Security News

HITRUST Assurance Intelligence Engine renders self-assessments obsolete
2021-02-03 03:00

HITRUST introduced the HITRUST Assurance Intelligence Engine, which uses a patent-pending approach to analyze assessment documentation for oversights, inconsistencies, and errors throughout the information security and privacy assessment process. Effective immediately, the HITRUST MyCSF SaaS information risk management and assessment platform will incorporate the AI Engine to measurably increase assurances delivered through HITRUST CSF Assessments.

HITRUST announces organizational changes in the form of new leadership appointments
2021-01-14 00:00

HITRUST announced strategic organizational changes in the form of new leadership appointments as well as new and expanded responsibilities for existing executive management. The changes are aligned with HITRUST's global expansion and innovative new services aimed at helping organizations implement best-in-class risk management and compliance programs as simply and efficiently as possible.

HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security
2021-01-11 02:00

Developed with Amazon Web Services and Microsoft Azure, each new HITRUST Shared Responsibility Matrix aligns with the cloud service provider's unique solution offering. Leading cloud service providers have long supported shared responsibility models, whereby the provider assumes some security responsibility for hosting applications and systems, while the organization deploying its solutions in the cloud assumes partial or shared responsibility for others.

HITRUST MyCSF streamlines regulatory compliance reporting
2020-12-18 02:15

HITRUST announced a major feature enhancement to its information risk management platform, HITRUST MyCSF, that significantly streamlines how organizations capture and present regulatory compliance evidence. Both the new Compliance and Reporting Pack feature for HITRUST MyCSF and the new Regulatory Assistance Center initially focus on the Health Insurance Portability and Accountability Act, expanding into other regulations in the future.

HITRUST CSF 9.4: Incorporating authoritative sources of any security and privacy framework
2020-06-24 00:45

HITRUST CSF version 9.4 now incorporates and harmonizes the largest number of authoritative sources of any security and privacy framework, most recently adding the CMMC framework and two community-specific standards, as well as updating existing sources for continued relevancy. As security and privacy requirements change in response to new and updated global laws and regulations, or breaches and other cyber events, HITRUST is committed to maintaining and expanding the relevancy and applicability of the HITRUST CSF to meet the continually evolving regulatory and risk-management landscape and associated control requirements.

HITRUST expands and enhances its services and support in the Asia Pacific region
2020-05-07 23:30

HITRUST, a leading data protection standards development and certification organization, continues to expand and enhance its services and support in the Asia Pacific region as part of a global information protection approach to streamline information risk management and compliance for organizations of any type, size, or geography delivering services locally, nationally, or internationally. The creation of the Asia Advisory Council ensures that the HITRUST Approach remains current and relevant to the needs of the HITRUST community in Asia.

HITRUST Shared Responsibility: Assigning privacy and responsibility on the cloud
2020-03-06 02:30

The Shared Responsibility Program is led by Becky Swain, Director of Standards Development at HITRUST, and supported by a Working Group comprised of representatives of leading cloud service providers, including Armor, AWS, Google, Microsoft Azure and Salesforce, as well as enterprise cloud customers, cloud professional services firms, and solution providers. "As PDHI collaborates with cloud service providers, we will leverage the HITRUST Shared Responsibility Matrix in understanding, documenting, and inheriting privacy and security control responsibility," explains Lee Penn, the Chief Financial Officer and Chief Compliance Officer for PDHI and Shared Responsibility Working Group Member.

HITRUST and Frist Cressey Ventures form the Venture Capital Advisory Council and Venture Program
2019-12-16 01:00

HITRUST, a leading data protection standards development and certification organization, announced a collaboration with Frist Cressey Ventures to form the Venture Capital Advisory Council (“VC...

HITRUST adds new components to its Third-Party Risk Management Methodology
2019-11-14 02:15

HITRUST, a leading data protection standards development and certification organization, announced a major release of its HITRUST Third-Party Risk Management (“TPRM”) Methodology that introduces...

Tripwire and HITRUST help healthcare orgs achieve compliance with the HITRUST CSF
2019-10-31 01:00

Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organizations, announced it has partnered with HITRUST to help healthcare organizations...