Microsoft and the Healthcare Information Trust Alliance have launched a matrix intended to assist customers of the company’s Azure cloud offering in efforts to implement HITRUST controls and comply with global cybersecurity standards.
Pradeep Nair, general manager at Microsoft, wrote in a blog post published Thursday that the Shared Responsibility Matrix visualizes HITRUST security controls covered by Azure as well as those that fall under the customer’s responsibility.
Customers can also use the matrix to “inherit” controls from the Azure-based HITRUST assessments for use in other assessments to ensure adherence to the HITRUST Common Security Framework for risk management and regulatory compliance.
Information technology professionals and cloud architects can also utilize the HITRUST Blueprint service to establish a set of core resources for HITRUST compliance in an Azure environment.
HITRUST CSF was founded on baseline standards under organizations such as the National Institute for Standards and Technology, International Organization for Standardization and Health Insurance Portability and Accountability Act.
The healthcare information security standard has augmented over 40 recognized authorities and covered more than 2K controls to date, according to Nair.
Azure’s compliance offerings encompass more than 50 region-specific standards and 40 sector-specific controls in markets such as health, education, finance, government, media and manufacturing.