HITRUST releases certification program for NIST cybersecurity framework

The Health Information Trust Alliance, a security and privacy standards development and accreditation organization, released a certification program for a national cybersecurity framework May 22.

The National Institute of Standards and Technology developed the framework, titled the Framework for Improving Critical Infrastructure Cybersecurity, to help organizations across various sectors manage cybersecurity-related risks through standards, guidelines and best practices.

HITRUST added NIST's cybersecurity framework criteria into its existing HITRUST Common Security Framework Assurance Program, a comprehensive security framework that incorporates information protection standards across multiple industries, including healthcare. For example, the HITRUST CSF Assurance Program incorporates control requirements to demonstrate compliance with HIPAA and the European Union's General Data Protection Regulation.

A HITRUST CSF scorecard of the NIST cybersecurity framework aims to provide organizations with compliance ratings and guidance related to each of the framework's subcategories. Organizations may submit these assessments to management, partners and regulators to showcase compliance with NIST's guidance.

More articles on cybersecurity:
Phishing campaigns use these 3 applications as disguises
UK hospital fires employee for viewing Ed Sheeran's patient information
70% of companies 'disposing' of data ahead of GDPR deadline, survey finds

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.