, 2012 /PRNewswire/ -- Marlabs Inc., a leading provider of innovative Information Technology services, announced today that it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. Marlabs is one of only a select few companies nationwide to achieve CSF Assessor status, which allows it to perform assessment and other services related to the CSF, the most widely adopted security framework in the healthcare industry.

Cybersecurity information sharing initiatives on the rise

Jun 6, 2012

When credit card processor Heartland Payment Systems suddenly saw an uptick in fraud coming from outside the United States last year, the company didn't just quietly handle it internally.

Epstein Becker Green Recognized as a HITRUST CSF Assessor to Provide Clients with Security and Privacy Risk Assessment for Protected Health Care Information

May 8, 2012

NEW YORK (May 8, 2012) –Epstein Becker Green has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This will allow the firm to provide health care organizations with privacy and security risk assessments to protect the entities from breaches of protected health information (PHI). The health care industry has accepted the HITRUST CSF as the most widely adopted security framework. Epstein Becker Green is the first law firm to become a CSF Assessor and the designation exemplifies the firm's distinct capability to identify and address risk for health care industry clients.

Healthcare Industry Now Sharing Attack Intelligence

New HITRUST Cybersecurity Incident Response and Coordination Center lets healthcare organizations, U.S. Department of Health and Human Services swap information, forensics from firsthand attack experiences, other threats

Apr 25, 2012

Large healthcare organizations and the U.S. Department of Health and Human Services (HHS) have banded together to share attack and threat intelligence in a new incident response and coordination effort established specifically for their industry.

Healthcare industry group builds cybersecurity threat center

Health Information Trust Alliance wants Cybersecurity Incident Response and Coordination Center to battle cybersecurity problems

Apr 25, 2012

Looking to address growing cybersecurity threats in the healthcare industry the Health Information Trust Alliance today said it has established a centralized Cybersecurity Incident Response and Coordination Center where organizations can report incidents and get help remediating electronic medical security problems.

HITRUST Leads Anti-Hacking Effort

Collaborative Effort Will Share Threat Updates, Best Practices

Apr 25, 2012

The Health Information Trust Alliance is spearheading an effort to create a clearinghouse of information about hacker attacks against healthcare organizations as well as best practices for addressing these threats.

HITRUST Establishes Cybersecurity Incident Response and Coordination Center for the Healthcare Industry

Industry Lacks Awareness, Coordination, Best Practices, and Education to Address Increasing Cybersecurity Threats

Apr 24, 2012

Frisco, TX – April 24, 2012 – In light of growing threats posed by cyber attacks targeted at healthcare organizations, the Health Information Trust Alliance (HITRUST) has established the HITRUST Cybersecurity Incident Response and Coordination Center to provide crucial support for the healthcare industry. This support includes facilitating the early identification of cybersecurity attacks, coordination of response activities, and creation of best practices. In addition, the center will make available cyber threat information to the broader industry.

HITRUST CSF Assurance Program Continues to be the Most Widely Used Security Assessment Approach in the Healthcare Industry

Acceptance and Utilization Driven by Security Risks Posed by Business Associates

Feb 7, 2012

Frisco, TX – February 7, 2012 – The Health Information Trust Alliance (HITRUST) announced today that the HITRUST CSF Assurance Program, based on the HITRUST Common Security Framework (CSF), continues to be the most widely utilized program for assessing the security posture of business associates and managing third-party compliance. The CSF Assurance Program provides multiple benefits to both healthcare organizations and their business associates by offering a common and efficient approach to managing security assessments associated with multiple and varied assurance requirements.

HITRUST CSF Continues to Improve with 2012 Release

HITRUST Expands Programs and Offerings as Adoption Grows

Jan 12, 2012

Frisco, TX – January 12, 2012 – The Health Information Trust Alliance (HITRUST) has released the HITRUST Common Security Framework (CSF) version 4.0 and updates to the CSF Assurance Program. The 2012 CSF includes changes and new guidance pertaining to the National Institute of Standards and Technology's (NIST) 800-53 revision 3 (SP 800-53 r3) and reflects industry recommendations, loss data trend analysis, and input from HITRUST Health Information Exchange and Mobile Device Working Groups.

Coalfire Recognized as a HITRUST CSF Assessor for Healthcare Organizations

Oct 12, 2011

LOUISVILLE, Colo., Oct. 12, 2011 /PRNewswire/ -- Colorado-based Coalfire, an independent IT Governance, Risk and Compliance firm, today announced it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. With this achievement, Coalfire is now approved to deliver security risk assessments using the CSF, a comprehensive framework that consolidates and normalizes the existing security requirements for healthcare organizations.

BluePrint Healthcare IT Recognized as a HITRUST CSF Assessor

Sep 20, 2011

CRANBURY, NJ, September 20, 2011 - BluePrint Healthcare IT announced today that it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This achievement will allow BluePrint to provide covered entities, health information exchanges and business associates with greater visibility into the security and privacy risks which can lead to breaches of protected health information (PHI). The HITRUST CSF is the most widely adopted security framework in the healthcare industry.

