Microsoft, HITRUST Unveil Security Controls Compliance Matrix for Azure

Microsoft, HITRUST Unveil Security Controls Compliance Matrix for Azure

Microsoft and the Healthcare Information Trust Alliance have launched a matrix intended to assist customers of the company’s Azure cloud offering in efforts to implement HITRUST controls and comply with global cybersecurity standards.

Pradeep Nair, general manager at Microsoft, wrote in a blog post published Thursday that the Shared Responsibility Matrix visualizes HITRUST security controls covered by Azure as well as those that fall under the customer’s responsibility.

Customers can also use the matrix to “inherit” controls from the Azure-based HITRUST assessments for use in other assessments to ensure adherence to the HITRUST Common Security Framework for risk management and regulatory compliance.

Information technology professionals and cloud architects can also utilize the HITRUST Blueprint service to establish a set of core resources for HITRUST compliance in an Azure environment.

HITRUST CSF was founded on baseline standards under organizations such as the National Institute for Standards and Technology, International Organization for Standardization and Health Insurance Portability and Accountability Act.

The healthcare information security standard has augmented over 40 recognized authorities and covered more than 2K controls to date, according to Nair.

Azure’s compliance offerings encompass more than 50 region-specific standards and 40 sector-specific controls in markets such as health, education, finance, government, media and manufacturing.

You may also be interested in...


Microsoft Azure Government Now Offers 142 Services With FedRAMP’s High Provisional Authorization

Microsoft now has 142 cloud services certified with high provisional authorization to operate under the Federal Risk and Authorization Management Program, which aims to standardize the security of cloud products used in the federal government. The company said in a blog post published Thursday its offerings under the Azure Government cloud work to boost the security and compliance of federal agencies.

MCR Federal

MCR Federal Working to Provide Space Force With Modernized C2 Software

MCR Federal secured a contract in May to help the U.S. Space Force implement new command and control software equipped with modernized applications in an effort to replace aging space C2 software tools.

X-57 Maxwell

NASA to Hold High-Voltage Ground Tests for X-57 Electric Aircraft

NASA is slated to conduct ground tests for high-voltage operation of an experimental plane being designed by Empirical Systems Aerospace to help the agency create certification requirements for electric aircraft units.