HITRUST Framework to Address PrivacyCompliance Guide Is Expanding in Scope
"HITRUST has always recognized that security and privacy are highly integrated and that the healthcare industry would benefit ... from a single security and privacy framework," says Daniel Nutkis, HITRUST's CEO. The enhanced framework will provide guidance on complying with the HIPAA privacy and security rules and help organizations meet requirements for the HITECH Act electronic health record incentive program, he adds.
Meanwhile, version 4.0 of the security framework, due at the end of this year, will include more prescriptive guidance on risk assessment methods. This version also will address new issues, including health information exchange, cloud computing and mobile devices.