ControlCase “Compliance as a Service” for HITRUST CSF Assurance Program
Following the recent update to the HITRUST CSF Assurance Program, an increasing number of healthcare organizations will now require their business associates to obtain CSF Certification.
Reston VA, USA
The Health Information Trust Alliance (HITRUST) CSF is a certifiable framework that provides organizations with the needed structure, detail and clarity relating to information security for the healthcare industry. Utilizing a common set of information security requirements, the CSF Assurance program delivers simplified compliance assessments and reporting for HIPAA, HITECH, state, and business associate requirements.
In recent news, HITRUST announced an expansion of the healthcare industry’s use of the CSF Assurance program in support of efforts to better manage the third-party assurance process. As a result, an increasing number of organizations within the healthcare industry will now require their business associates to obtain the CSF Certification in the next 24 months. “The CSF Certification works to establish effective security and improve privacy practices aligned with the requirements of the health industry” said Bill Brody, VP – HealthCare Division at ControlCase.
“This development further reinforces the use of CSF Certification as a benchmark for information security in the healthcare industry and provides a perfect platform for clients to benefit from using ControlCase’s CaaS,” said Brody.
While many covered entities are leveraging the CSF Assurance program, more and more business associates are also requesting that their CSF Assurance reports be accepted by the healthcare organizations with whom they do business. This comes in an effort to minimize the duplicity, costs and inefficiencies resulting from the current multitude of assessment requests.
"To date, the HITRUST CSF is the most widely-adopted security framework in the U.S. Healthcare Industry,” says Ken Vander Wal, Chief Compliance Officer at HITRUST. “We have been reviewing and revising a number of policies and procedures around the CSF Assurance program, as well as augmenting our own capabilities and streamlining the process.” said Vander Wal.
It is safe to say, healthcare organizations are recognizing the rise in cyber threats and the significant role played by their business associates. “The CSF Certification establishes effective security and improves privacy practices aligned with the requirements of the health industry. We believe ControlCase CaaS will be the ideal platform for helping clients effectively manage their compliance as well as that of their business associates who are now subject to CSF Certification.” said Brody.
ControlCase is an approved HITRUST CSF Assessor providing a cost effective solution to help organizations assess themselves against HITRUST CSF.
For more information on ControlCase CaaS for HITRUST CSF Assurance Program, please contact Kimberly Simon at firstname.lastname@example.org
For more information, please visit the company website at www.controlcase.com
HITRUST programs include the establishment of a common risk and compliance management framework (CSF); an assessment and assurance methodology; educational and career development; advocacy and awareness; and a federally recognized cyber Information Sharing and Analysis Organization (ISAO) and supporting initiatives. Over 84 percent of hospitals and health plans, as well as many other healthcare organizations and business associates, use the CSF, making it the most widely adopted security framework in the industry. For more information, visit http://www.HITRUSTalliance.net.