HITRUST to Include Privacy Requirements in Integrated Security and Privacy Framework and Further Align with Government Standards

HITRUST Plans Enhancements to Assessment Methodology and Revises Scope of CSF to Include Additional Authoritative Sources for Year-End Release

Aug 11, 2011

Frisco, TX – August 11, 2011 – The Health Information Trust Alliance (HITRUST) announced today it will include privacy requirements in an integrated security and privacy framework available in December 2012. This transformative enhancement to the existing framework will ensure better alignment between healthcare organizations" security and privacy programs and ensure organizations have an integrated approach for protecting health information. HITRUST also announced updates to the 2012 Common Security Framework (CSF) (version 4.0) due for release at the end of 2011, with enhancements to its assessment methodology that will provide more prescriptive guidance and ensure greater consistency and efficiency of assessments.

Ernst & Young LLP Bolsters Health Providers and Payer Information Security Services Through Gaining HITRUST CSF Assessor Status

Jun 8, 2011

NEW YORK, June 8, 2011 /PRNewswire/ -- Ernst & Young LLP announced today that it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor, a move that will enhance the firm"s ability to provide clients with increased visibility into the presence and effectiveness of information security and privacy controls that protect company data. The HITRUST CSF is the most widely adopted and recognized standard for information security in the health care industry.

HITRUST Addresses Risk Assessment Issues for Small Healthcare Organizations

New service reduces complexities and incomplete reporting experienced with meaningful use risk assessments

May 25, 2011

Frisco, TX – May 25, 2011 – The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.

Amedisys Joins HITRUST Executive Council

Apr 29, 2011

BATON ROUGE, La.--(BUSINESS WIRE)--Amedisys, one of the nation"s leading home health care and hospice companies, announced today that it has been elected to the Health Information Trust Alliance (HITRUST) Executive Council. Information Security Officer Sanjeev Sah will serve a two-year term on the council as the Amedisys representative.

HITRUST Outlines Plans to Support Healthcare Industry in 2011 and Beyond

HITRUST continues to see broad adoption of CSF and CSF Assurance program

Apr 19, 2011

Frisco, TX – April 19, 2011 – Entering its fourth year of operation, the Health Information Trust Alliance (HITRUST) announced its plans to support the healthcare industry in 2011 and beyond with initiatives aimed at maintaining the comprehensiveness and relevance of the Common Security Framework (CSF) and CSF Assurance program. HITRUST has identified a number of key areas, including cloud computing, data protection, health information exchanges (HIEs), mobile devices and authentication management, that it will focus on in 2011, in addition to making necessary updates relating to relevant federal and state regulations and security standards. These updates and enhancements will influence not only the CSF and other HITRUST programs, but also the guidance offered to the industry, government agencies, software developers and hardware manufacturers. HITRUST will also work to ensure the CSF is being adopted by the entire industry with an emphasis on outpatient, long-term, ambulatory and home health provider organizations.

General Dynamics Receives HITRUST Healthcare Certification

Apr 18, 2011

FAIRFAX, Va. – General Dynamics Information Technology today announced its achievement as the first Healthcare Application Service Provider hosting environment to receive Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). The achievement follows a three-week audit of the processes and procedures of General Dynamics" Health Information Technology Solutions sector. HITRUST established the CSF to be used by organizations that create, access, store or exchange personal health and financial information. The CSF is an information security framework that integrates the requirements of existing government and third party standards and regulations. This certified framework provides organizations with the needed structure, detail and clarity relating to information security tailored to the healthcare industry.

BlueCross Adopts HITRUST Common Security Framework

Effort Strengthens Company

Feb 10, 2011

CHATTANOOGA, Tenn. — BlueCross BlueShield of Tennessee announced today that it has adopted the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most comprehensive and widely adopted security framework in the U.S. health care industry, and that it is accepting assessments conducted by its business partners through the HITRUST CSF Assurance program.

HITRUST Announces InfoSec Award Winners for 2010

Individuals from Catholic Health East and Health Care Service Corp. recognized for outstanding leadership and contributions to healthcare information protection

Feb 2, 2011

Frisco, TX – February 2, 2011 – The Health Information Trust Alliance (HITRUST) announced today the recipients of the HITRUST InfoSec Awards for 2010. The InfoSec Awards recognize organizations and individuals that have demonstrated outstanding contributions to the advancement of information security in the healthcare industry. The individuals honored for their contributions are Dr. Bryan Cline, Chief Information Security Officer and Director of Information Security for Catholic Health East, and Raymond Biondo, Chief information Security Officer for Health Care Service Corp.

