2009 CSF Program
The 2009 CSF Program focuses on enhancing the current CSF version through updates based on changing conditions in the healthcare industry and regulatory environment, as well as comments and recommendations provided by organizations implementing the CSF. This will ensure that CSF compliance programs established by healthcare organizations are founded on the most up-to-date and relevant standards and industry expertise.
The CSF will also be expanded throughout 2009 to include:
- New federal and state authoritative sources, including JCAHO, HITSP, CMS IS, FTC Red Flags Rule, ARRA 2009 and 201 CMR 17.00.
- Both mitigating and compensating alternate controls in areas where systems cannot meet the HITRUST CSF requirements. These alternative approaches can be submitted by participating organizations and once approved, they will be available to all organizations through HITRUST Central.
- Application security packs providing organizations with detailed information for the appropriate configuration of applications, such as electronic medical records and other health information systems.
Individuals from organizations that have subscribed to HITRUST Central and have access to the CSF can participate as Commentators in the 2009 CSF Program. They can provide their comments and recommendations regarding CSF drafts via an online, automated process within HITRUST Central, and it is from the feedback and experiences of these individuals that HITRUST will make adjustments and improvements to the CSF.
Participation in a Voting, Review or Control Working Group is only available to individuals from Leadership Forum participating organizations, professional services firms and select subject matter experts from across the industry.
