What can you tell me about the new HITRUST C-TAS information-sharing consortium? Does it in any way add to the HIPAA/HITECH compliance mandate?
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
The Health Information Trust Alliance (HITRUST) is a private consortium of healthcare organizations that offers a set of services related to the security and privacy of protected health information. It is not a government agency and has no power to require compliance with any programs or documents that it provides. Rather, it is a group of organizations subject to a number of requirements (HIPAA, ARRA, PCI DSS, COBIT, and so on) banding together to reduce the burden of compliance mandates.
The specific initiative you ask about, the HITRUST Cyber Threat Analysis Service (C-TAS), is an information-sharing collaboration that seeks to identify emerging and current threats to member organizations and disseminate information about those threats as quickly as possible. It also promises to coordinate the responses to specific threats among participating organizations and create best practice documents for the healthcare industry. While C-TAS might be a good source of information for HIPAA or HITECH-covered entities, it is by no means a compliance mandate.
Dig Deeper on Data privacy issues and compliance
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.