Sword & Shield Recognized as a HITRUST CSF Assessor

Jan 31, 2011

By Lara Bergman

KNOXVILLE, TN – Sword & Shield Enterprise Security, Inc., a Knoxville TN-based IT security company, today announced it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor – one of only a select few companies nationwide to achieve this recognition.

PwC Designated a HITRUST Common Security Framework Assessor

New Survey Finds Nearly Half of Healthcare Organizations Experienced Information Security Breach Last Year

Jan 11, 2011

NEW YORK, Jan. 11, 2011 /PRNewswire/ -- PwC US announced today that the Health Information Trust Alliance (HITRUST) has designated the firm a Common Security Framework (CSF) Assessor, qualified to evaluate and certify security standards of CSF-related services. The designation affirms PwC"s deep experience in privacy, security and identity theft prevention, and helps to meet growing demand from health organizations for assurance that information is safe amid heightened concern over security breaches.

HITRUST Framework Update Described

Provides Guide to Security Compliance

Jan 7, 2011

By Howard Anderson

The Healthcare Information Trust Alliance has unveiled an updated version of its Common Security Framework. The latest enhancements to the framework, which provides a guide to implementing security controls, include updates on compliance with federal regulations as well as recognition of new technologies and security practices, says Chris Hourihan, HITRUST"s manager of development and programs.

As seen in CIO Insight: 10 Legislative Trends to Watch in 2011

Dec 9, 2010

By Samuel Greengard
Getting a handle on potential legal and legislative changes can determine whether an organization ratchets down risk and steers clear of trouble or finds itself in the crosshairs of government and media scrutiny. Making matters worse, the global nature of today’s business environment means that it"s necessary to monitor legal and legislative trends around the world. Many countries—particularly those in Europe—are looking to toughen laws surrounding privacy and security.

HITRUST Common Security Framework Continues to Advance with Updates for 2011

Comprehensiveness and usability of framework drives increasing adoption

Nov 16, 2010

Frisco, TX – November 16, 2010 – The Health Information Trust Alliance (HITRUST) announced today it will release updates on December 16, 2010, to the HITRUST Common Security Framework (CSF), the most comprehensive and widely-adopted security framework in the U.S. healthcare industry. The updates incorporate additional and revised security requirements as well as recognition of new technologies and security practices.

Mediregs Integrates HITRUST Common Security Framework with ComplyTrack to Accelerate Health Care Information Privacy and Security

MediRegs

Sep 2, 2010

MediRegs, a leading provider of compliance and risk management, reimbursement and workflow solutions for the health care industry, announced today that it will incorporate the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) within its ComplyTrack Suite to offer clients a concise means of addressing privacy and security risks. MediRegs is part of Wolters Kluwer Law & Business (wolterskluwerlb.com).

HITRUST Certification: Why It Makes Sense For Every Healthcare Organization

ViPs General Dynamics Information Technology

Aug 31, 2010

Jason Taule, Managing Director of Corporate Risk at ViPS General Dynamics Information Technology, delves into the significance of increased regulation and enforcement, and how the HITRUST Common Security Framework (CSF) can help those in the healthcare industry accomplish this. To learn more about Jason's views on utilizing the HITRUST Certification as a means of securing confidentiality for your healthcare organization

Avoiding the High Cost of Breaches

Health Info Security

Aug 26, 2010

A total estimated price tag of nearly $1 billion for dealing with the aftermath of major breaches reported to federal authorities so far should motivate healthcare organizations to take aggressive steps to improve security, one analyst advises.

Deloitte Becomes a HITRUST Common Security Framework (CSF) Assessor; Active in CSF Assurance Program

Jul 29, 2010

NEW YORK, July 29 /PRNewswire/ -- As the dramatic rise in breaches, theft of patient health data and increasingly complex regulatory environment continues to put health care organizations and their business relationships under intense pressure and scrutiny regarding security and privacy, Deloitte, a global leader in risk consulting and security advisory services, today announced it has been designated as a Common Security Framework (CSF) Assessor status from the Health Information Trust Alliance (HITRUST).

Humana Endorses HITRUST Program to Promote Health Care Information Security and Achieve Cost Savings

Jul 27, 2010

LOUISVILLE, Ky.--(BUSINESS WIRE)--Humana Inc. (NYSE: HUM) announced today it will accept the results of assessments conducted under the HITRUST (Health Information Trust Alliance) Common Security Framework (CSF) Assurance program as a means to evaluate and verify its business partners" capabilities for protecting health information. The HITRUST CSF Assurance program provides Humana and its business partners with a common approach for managing security assessments that reduces the time, costs and complexities associated with today"s compliance efforts.

