HITRUST CSF Certification | |
HITRUST offers a self-assessment option for organizations looking to conduct an assessment internally; however, organizations are well served to obtain the expertise of a qualified CSF assessor organization, such as Interactive Security, to identify the strengths and weaknesses of their information security program and to make recommendations about how to address any issues. Based on: HIPAA Security Rule Payment Card Industry Data Security Standard (PCI DSS) Control Objectives for Information and Related Technology (COBIT) National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) International Organization for Standardization (ISO) Federal Trade Commission (FTC) Red Flags Rule Centers for Medicare and Medicaid Services Addressable Risk Safeguards (CMS ARS) State requirements Multiple other standards Applies to: Health plans / insurance plans Hospitals and medical facilities Doctor's offices Pharmacies Health information exchanges Biotech companies IT service providers (data centers, etc) HIPAA and HITRUST assessments share the common objective of safeguarding healthcare information and ePHI. Performing a security assessment around HIPAA Security Rule controls and addressing any resulting audit recommendations can evidence the organization's compliance with HIPAA requirements, however the HIPAA Security Rule was originally intended to apply to a wide range of organizations from a small clinic to a large hospital chain, which led to the subjective and vague nature of the requirements to be HIPAA compliant without also relying on ISO or NIST assessments. ![]() | |
Related Link: Click here to visit item owner's website (0 hit) | |
Target State: Pennsylvania Target City : All Cities Last Update : Dec 04, 2019 Number of Views: 15 | Item Owner : Interactive Security Contact Email: Contact Phone: 2678242500 |
Friendly reminder: Click here to read some tips. |