Last Friday, Tyler "Commish" Dornenburg and I got into the office early again for the final push on our HITRUST RightStart assessment. Although we completed all 310 controls the day before, more work remained.
Lisa Mai in Tech Support surprised everyone with a large bag of Chick-fil-A breakfast sandwiches on Friday. Turns out getting Chick-fil-A in San Francisco is no joke. The nearest Chick-fil-A restaurants are in Sunnyvale (pretty far), Novato (far), or East Bay (also far). Lucky for us, Lisa lives near a Chick-fil-A and so she brought it work with her via public transport (brave move).
When we gleaned there was an extra Chick-fil-A sandwich, Evan "Fitz" Fitzgerald stepped up and promptly dispatched it. Fitz is a superfan of the Big Mac and Chick-fil-A. He also recommends the Chick-fil-A Sauce as his preferred dipping sauce.
Staff training for the new #HITRUST policies @PauboxHQ pic.twitter.com/aKO2aJsqZE
— Tyler Dornenburg (@tdornenburg) January 18, 2019
As the day marched along, Commish and I focused on putting together and disseminating new staff training materials. Shortly before lunch, we assembled the team and went over the new HITRUST policies and procedures, as well as the new Paubox Employee Handbook.
As a final step, we made sure to prep for the check-in call with our HITRUST assessor, as it was to be our last call before formally submitting the application. We hopped on a 90 minute call with Jeff Pochily and went over a final run through. I gotta say, we were glad to have sufficiently answered a majority of his final questions.
By 4pm, we successfully submitted our HITRUST assessment. We made it by our deadline! It was the culmination of a 10-month project. We're looking forward to the future.
Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.