HITRUST CSF Now Most Widely Adopted Security Control Framework

CSF adoption and assessments grow as organizations become

Jul 22, 2010

Frisco, TX – July 22, 2010 – The Health Information Trust Alliance (HITRUST) announced today that more than 50 percent of hospitals and 70 percent of health plans with more than 500,000 members are utilizing the HITRUST Common Security Framework (CSF). In addition, the number of organizations undergoing HITRUST CSF assessments is increasing at the same time that a growing number of healthcare organizations have committed to accepting the assessment results as a means of evaluating their business associates' capabilities for protecting health information. The CSF Assurance program, through which the assessments are conducted, was created in response to the information security challenges and inefficiencies associated with evaluating compliance with various regulations and proprietary third party assessment approaches. The program has also become the most widely-used approach for measuring third party information security assurance in the healthcare industry.

E-health records: Embracing privacy

SC Magazine

Jun 1, 2010

The upside of consumer education is that people are more careful when it comes to their personal, financial and medical data. The downside is that consumers expect entities handling their sensitive data to do so without blemish.

WellPoint First in Industry to Accept HITRUST CSF Assessment Results as Assurance for Health Care Information Security

WellPoint, Inc. Press Release

May 28, 2010

INDIANAPOLIS, May 28, 2010 /PRNewswire via COMTEX/ --WellPoint, Inc. (NYSE: WLP), the nation's largest health insurer by medical membership, announced today it will accept the results of HITRUST Common Security Framework (CSF) assessments as a way to evaluate and verify its business partners' capabilities for protecting health information.

HITRUST and Cloud Security Alliance to Collaborate on Cloud Security Solutions

CSA launches Cloud Controls Matrix Tool, incorporating HITRUST Common Security Framework

Apr 27, 2010

London and Frisco, TX – April 27, 2010 – The Health Information Trust Alliance (HITRUST) and Cloud Security Alliance (CSA) today announced a joint collaboration focused on addressing cloud security initiatives related to improving the state of security and compliance in the healthcare industry. The two organizations will work together on cloud-based healthcare information security issues and with one another's respective communities to develop and promote security best practices.

WellPoint's Chief Information Security Officer Joins HITRUST Executive Council

Roy R. Mellinger to Help Drive HITRUST's Mission to Increase Trust Among the Healthcare Industry

Apr 8, 2010

Frisco, TX – April 8, 2010 – The Health Information Trust Alliance (HITRUST) announced today it has elected Roy R. Mellinger, CISSP-ISSAP, ISSMP, CIM, Vice President of Information Technology Security and Chief Information Security Officer for WellPoint, Inc., to the Executive Council. HITRUST is led by a seasoned management team and governed by the Executive Council, which is comprised of leaders from across the healthcare industry and other HITRUST supporting organizations. WellPoint is the nation's largest health benefits company by membership, with more than 33 million members in its affiliated health plans.

HITECH Act increases HIPAA security requirements

Information Security Magazine

Mar 3, 2010

The health care industry was buzzing with the news: For the first time ever, a hospital was being audited for compliance with HIPAA security requirements. The audit of Piedmont Hospital in Atlanta by the U.S. Department of Health and Human Services' inspector general in 2007 was surprising for hospitals, health insurers and others in an industry accustomed to a lack of enforcement of federal privacy and security requirements.

Highmark Deploys Agiliance GRC Solution To Reduce The Cost of Compliance

Agiliance Inc. Press Release

Feb 25, 2010

San Jose, Calif. February 24, 2010 – Agiliance Inc., the leading independent provider of integrated Governance, Risk and Compliance (GRC) solutions, today announced that Highmark, Inc., a leading health insurer, is deploying the Agiliance RiskVision™ platform to automate the compliance process, reduce audit costs and ensure Highmark meets strict healthcare industry mandates for HITRUST, HIPAA, and DIACAP.

Fortrex Technologies Achieves HITRUST Common Security Framework Assessor Status

Feb 22, 2010

FREDERICK, Md., Feb. 22 /PRNewswire/ -- Fortrex Technologies Inc., a trusted security and risk management advisor to its clients throughout the world, today announced it has achieved Common Security Framework (CSF) Assessor status from the Health Information Trust Alliance (HITRUST). As a CSF Assessor, Fortrex is now approved to perform readiness assessment, remediation and certification work associated with the CSF, the standard for protecting health information that harmonizes the requirements of existing standards and regulations, including federal (HIPAA, HITECH), third-party (PCI, COBIT) and government (NIST, FTC).

Hospital CISOs Offer Security Tips

Healthcare Info Security

Feb 15, 2010

Too many hospitals fail to involve a cross-section of staff in efforts to ensure the security of health information, one security director says. At many hospitals, "The risk management office and the security office don't talk well to each other and that's a big issue to address," says Bryan Cline, Ph.D., director of information security at Catholic Health East, a 34-hospital system based in Newtown Square, Pa.

