Get myCPE Unlimited Access @ $299 $199/Annually
Is your organization looking for an industry-agnostic way to implement information security best practices? Have you investigated HITRUST certification in the past only to be discouraged by the level of effort required? Are you working toward full HIPAA compliance?
If you answered yes to any of the above, you should be excited about the new HITRUST Implemented One-Year (i1) Assessment. Read on to learn more about HITRUST i1 and how it could help your business save time and money while enhancing your security posture.
For a variety of reasons, many assessments on the market today are not updated on a regular basis to keep up with new and emerging threats. To address this issue, HITRUST i1 was specifically designed to be a continuously relevant security assessment. The HITRUST Alliance has made it known that they are reviewing the latest threat intelligence data and fine-tuning security controls no less than quarterly, as well as for every major and minor release of the HITRUST CSF.
Not only will HITRUST i1 be updated to incorporate controls that cover the evolving threat landscape, but it will also “sunset controls that have lost relevance and have limited assurance value based on effort required to comply or assess.” This means your organization can take comfort in knowing that the work you put into HITRUST i1 will be efficient and provide maximum security value.
The HIPAA Security Rule necessitates that organizations carry out a risk analysis, implement security controls, and establish “reasonable and appropriate” policies and procedures to protect sensitive information. Without an official governing body to certify HIPAA compliance, HITRUST r2 provides the best way for organizations to prove they are HIPAA compliant through a reputable and certifiable framework.
I predict that some healthcare payers may start asking organizations in their supply chain to obtain HITRUST i1 certification as a way to evaluate progress and effort toward full HIPAA compliance. For example, perhaps an organization has only partially implemented some of their security controls and does not yet have appropriate policies and procedures in place. HITRUST i1 would be a good intermediate step to help them work toward HITRUST r2 certification.
HITRUST i1 is a game-changer for the compliance industry — it fills a crucial market gap for businesses that want a highly reliable security certification for moderate risk assurance. Because security is an ongoing process of continuous improvement, the fact that this assessment is frequently updated to maintain continuous relevance is highly appealing. If you’re seeking guidance on HITRUST, A-LIGNis here for you. We have helped hundreds of clients achieve HITRUST certification and can make your HITRUST journey as smooth and efficient as possible.
HITRUST i1 is a gamechanger for the compliance industry — it fills a crucial market gap for businesses that want a highly reliable security certification for moderate risk assurance. Because security is an ongoing process of continuous improvement, the fact that this assessment is frequently updated to maintain continuous relevance is highly appealing. If you’re seeking guidance on HITRUST, A-LIGN is here for you. We have helped hundreds of clients achieve HITRUST certification and can make your HITRUST journey as smooth and efficient as possible.