HITRUST® 2019年是又一次成功的会议. It covered several topics from new quality standards and outlining assessment best practices, 云中的遵从性, HITRUST的跨行业适应, 以及不断变化的隐私领域. Organizations adopting HITRUST continue to expand and the attendance at this year’s conference confirms that this will continue in the years to come.

One key interest this year was the growth of the Provider Third-Party Risk Management Council’s network. Nearly one year since the council’s assembly, it has grown in both awareness and participation.

这里是它的起源的简要概述, 目标, and the challenges it’s helping organizations overcome.

What is the Provider Third-Party Risk Management Council?

The Provider Third-Party Risk Management (PTPRM) Council is relatively new, 宣布 in 2018. A group of prominent Chief 信息安全 Officers (CISOs) came together to solve a common challenge: vetting and monitoring third-party organizations in their supply chains.

他们成立了PTPRM委员会来“发展”, 推荐, and promote practices to manage information security-related risks in their supply chain and to safeguard patient safety and information.”

The council upholds its mission by promoting HITRUST as a portion of its requirements by requiring its third parties that involve the disclosure of protected health information (PHI) to provide a certified HITRUST CSF™ Assessment prior to providing services and annually thereafter. 这有什么帮助呢? The HITRUST CSF certification serves as a standard for third parties that use patient or sensitive information. 这些第三方可以获得认证, 参与网络和, 作为一个结果, 更容易与其他成员一起工作.

提供商TPRM理事会的目标

The PTPRM Council’s 目标 are designed to improve the cybersecurity posture of participating organizations. 它的主要目标是:

  • Bring uniformity to the vendor risk management life cycle (VRMLC);
  • Reduce the cost and increase the value that organizations expect from their VRMLC processes;
  • Address difficult problems efficiently and respond to emerging threats; and
  • Demonstrate commitment to industry-wide acceptance and adoption.

该委员会正在努力实现这些目标.

这对参与组织有何帮助?

Participating organizations can ensure that others in the PTPRM network are following vital security standards and that their compliance has been validated. 因为参与者是HITRUST CSF认证, working within the network gives organizations inherent initial trust, making the process of onboarding vendors and providers less cumbersome.

This initiative helps save these organizations time and money since resources that previously went toward vetting new providers and vendors can now be used elsewhere.

而这一举措是基于安全, it’s also clear that joining this network is a competitive advantage as well. An organization will more likely choose to work with another participating organization due to the assurance of security standards and time efficiency.

PTPRM的发展潜力

Many organizations on the PTPRM Council have already seen rapid adoption of HITRUST from their vendors. This initiative has allowed vendors or service organizations to reduce security audits, 调查问卷, 以及填写供应商表格的时间. This change affects not only organizations on the council but others, considering that HITRUST CSF is a widely-recognized security framework and certification. 自成立以来, the number of participating providers has grown as well as the addition of BA/Vendor Council members.

If you would like more information about the HITRUST CSF certification, 联系 LBMC 信息安全 to learn more and schedule a consultation.

了解更多关于HITRUST的信息

友情链接: 1 2 3 4 5 6 7 8 9 10