HITRUST Announces InfoSec Award Winners for 2009

General Dynamics and Kaiser Permanente recognized for outstanding leadership and contributions

Feb 4, 2010

Frisco, TX – February 4, 2010 – The Health Information Trust Alliance (HITRUST) announced today the recipients of the HITRUST InfoSec Awards for 2009. The InfoSec Awards recognize organizations and individuals that have demonstrated outstanding contributions to the advancement of information security in the healthcare industry. The organization honored for its contributions is Kaiser Permanente and the individual recognized is Jason Taule, Director, Corporate Information Security for ViPS, a General Dynamics Information Technology company.

Healthcare Information Security: Getting Beyond Compliance

Healthcare Information Security Podcasts

Feb 3, 2010

For too many healthcare organizations, information security is about regulatory compliance - requirements and checklists. It's time for patients, privacy and true information security to be prioritized, says Cliff Baker, Chief Strategy Officer with the HITRUST Alliance.

HITRUST Common Security Framework Matures with Enhancements for 2010

Updates to industry's most widely-adopted framework reflect new regulations and user experiences

Feb 1, 2010

Frisco, TX – February 1, 2010 – The Health Information Trust Alliance (HITRUST) announced today enhancements to the HITRUST Common Security Framework (CSF), the healthcare industry framework for protecting health information.

Answering the HITECH Act wake-up cal

Health Management Technology E-Newsletter

Jan 26, 2010

If your estimated cost to establish compliance with the Health Insurance Portability and Accountability Act (HIPAA) across a company were $1 million but the penalties for a breach were capped at $50,000, what risk decision would you make? It’s a no-brainer. You could suffer 20 breaches before the cost of compliance would equal the penalties for non-compliance, so from a risk management perspective the risk of non-compliance is minimal.

The Future of Health Care Information Security

Advance for Health Information Executives

Jan 13, 2010

Why do information security at all? It's an interesting question.and one that's simple to answer. We "secure" or protect information that has value. Often-cited examples include national security information, battlefield intelligence and trade secrets. In the health care industry, patients and their families entrust us with their personal information along with their personal health and safety. A violation of this trust can have consequences ranging from personal embarrassment to medical identity theft.

HITRUST CSF offers path through healthcare security maze

SearchSecurityChannel

Dec 7, 2009

Security solution providers can leverage the Health Information Trust Alliance's (HITRUST) Common Security Framework (CSF) to simplify and standardize their healthcare customers' path to HIPAA compliance.

HITRUST Expands Certification Program to Target Inefficiencies, Complexities and Risk in Healthcare Compliance Reporting

Common and cost-efficient approach simplifies assessment and reporting process for healthcare industry

Nov 16, 2009

Frisco, TX – November 16, 2009 – The Health Information Trust Alliance (HITRUST) announced today a program that significantly alters how the healthcare industry assesses security and reports compliance for HIPAA, HITECH, state and other third-party requirements.

Reporting Health IT Security Compliance Gets Easier

InformationWeek

Nov 16, 2009

The Health Information Trust Alliance (HITRUST) has unveiled a new program that helps streamline how healthcare organizations report to their business associates their status of compliance to security regulations such as HIPAA and others.

Additional Firms Obtain CSF Certifier Status

Pool of CSF Certifiers expanding as more organizations adopt the Common Security Framework

Oct 13, 2009

Frisco, TX – October 13, 2009 – The Health Information Trust Alliance (HITRUST) announced today that two more organizations have joined the growing list of professional services firms designated as HITRUST CSF Certifiers. Lattimore Black Morgan & Cain (LBMC), the largest regional accounting and professional services firm based in Tennessee, and Solutionary, an information security company with a wide range of managed security solutions and professional services, have received CSF Certifier status during a time when HITRUST continues to experience an increase in the number of healthcare organizations beginning the certification phase of the CSF.

Representatives from Express Scripts and IMS Health Join HITRUST Executive Council

Broad representation of industry and business organizations serve healthcare industry well in advancing the state of health information protection

Oct 8, 2009

Frisco, TX – October 8, 2009 – The Health Information Trust Alliance (HITRUST) announced today it has elected two new members to the HITRUST Executive Council. Kimberly Gray, Chief Privacy Officer, Americas Region, IMS Health, and Mark Kinnunen, Information Security Officer, Express Scripts have been appointed to the Executive Council for two-year terms. HITRUST is led by a seasoned management team and governed by the Executive Council, which is comprised of leaders from across the healthcare industry and other HITRUST supporting organizations.

Jon Moore: Build a Security Control Frmework for Predictable Compliance

Information Security Magazine

Oct 8, 2009

The healthcare industry's increasing reliance on technology during this decade has been embraced by consumers, and this has created increased challenges for an already highly regulated industry. The need for superior information security is understandable, after all, consumers entrust us with their health and their wealth. By that, of course, I mean that Humana's subscribers and those of our peer companies are relying on us to help enable their quality of life securely and reliably.

nCircle, HITRUST launch new security scanning service

Healthcare IT News

Oct 6, 2009

SAN FRANCISCO – A new healthcare auditing program is designed to help smaller physician practices ensure that their electronic healthcare records are safe and secure.

