HITRUST includes NIST Cybersecurity Framework in latest certification criteria

The Health Information Trust Alliance unveiled additions to the ninth version of its common security framework.

The HITRUST CSF is a comprehensive security framework that incorporates information protection standards from multiple industries, including healthcare. For example, the framework incorporates control requirements to demonstrate compliance with HIPAA based on a review of the HHS Office for Civil Rights' audit protocol.

The ninth version of the framework also includes objectives from the National Institute of Standards and Technology's Cybersecurity Framework, which provides organizations with guidance related to cybersecurity risks.

"Organizations now have [an] effective and efficient approach for reporting an organization’s cybersecurity posture leveraging the NIST Cybersecurity categorization," said Jason Newman, vice president and chief information security officer of Blue Cross and Blue Shield of Minnesota. "This is another benefit in leveraging a common and comprehensive framework in the HITRUST CSF."

HITRUST plans to release the ninth version of its framework in August.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars