Navigation Links
HITRUST Confirms Release Date for First-Ever Common Security Framework for Electronic Health Information
Date:7/1/2008

Leaders From Healthcare, Professional Services, Information Security and

Liability Insurers Committed to Deliver a World-Class Framework

DALLAS, July 1 /PRNewswire/ -- The Health Information Trust Alliance (HITRUST) today announced that it is on target to deliver the first-ever Common Security Framework (CSF) by January 2009, thanks to the efforts of the leading health care organizations, professional services firms, information security specialists, liability insurers and other organizations that have joined together to actively participate in the HITRUST CSF program.

"The HITRUST CSF program is critical to effectively safeguarding electronic health information," said Daniel S. Nutkis, CEO, HITRUST. "As it is a substantial and complicated undertaking, we are very fortunate to have such capable, respected and committed organizations participating as part of our Drafting and Review Working Groups. I am amazed by the diversity and number of leading organizations with varying specialties participating in the HITRUST CSF program," Nutkis added.

"As one of HITRUST's founding organizations, I am very pleased to see that so many leaders in the industry have chosen to join us and support the development of a common security framework," said Jonathan Roberts, Senior Vice President and Chief Information Officer, CVS Caremark. "We at CVS Caremark have known for some time that the creation of the common security framework was a vital and missing component to effectively and efficiently protecting sensitive health information," Roberts added.

The HITRUST CSF is a comprehensive set of tools to aid organizations that create, store, access or exchange electronic health, financial, and other sensitive information in protecting their information assets and managing related risks, costs and complexities. The HITRUST CSF is comprised of three components -- an Information Security Implementation Manual, a Standards and Regulations Cross-Reference Matrix, and a Readiness Assessment Toolkit. The Information Security Implementation Manual is a certifiable, best-practice based specification that scales according to the type, size, and complexity of an organization to provide prescriptive implementation guidance.

"BearingPoint has dedicated significant resources to the development of the HITRUST CSF," said Dr. Ross Martin, director of Health Information Convergence for the firm. "As a leading provider of risk, compliance and security solutions, BearingPoint believes the development of a common security framework is critical, not just for protecting electronic health information, but also in minimizing the costs and complexities associated with securing electronic health information."

"The HITRUST CSF program is creating what has been lacking in the healthcare industry, relating to information security guidance and clarity. By being prescriptive, it removes the confusion, inconsistencies and variability that have existed to date, in how organizations have implemented security measures. Although it is a new specification, it has leveraged existing U.S. and internationally accepted security standards where available and appropriate," said G. Christopher Hall, Partner -- Security, Accenture Technology Consulting.

"The availability of a comprehensive and prescriptive information security implementation manual, developed and agreed on by so many industry leaders, will establish a bar for appropriate information security measures in the healthcare industry, and impact how we as a liability underwriter evaluate and write potential policies," said Paul Bantick, Senior Underwriter -- Technology, Media & Business Service, Beazley Group plc.

"As an organization that recognizes the importance of electronic health record, personal health record, and information exchanges to improving quality and better management of medical expenses, we also recognize that a critical component to achieving their potential is confidence by business partners, regulators and consumers that safeguards are in place to protect sensitive health information," said Robert Mandel, MD, MBA, Vice President, Health Care Services, Blue Cross Blue Shield of Massachusetts. "The HITRUST CSF allows organizations to better understand the appropriate safeguarding measures and communicate their efforts in a uniform manner to their partners," Mandel added.

The HITRUST Standards and Regulations Cross-Reference Matrix is a resource for organizations to understand how implementation of the HITRUST Information Security Implementation Manual relates to and addresses other standards, as well as legal, contractual and regulatory requirements. Organizations who are already certified to or have a mandate for other standards such as ISO 27001 can easily integrate this with their current framework. "I see the HITRUST CSF as an opportunity to bring some structure and consistency to the way information security is implemented in the U.S. healthcare industry," said John DiMaria, Product Manager -- Business Continuity and ITSM, BSI Management Systems of America. "Since the HITRUST Information Security Implementation Manual is prescriptive, it removes the multiple interpretations that have caused issues with inconsistent implementations and audits in the past," DiMaria added.

"As an information security professional in the healthcare industry, I have struggled to identify a practical strategy and approach that appropriately addresses risk, and which can be implemented and accepted by management, finance, internal and external auditors, and trading partners. The HITRUST CSF provides a consistent framework by which a healthcare organization can address security challenges," said Michael Frederick, Director -- Office of Information Security and Chief Information Security Officer, Baylor Health Care System.

