As part of our journey on the RightStart program by HITRUST, we forged ahead today by knocking out swaths of Transmission Protection and Incident Response assessment sections.
This post is a Behind The Scenes (BTS) look at our progress today.
Transmission Protection is covered in Section 9 of the HITRUST assessment. There are 16 controls to address within in it.
Topics from this section that stuck out to me were:
Incident Response is one of 14 controls that comprise Section 15, Incident Management.
Topics from this section that stood out to me today were:
As an aside, today we discovered Datica open sourced their HIPAA Compliance Policies on GitHub. Very neat.
Along with our progress from yesterday and last Saturday, we are projecting to submit our HITRUST Assessment before the month is over.
As such, we are now doing daily status calls with our HITRUST Assessor, Jeff Pochily from KirkpatrickPrice.
Topics we covered on our daily status call today were:
Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.