Become a Valued Member of myCPE Professionals Community
Trusted by 250,000+ Professionals
5.0
"Steven was knowledgeable and thorough…”
Steven was knowledgeable and thorough in his information about the product and what is offered. He was empathetic to my situation. He went above and beyond answering all of my many questions. Excellent service!
Crystal lovejoy
5.0
"Great Customer Service”
Great service and very patient as I asked several questions. Steven answered all my questions and helped me make the right decision in my subscription purchase. Thank you.
Lori corry
5.0
"It is what it advertised to be”
It is what it advertised to be. Professional quality training and CPE tracking and certificates; systems knows AZ CPA CPE requirements and categories. I've needed help on several occasions and the assistance was quick and effective; however, there were some problems with data entry. The assistance sometimes asks for input, but when I try to type it is dissallowed for some reason. On several occasions I had to close the popup to get it out of my way.
Brian Carey
5.0
"Great customer service”
Great customer service. Classes are pertinent. Great value
Become a Valued Member of myCPE Professionals Community
Trusted by 250,000+ Professionals
5.0
"Steven was knowledgeable and thorough…”
Steven was knowledgeable and thorough in his information about the product and what is offered. He was empathetic to my situation. He went above and beyond answering all of my many questions. Excellent service!
Crystal lovejoy
5.0
"Great Customer Service”
Great service and very patient as I asked several questions. Steven answered all my questions and helped me make the right decision in my subscription purchase. Thank you.
Lori corry
5.0
"It is what it advertised to be”
It is what it advertised to be. Professional quality training and CPE tracking and certificates; systems knows AZ CPA CPE requirements and categories. I've needed help on several occasions and the assistance was quick and effective; however, there were some problems with data entry. The assistance sometimes asks for input, but when I try to type it is dissallowed for some reason. On several occasions I had to close the popup to get it out of my way.
Brian Carey
5.0
"Great customer service”
Great customer service. Classes are pertinent. Great value
Steve
1/4
Subscribe Now at $199/ 12 Months
Topic of Interest
Select the topics of your interest to receive Webinars/Virtual Events/E-Books/Podcasts of your interest.
Not found
Selected Topics
Important: Course Deactivation Alert
Below mentioned Courses will be deactivated soon due to outdated content. Complete the course within the next 7 days to receive credits. After Expiry date, the course will be unavailable for credit. For assistance or inquiries, please contact our support team at support@my-cpe.com.
4 Reasons Your Organization Should Consider HITRUST i1 Certification
4 Reasons Your Organization Should Consider HITRUST i1 Certification
Blaise Wabo
Published On : Sep 20, 2022
1183
5 mins read
Inside This Article
Is your organization looking for an industry-agnostic way to implement information security best practices? Have you investigated HITRUST certification in the past only to be discouraged by the level of effort required? Are you working toward full HIPAA compliance?
If you answered yes to any of the above, you should be excited about the new HITRUST Implemented One-Year (i1) Assessment. Read on to learn more about HITRUST i1 and how it could help your business save time and money while enhancing your security posture.
1. HITRUST i1 Ensures Security Best Practices
As described in HITRUST’s official press release, HITRUST i1 is a “continuously-relevant cybersecurity assessment that aligns and incorporates best practices and leverages the latest threat intelligence to maintain applicability with information security risks and emerging cyber threats, such as ransomware.” In other words, the control requirements for HITRUST i1 were carefully selected to promote superior security no matter the business type (check out section #3 for details on how these controls are threat-adaptive).
Perhaps your business is not required to obtain an official compliance certification, but you still want to demonstrate your commitment to security to both internal and external stakeholders. There are self-attestation assessments out there, such as the HITRUST Basic, Current-State (bC) Assessments, that can help you achieve good security hygiene. However, this category of assessment is not validated by an independent third party and only provides a low level of assurance for your customers, partners, and prospects.