Guest Commentary: Start with common framework on IT security

Modern Healthcare

Oct 6, 2009

On October 16, states will submit their health information exchange, or HIE, grant applications in order to receive their incentives under the American Recovery and Reinvestment Act of 2009.

New Program to Evaluate, Certify Health IT Privacy, Security

iHealthBeat

Sep 10, 2009

As the federal government builds a framework for investing some $20 billion in health IT, the health care industry is grappling with one of the most controversial and potentially contentious elements of that framework -- privacy and security of electronic health information.

Four HIPAA Compliance Tips for Business Associates

HealthLeaders Media

Sep 9, 2009

The HITECH Act was a long-time coming, especially because it holds business associates of covered entities accountable for compliance with the HIPAA Security Rule and the use of disclosure provisions of the privacy rule.

Program Aims To Erase Doubts About Health Data Security

InformationWeek

Sep 1, 2009

A new certification program could make it easier for healthcare organizations to decide whether their IT security products meet their compliance needs. The Health Information Trust Alliance--HITRUST--which was launched in 2007 by an alliance of healthcare professional service and IT vendors, announced today a program to evaluate and certify IT security products used in healthcare settings.

New Information Security Product Certification to Address Complexities and Inconsistencies in Product Selection and Simplify Compliance Efforts

HITRUST to streamline process of identifying and evaluating information security solutions for healthcare industry

Aug 31, 2009

Frisco, TX – August 31, 2009 – The Health Information Trust Alliance (HITRUST) announced today it is working with the security assurance, information security and healthcare communities to aid healthcare organizations in evaluating and selecting information security products and services. As the healthcare industry increases its adoption of electronic health records in support of the HITECH Act and enhances its strategy for health information protection, organizations are looking to HITRUST for assistance in identifying solutions that aid in compliance with HIPAA, other security regulations and the HITRUST Common Security Framework (CSF), the first IT security framework developed specifically for healthcare information.

Health IT group to offer security certification to vendors

Federal Computer Week

Aug 31, 2009

The Health Information Trust Alliance (HITRUST) announced today the creation of a program to certify IT security products against its Common Security Framework for information. The CSF Ready program will be guided by a steering committee of major IT security companies and labs. It will develop criteria for independent evaluation of health IT security products and services that will enable compliance not only with the framework but also with federal regulations for handling and securing the sensitive information.

HITRUST Advances Health Information Protection by Offering Greater Access to Common Security Framework and Launching Community-based Education Program

Guidance and Resources for Healthcare Information Security Professionals

Aug 19, 2009

Frisco, TX – August 19, 2009 - The Health Information Trust Alliance (HITRUST) announced today that the Common Security Framework (CSF), the first IT security framework developed specifically for healthcare information, is now available at no charge. The CSF is available through HITRUST Central, the healthcare industry's first managed online community for information security professionals.

HIPAA Compliance Starts with C-Suite

HealthLeaders Media

Aug 10, 2009

The economic recession probably brought healthcare CEOs closer to their organizations' day-to-day activities. New federal HIPAA laws should have too. Daniel Nutkis, CEO of The Health Information Trust Alliance (HITRUST), believes compliance with HIPAA privacy and security starts from the top.

First Healthcare Organizations Seek Information Security Certification from HITRUST

Adoption of the Common Security Framework occuring across every industry segment

Jul 16, 2009

Frisco, TX – July 16, 2009 – The Health Information Trust Alliance (HITRUST) announced today that the first healthcare organizations are beginning the certification phase of the Common Security Framework (CSF). In addition, HITRUST is experiencing a significant increase in licenses of the Common Security Framework across all segments of the healthcare industry: health plans, providers, pharmacies, data exchanges and service providers. Besides providing prescriptive guidance and greater efficiencies for the implementation of information security and privacy programs, motivation driving adoption of the framework includes business partner compliance, health information exchanges, HIPAA compliance and the move to protect Electronic Health Records as part of the HITECH Act (part of the American Recovery and Reinvestment Act, or ARRA).

HITRUST Creates Forum to Foster Corporate Leadership for Information Security in the Healthcare Industry

Supporting the expanding role of the healthcare CISO in a time of greater responsibility

Jun 29, 2009

Frisco, TX – June 29, 2009 – The Health Information Trust Alliance (HITRUST) announced today the Leadership Roundtable to support the growing role of the healthcare chief information security officer (CISO), as corporate responsibility for the protection of electronic health information takes the public stage. The new forum is the first to bring together information security executives representing the diverse segments of the healthcare industry - from providers, health plans and pharmacies to distributors, health data exchanges and pharmaceutical manufacturers – and help advance their careers through networking, learning and driving industry direction.

nCircle and HITRUST Partner to Deliver Innovative SaaS Offering to Secure Healthcare Information

