7 HITRUST Regulatory Factors to Consider for Healthcare

This article is Part One of a Four-part Series on the HITRUST Framework

When you think of HITRUST, you probably think of healthcare. After all, HITRUST was originally created as the “Health Information Trust Alliance.” Continue reading “7 HITRUST Regulatory Factors to Consider for Healthcare”

Ostendio Expands MyVCM Auditor Connect Marketplace with
A-LIGN Partnership

Reposted with permission, Ostendio Inc.

ARLINGTON, Va. – September 28, 2020 – Ostendio Inc., a leading provider of integrated risk management software, and A-LIGN, a security and compliance provider, today announced that A-LIGN is joining the MyVCM Auditor Connect™ marketplace offering customers more choices in their third party security and risk management audit firms. Continue reading “Ostendio Expands MyVCM Auditor Connect Marketplace with
A-LIGN Partnership”

The New Normal:
Fully-Enabled Remote Audits

The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote audits so that organizations can continue to demonstrate trust. Continue reading “The New Normal:
Fully-Enabled Remote Audits”

HITRUST Assurance Advisory Adds Strategic Scoping Factors

Even though compliance is an on-going process, each individual assessment has its own lifecycle, which begins with a self-assessment of scoping factors. This can be a tedious process to complete for every audit, especially if the same questions get asked more than once, or continue to show up in assessment requirements. Continue reading “HITRUST Assurance Advisory Adds Strategic Scoping Factors”

HITRUST Bridge Assessment Offers Relief From Pandemic Pressures

HITRUST is granting organizations the ability to gain a 90-day grace period to demonstrate continuous compliance with its new Bridge Assessment. Continue reading “HITRUST Bridge Assessment Offers Relief From Pandemic Pressures”

HITRUST Releases Guidance for Reliance on the Work of Others

On September 11, 2019 HITRUST released updated guidance regarding the reliance of others as part of the HITRUST certification process. This includes a more defined scope for reliance on the results of audits, assessments, and inspections that have been completed in the past. Continue reading “HITRUST Releases Guidance for Reliance on the Work of Others”

HITRUST Changes PRISMA Weights and Scoring Rubric

On September 3, 2019 HITRUST announced that they will be updating the HITRUST PRISMA Weights (HAA 2019-007) and the Scoring Rubrics (HAA 2019-009). These new guidelines will go into effect for any HITRUST certifications submitted and accepted on December 31, 2019 or later.

Continue reading “HITRUST Changes PRISMA Weights and Scoring Rubric”

Which Compliance Audit is Right for Me?

When it comes to compliance audits, one should never follow the “one-size-fits-all” mentality. The type of audit you need often depends on your organization’s industry, specific client requests or type of data stored. Continue reading “Which Compliance Audit is Right for Me?”

Top Tips for Effective Audit Preparation

For any organization that stores, interprets and manages sensitive data, complying with cybersecurity requirements is of utmost importance. The most comprehensive way to test the strength and effectiveness of these systems is through a compliance assessment. Beginning this process, however, is no easy feat. Continue reading “Top Tips for Effective Audit Preparation”