Understanding HITRUST’s Role in Healthcare

Posted: November 3, 2017


HITRUST addresses challenges within Healthcare

As the most widely adopted framework within the healthcare industry, the Health Information Trust Alliance (HITRUST) was created to provide a certifiable standard for health information systems and exchanges that create, access, process, store or exchange protected health information (PHI).

Data security and privacy continues to be at the forefront of many healthcare organizations list of challenges.   Data breaches, regulatory violations and extortion threats are forcing those in the Healthcare space to address how to best recognize, understand and handle increasing risk and liability challenges.

A critical piece in addressing these concerns is identifying and understanding your data privacy and security framework risks and gaps. A HITRUST Assessment performed by a HITRUST alliance certified assessor is the best way to do that.

A HITRUST assessment will provide an organization with insight into it’s current data security and privacy framework strengths and weakneses as well as corrective action plans identifying issues needing remediation. ¬†These corrective action plans serve as a road map to mitigating and addressing these issues.

Next steps after the corrective action plan phase of the assessment include providing evidence and supporting documentation to validate that all risk and gaps have been mitigated or remediated.

After completing this validation, an organization is then ready to receive HITRUST Certification.

A HITRUST Certification provides assurance and validation of an organizations ability to secure protected health information (PHI) and personally identifiable information (PII) belonging to patients, customers and business partners.

A certification offers many benefits including increased patient and customer confidence as well as a competitive advantage for business partners.

Martha Raber

Author: Martha Raber

Martha Raber is a HIPAA Security Consultant for CompliancePoint’s Information Security Practice. Her knowledge spans across multiple industries and entities including healthcare, telecommunications, and travel technology (airlines and SaaS). Martha’s passion lies with knowing she can help Organizations meet compliance and mitigate risk through Gap and Risk Assessments and by providing recommendations for meeting regulatory requirements and internal organizational objectives. Martha has earned the HITRUST CSF Practitioner, CISSP, and CompTIA Security+ certifications. She has also earned a Master’s of Science in Information Systems and a certification in Business Management from Stratford Career Institute.

Leave a Reply

Your email address will not be published. Required fields are marked *

Reduce risk, maintain a compliant posture, and protect info