HITRUST Shared Responsibility: Assigning privacy and responsibility on the cloud

2020-03-06 02:30

The Shared Responsibility Program is led by Becky Swain, Director of Standards Development at HITRUST, and supported by a Working Group comprised of representatives of leading cloud service providers, including Armor, AWS, Google, Microsoft Azure and Salesforce, as well as enterprise cloud customers, cloud professional services firms, and solution providers.

"As PDHI collaborates with cloud service providers, we will leverage the HITRUST Shared Responsibility Matrix in understanding, documenting, and inheriting privacy and security control responsibility," explains Lee Penn, the Chief Financial Officer and Chief Compliance Officer for PDHI and Shared Responsibility Working Group Member.

"David Houlding, Director of Healthcare Experiences, Microsoft Azure: Healthcare Cloud and Shared Responsibility Working Group Member said,"The continued growth and strategic reliance on cloud computing, coupled with the ever-growing risk and compliance landscape, make communicating control responsibility and assurances more complex and intricate.

"The HITRUST Shared Responsibility Program addresses the need for a common language around security risks and responsibilities between the customer and cloud service provider, and to have confidence that nothing will fall through the cracks."

"When control responsibility is shared, organizations must have these discussions with their cloud service providers to ensure everyone is on the same page," says HITRUST Shared Responsibility Working Group Member Bob Smith, Senior Manager of Security Compliance at Salesforce.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/3x2yC8BCRdc/

#hitrust #cloud #privacy