"The development of the HITRUST CSF takes the healthcare industry a giant step forward in managing risk and protecting privacy. It also establishes a benchmark that can be applied to non-covered entities, such as those providing personal health records (PHRs) to consumers. The HITRUST CSF is crucial to address the concerns of patients, policymakers and others," said Dr. Larry Ponemon, Chairman and founder, Ponemon Institute.

The HITRUST Common Security Framework version 2009 will be available for license later this year. More information on the HITRUST CSF can be found on the company's website at http://www.hitrustalliance.org/csf or by calling (469)-587-2250.

About the HITRUST

The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. Security is critical to the broad adoption, utilization of and confidence in health information systems, medical technologies and electronic exchanges of health information. This, in turn, is critical to realizing the related promise of quality improvement and cost containment in America's healthcare system. HITRUST is collaborating with healthcare, business, technology, and information security leaders to establish a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the first-ever common security framework, HITRUST is also driving adoption and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit http://www.hitrustalliance.org.

Media contact:

Mike Breslin

Hill & Knowlton (for HITRUST)

214.683.0379

mike.breslin@hillandknowlton.com


'/>"/>
SOURCE Health Information Trust Alliance
Copyright©2008 PR Newswire.
All rights reserved

Related medicine news :

1. Air Methods Corporation Confirms Mid-Air Collision in Arizona
2. Pennsylvania Department of Health Confirms Fifth Salmonella Case Linked to National Outbreak
3. Perrigo Confirms Filing for Generic Version of VANOS(R)
4. Report confirms increased risk of smoking, substance abuse in bipolar adolescents
5. Study presented at DDW 2008 Confirms that New Device Significantly Improves Detection of Polyps in the Colon
6. Pennsylvania Department of Health Confirms Rabid Kitten Found in Adams County
7. ASCO Study Confirms Importance of Histology in Treatment of Non-Small Cell Lung Cancer With ALIMTA (pemetrexed for injection)
8. Air Methods Corporation Confirms Fatal Accident in Wisconsin
9. New Smoking Cessation Guideline Confirms That Now is the Time to Quit Smoking
10. Study by Texas A&M University-Corpus Christi Confirms Training With Vision Software Enhances Hitting Skills
11. Perrigo Confirms Patent Challenge of Monistat(R) 1 Combination Pack
Post Your Comments:
*Name:
*Comment:
*Email:
(Date:6/25/2016)... ... ... temporary closing of Bruton Memorial Library on June 21 due to a possible lice infestation, ... aspect of head lice: the parasite’s ability to live away from a human host, and ... necessary one in the event that lice have simply gotten out of control. , As ...
(Date:6/25/2016)... ... 25, 2016 , ... On Friday, June 10, Van Mitchell, Secretary of the ... to iHire in recognition of their exemplary accomplishments in worksite health promotion. , The ... Health & Wellness Symposium at the BWI Marriott in Linthicum Heights. iHire was one ...
(Date:6/24/2016)... CA (PRWEB) , ... June 24, 2016 , ... Marcy was in a crisis. Her ... would lash out at his family verbally and physically. , “When something upset him, he ... he would use it. He would throw rocks at my other children and say he ...
(Date:6/24/2016)... ... ... Topical BioMedics, Inc, makers of Topricin and MyPainAway Pain Relief Products, join The ‘Business for ... $12 an hour by 2020 and then adjusting it yearly to increase at the same ... wage, assure the wage floor does not erode again, and make future increases more predictable. ...
(Date:6/24/2016)... ... 2016 , ... Strategic Capital Partners, LLC (SCP) in concert ... capital for emerging technology companies. SCP has delivered investment events and professional ... than a million dollars of capital investment for five companies. The ...
Breaking Medicine News(10 mins):
(Date:6/24/2016)... SAN CLEMENTE, Calif. , June 24, 2016 /PRNewswire/ ... pulmonary function testing company, is now able to perform sophisticated lung ... ndd Medical Technologies , Inc. Patients are ... labs.  Thanks to ndd,s EasyOne PRO ® , ARL patients like ... any needed testing done in the comfort of her own home. ...
(Date:6/24/2016)... Mass. , June 24, 2016   Pulmatrix, ... pharmaceutical company developing innovative inhaled drugs, announced today that ... Russell Investments reconstituted its comprehensive set of ... "This is an important milestone for Pulmatrix," ... will increase shareholder awareness of our progress in developing ...
(Date:6/23/2016)... June 23, 2016  MedSource announced today that ... e-clinical software solution of choice.  This latest decision ... value to their clients by offering a state-of-the-art ... relationship establishes nowEDC as the EDC platform of ... full-service clients.  "nowEDC has long been a preferred ...
Breaking Medicine Technology: