The Health Information Trust Alliance has made changes to its assurance program intended for the review and certification of organizations’ common security framework.
HITRUST has created a quality assurance subcommittee within its board of directors that will manage overall assurance and compliance procedures in support of efforts to centralize CSF assessment reports, ExecutiveBiz has learned.
According to HITRUST, consolidating CSF operations into a single holistic program will make reports more consistent and reliable compared to decentralized reporting and review procedures.
“I view the role of the Quality Subcommittee similar to that of an Audit Committee,” said Ken Vander Wal, chief compliance officer at HITRUST and chairman of the new subcommittee. “It will independently review what controls and processes HITRUST has in place to ensure quality and consistency across the entire program, review metrics used by HITRUST to measure quality at every level of the process, provide feedback where changes are required, and make recommendations for process improvements when appropriate.”
HITRUST also revised its assurance advisories to include updates to its scoring rubric and control maturity evaluation procedures.
Based in Frisco, Texas, HITRUST was established in 2007 to promote information risk management and regulatory compliance throughout all industries at the supply chain level.