Vulnerability and Configuration Scanning Service Helps Healthcare Organizations Improve Security with an Accessible, Easy to Use, Cost Effective Solution

Jun 11, 2009

San Francisco – June 11, 2009 – nCircle, the leader in security and compliance auditing solutions, and Health Information Trust Alliance (HITRUST) announced today that nCircle has been selected as the provider of vulnerability and configuration assessments as a service for the HITRUST Central portal. The nCircle Suite360™-based offering is an easy-to-use, Internet accessible service that enables healthcare organizations to scan their IT systems for known vulnerabilities and to ensure their IT systems and medical devices are securely configured. This service enables healthcare organizations from the smallest physician’s offices to the largest global organizations to reduce their risk from external threats and ensure that sensitive personal and financial health data is protected. The service dramatically reduces the complexities and costs associated with demonstrating compliance with regulations and standards such as the HITECH Act, HIPAA and PCI.

Record Setting

SC Magazine

Jun 1, 2009

Security cannot take a backseat in health care, says Bryan Cline at the Childrens Hospital of Philadelphia, reports Dan Kaplan. To Bryan Cline, IT security in health care is playing catch-up with other industries that also view data as their most prized asset.

CVS Works on Patient Privacy Improvements Following Fine

HealthLeaders Media

Jun 1, 2009

CVS Caremark Corp., parent company of the largest pharmacy chain in the nation, has implemented a chain-wide shredding program in light of the $2.25 million fine handed down in February by the Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC) for potential breaches of millions of patient records.

Regulatory Update: HITRUST Simplifies Compliance with Newly Released HITECH Act

Enhancements to the Common Security Framework reduce time, resources and expense of HITECH Act compliance for healthcare organizations and their business partners

May 5, 2009

Frisco, TX – May 5, 2009 – The U.S. Department of Health and Human Services under the Health Information Technology for Economic and Clinical Health Act (HITECH Act) issued its guidance concerning protection of personally identifiable health information for purposes of security breach notifications. This is the first in a series of announcements for which compliance may require the expenditure of significant time and expense by healthcare organizations. These organizations also have many concerns about the impact and implications of the announcements on how they govern the security of information exchanged with their business partners.

HITRUST Alliance Announces Security Configuration Packs for the Common Security Framework (CSF)

Integrated Security Configuration Packs simplify and strengthen the protection of 3rd party Health Information Systems including EHRs and medical devices

Apr 3, 2009

Frisco, TX – April 3, 2009 – With the industry on the verge of broad scale adoption of health information technology – including the move to electronic health records by 2014 as mandated by the American Recovery and Reinvestment Act of 2009 - the Health Information Trust Alliance (HITRUST) today announced the development of Security Configuration Packs for the HITRUST Common Security Framework (CSF). The packs address the lack of guidance that users of third-party health information systems—including electronic health records systems and medical devices—face in securely configuring these systems. Coming on the heels of the Common Security Framework launch in March 2009, today’s announcement represents another major milestone for HITRUST in its mission to create a higher level of trust in the industry by providing a holistic suite of tools and services to assist healthcare organizations with efficiently and consistently protecting sensitive health information.

HITRUST Alliance Announces First Awards Program to Honor Outstanding Achievements in the Advancement of Information Protection in the Healthcare Industry

Mar 17, 2009

Frisco, TX – March 17, 2009 – The Health Information Trust Alliance (HITRUST) today announced the creation of the first annual awards program that aims to identify and distinguish outstanding achievements in the advancement of information protection in the healthcare industry. The HITRUST InfoSec Awards aim to recognize innovation and leadership in the areas of Security and Privacy, Education and Training, Awareness and Culture, Crisis Response, and Industry Contributions.

HITRUST Alliance and Healthcare Leaders Collaborate to Change the Way Health Information is Protected

Release of Common Security Framework major milestone for industry in commitment to greater electronic health information protection and growing regulatory compliance

Mar 2, 2009

San Francisco – March 2, 2009 – With the dramatic rise in breaches, theft of patient health data and the increase in regulatory requirements such as those mandated by the American Recovery and Reinvestment Act of 2009 - healthcare organizations and their business partners are now under intense pressure and scrutiny regarding security and privacy. But without a fundamental change in approach the industry will continue to see inconsistencies in the interpretation of regulations, inefficiencies and unacceptably high costs in the exchange of health information, and lagging adoption of standards (such as HIPAA) that have plagued the protection of health information technology in this complex market.

Health Information Trust Alliance (HITRUST) Concurs with The American Recover and Reinvestment Act of 2009 Stimulus Bill on Importance of Privacy and Security

Industry alliance recently concluded 18 month coordinated effort to develop a Common Security Framework for protecting health information

Feb 17, 2009

Dallas – February 17, 2009 – The Health Information Trust Alliance (HITRUST) today released its position on the importance of privacy and security in the American Recovery and Reinvestment Act of 2009. The act, approved by Congress on February 13, recognizes that privacy and security are fundamental to the adoption of health information technologies - and without real and meaningful information security, concerns arise regarding who has access to personal health and sensitive information and leaves patients skeptical and wary of electronic health information systems and exchanges.

HITRUST Expands Leadership as Common Security Framework Nears General Availability

Leaders in place to help set and drive agenda for information security in the Health Care Industry

Dec 3, 2008

Dallas – December 3, 2008 – The Health Information Trust Alliance (HITRUST) - a healthcare industry organization that aims to build greater trust between patients, physicians, organizations, government and technology companies by ensuring information security becomes a core pillar in the adoption of technology and the exchange of data - today announced it has elected two new members to the HITRUST Executive Council and appointed a new member to its management team.

Health Information Trust Alliance (HITRUST) Kicks Off Educational Webcast Series on Information Security in Healthcare, First Deliverable of New Education and Outreach Committee

Organizations who create, access, store or exchange personal health and financial information to learn from security, governance, risk and compliance expert panels

Sep 11, 2008

Dallas – September 11, 2008 – The Health Information Trust Alliance (HITRUST) - the first industrydriven certifiable security standard developed by a collaboration of healthcare, business, technology and information security leaders - today announced it is offering the “Educational Webcast Series on Information Security in Healthcare,” an ongoing series of educational programs delivered via webcast on information security relating to the healthcare industry. As the first deliverable of the new HITRUST Education and Outreach Committee, the complimentary 60-minute webinars will be moderated, interactive panels featuring industry experts and end-users addressing the challenges IT security, risk and compliance professionals face as well as case studies and best practice approaches. Produced every six weeks and running through to 2010, all twelve sessions will be recorded and available online for 12 months for those who cannot attend the live meetings.

Security Initiative Adds Leadership

Sep 9, 2008

The Health Information Trust Alliance, an industry consortium, has expanded its executive council to include additional stakeholders. The alliance, known as HITRUST, is developing a Common Security Framework for industry release in January. The framework will be a set of certifiable and standardized best practices for complying with the HIPAA security rule and other regulatory mandates, as well as internal security policies to provide a uniform way of verifying the security of health information. While adoption of the best practices is voluntary, some organizations may require their business associates to become certified, notes Daniel Nutkis, CEO of HITRUST.

Health Information Trust Alliance (HITRUST) Expands Executive Council with Election of New Members

Prepares for release of first-ever industry-driven health care security framework

Sep 9, 2008

Dallas – September 9, 2008 – The Health Information Trust Alliance (HITRUST) - the first industry-driven certifiable security standard developed in collaboration with healthcare, business, technology and information security leaders - today announced that it has expanded its Executive Council with the election of two new members: Patrick Heim, Chief Information Security Officer, Kaiser Permanente and Robert Mandel, MD, Vice President, Health Care Services, Blue Cross Blue Shield of Massachusetts. Today’s announcement points to the growing industry support and maturing of the HITRUST organization, which is preparing to release its highly anticipated Common Security Framework (CSF) in January 2009.

What Are You Doing To Keep Patient Data Safe

HealthLeaders Media

Aug 19, 2008

When a hospital's patient data is compromised, the results are often costly and always embarrassing for those charged with protecting that information from prying eyes.

HITRUST Confirms Release Date for First-Ever Common Security Framework for Electronic Health Information

Jul 1, 2008

Dallas – July 1, 2008 – The Health Information Trust Alliance (HITRUST) today announced that it is on target to deliver the first-ever Common Security Framework (CSF) by January 2009, thanks to the efforts of the leading health care organizations, professional services firms, information security specialists, liability insurers and other organizations that have joined together to actively participate in the HITRUST CSF program.

Health Information Technology Executives Overwhelmingly Believe the Industry Needs to Work Together on Information Security

Mar 3, 2008

DALLAS—March 3, 2008—A new survey shows that 96 percent of health information technology (HIT) executives think it is important to have a uniform way for verifying the security of sensitive healthcare information, and 85 percent think it is time for the industry to come together and develop a comprehensive framework that can provide that uniformity.

The industry responds on security

Modern Healthcare

Feb 13, 2008

Coalition of companies is working on new protections for patient data.

Industry leaders seek Health Info Security Framework

SC Magazine

Dec 26, 2007

An initiative including health industry leaders and several IT security companies will try to set the bar for security practices applied to electronic-protected health information (EPHI) in an effort to level the playing field between companies sharing sensitive data.

Healthcare Industry and Business Leaders Announce Initiative to Develop a Common Health Information Security Framework

Initiative Seeks to Build Greater Trust in the Electronic Flow of Information Through the Healthcare System

Dec 5, 2007

DALLAS— In an effort to improve the security of sensitive health information, major organizations from across the healthcare and employer spectrum have united to participate in the development of the first ever common security framework for the protection of health information.