HITRUST Offers New Guidance for Assessing Cyber Security Preparedness

HITRUST Cyber Security GuidancRise in Cyber Security Threats Leads to Increased Industry Awareness

The Health Information Trust Alliance (HITRUST) collaborates with healthcare providers, businesses and technology and IT security leaders to advance adoption of health information exchange. Earlier this year HITRUST announced its involvement in the establishment of a new cyber security work group to support the signing of Obama’as White House Cybersecurity Executive Order, a policy to counter cyber security threats at the national level.

The HITRUST Cybersecurity Working Group was established to review the cyber security framework (CSF) to incorporate best practices consistent with the various risk factors related to cyber security for healthcare organizations. The work group is also responsible for coordinating the submission of HITRUST’s recommendations to the National Institute of Standards and Technology (NIST) relating to the development of a national Cybersecurity Framework as outlined in the Executive Order.

Yesterday HITRUST released new guidance for healthcare organizations wanting to assess the state of their cyber security preparedness. “As predicted, HITRUST has seen a marked increase in the frequency and sophistication of cyber attacks targeted at healthcare organizations,” said Daniel Nutkis, chief executive officer, HITRUST. “What is raising concerns is the amount of personal health information misappropriated from health plans and providers that is for sale on the various hacker forums. As the sophistication and intensity of cyber attacks increases, HITRUST believes it is more critical than ever that healthcare organizations have the appropriate safeguards in place and a means by which to review their current level of preparedness.”

The new cybersecurity guidance is available for review at HITRUST Central.