Because of the number of patients seeing medical professionals every day and the nature of their visits, the healthcare industry faces unique security challenges that no other industry sees.
To help mitigate and manage risk, the Health Information Trust Alliance (HITRUST) was created. HITRUST establishes a Common Security Framework (CSF) that allows for the consistent implementation of HIPAA requirements.
Simplify Leveraging Service Provider Security Controls for a CSF Assessment The CSF Inheritance Program enables hosting, cloud, and service providers to make assessment scores available for inheritance into any organization’s assessment—easily, seamlessly, and automatically. Additionally*, organizations have the ability to inherit control scores from one of their assessments and apply them to their other assessments.
This program simplifies the process and reduces the effort for hosting and service organization customers. By working with a participating service provider, customers can reduce the required testing and associated costs for inherited controls in a fully automated manner. The HITRUST Inheritance Program allows for cloud hosting and service providers to easily and automatically apply their assessment scores into any organization’s assessment.
Additionally, the HITRUST Inheritance Program allows organizations to inherit controls from one of their vendor’s assessments and apply it to their own assessments easily, saving time and resources. By working with a participating managed service provider, organizations can leverage the inheritance program to simplify and streamline the assessment process.
Key benefits:
By seamlessly lifting and applying assessment scores to other assessments across the board, organizations can reduce the time, effort and associated costs required for testing inherited controls. Other key benefits include:
How it Works With the CSF Inheritance Program, Service Providers will appear in a list of organizations that have a HITRUST CSF Validated assessment. A client can then indicate a specific control requirement should be inherited and then choose their hosting or service provider from the list of participating hosting and service providers.
The system validates the relationship, by requesting a verification from the service provider to confirm the services provided. To take advantage of this offering, service providers must have: • MyCSF Subscription • Inheritance Module Subscription • Current HITRUST CSF Validated assessment in good standing More info For more information about the CSF Inheritance Program, contact HITRUST at 855.HITRUST or email us at sales@hitrustalliance.net.