At the opposite end of the spectrum, you may have looked into options that result in certification and offer a higher level of assurance compared to self-assessments but are geared toward a specific industry or piece of legislation. Terminology in these assessments such as “cardholder data’’ or “protected health information” can be confusing if it’s not applicable to your business. HITRUST i1, however, is guaranteed to be highly relevant to your business because of its industry-agnostic approach to security.
If your organization is looking for a certifiable standard that ensures information security best practices and provides assurance against moderate risk, then HITRUST i1 may be the right fit.
2. HITRUST i1 is More Attainable Than HITRUST r2
Another reason why your organization may be interested in HITRUST i1 is the fact that it is easier to achieve compared to the standard HITRUST Risk-based, Two-year (r2) Assessment (formerly known as the HITRUST CSF Validated Assessment). If your organization does not have robust security resources in place, it could be difficult to achieve HITRUST r2 certification, and keep up with the ongoing requirements such as interim assessments.
With HITRUST i1, organizations will be able to earn a HITRUST certification that is well-suited for their needs and doesn’t demand a significant amount of time and resources.
The primary reasons why HITRUST i1 certification is relatively simple to achieve are:
Maturity levels: It is required that a HITRUST r2 assessment evaluates an organization’s security controls against the Policy, Process, and Implemented levels of the HITRUST maturity model (Measured and Managed are optional). HITRUST i1 only tests an organization against the Implemented maturity level.
The controls: The average HITRUST r2 assessment involves an average of 360 control requirements out of 2,000 eligible controls. HITRUST i1, on the other hand, calls for 219 static control requirements that are the same for every organization that undergoes the assessment. This also makes comparison across different reports more straightforward.
3. HITRUST i1 is Always Up to Date
For a variety of reasons, many assessments on the market today are not updated on a regular basis to keep up with new and emerging threats. To address this issue, HITRUST i1 was specifically designed to be a continuously relevant security assessment. The HITRUST Alliance has made it known that they are reviewing the latest threat intelligence data and fine-tuning security controls no less than quarterly, as well as for every major and minor release of the HITRUST CSF.
4. HITRUST i1 is a Springboard for Full HIPAA Compliance
The HIPAA Security Rule necessitates that organizations carry out a risk analysis, implement security controls, and establish “reasonable and appropriate” policies and procedures to protect sensitive information. Without an official governing body to certify HIPAA compliance, HITRUST r2 provides the best way for organizations to prove they are HIPAA compliant through a reputable and certifiable framework.
I predict that some healthcare payers may start asking organizations in their supply chain to obtain HITRUST i1 certification as a way to evaluate progress and effort toward full HIPAA compliance. For example, perhaps an organization has only partially implemented some of their security controls and does not yet have appropriate policies and procedures in place. HITRUST i1 would be a good intermediate step to help them work toward HITRUST r2 certification.
Get Started on Your HITRUST Journey Today
HITRUST i1 is a game-changer for the compliance industry — it fills a crucial market gap for businesses that want a highly reliable security certification for moderate risk assurance. Because security is an ongoing process of continuous improvement, the fact that this assessment is frequently updated to maintain continuous relevance is highly appealing. If you’re seeking guidance on HITRUST, A-LIGNis here for you. We have helped hundreds of clients achieve HITRUST certification and can make your HITRUST journey as smooth and efficient as possible.
Share with
Blaise Wabo
HITRUST i1 is a gamechanger for the compliance industry — it fills a crucial market gap for businesses that want a highly reliable security certification for moderate risk assurance. Because security is an ongoing process of continuous improvement, the fact that this assessment is frequently updated to maintain continuous relevance is highly appealing. If you’re seeking guidance on HITRUST, A-LIGN is here for you. We have helped hundreds of clients achieve HITRUST certification and can make your HITRUST journey as smooth and efficient as possible.
Experience MYCPE ONE at its best! Upgrade your browser for a more interactive, user-friendly interface, and stay ahead in your professional development journey.
Blaise Wabo 
