HIPAA News

THE HEALTH INFORMATION TRUST ALLIANCE (HITRUST) SELECTS BRABEION SOFTWARE’S IT GOVERNANCE, RISK AND COMPLIANCE SOLUTION

July 8, 2008 – Brabeion Software, a leader in IT Governance, Risk and Compliance (IT GRC) Management, today announced that the Health Information Trust Alliance (HITRUST) has selected Brabeion as its IT GRC tool to aid in the development and coordination of the Common Security Framework (CSF). HITRUST will use key components of Brabeoin’s acclaimed IT risk and compliance software and knowledgebase to assist in mapping the HITRUST CSF to regulations and industry control frameworks. Additionally, Brabeion will aid in providing assistance in format design of the CSF.

The HITRUST CSF is a comprehensive set of tools to aid organizations that create, store, access or exchange electronic health, financial, and other sensitive information in protecting their information assets and managing related risks, costs and complexities. The HITRUST CSF is comprised of three components – an Information Security Implementation Manual, a Standards and Regulations Cross- Reference Matrix, and a Readiness Assessment Toolkit.

“The magnitude, complexity and number of diverse organizations involved in developing the HITRUST Common Security Framework make it a very significant undertaking with many coordination challenges. The only way to meet our goals is to adopt a tool that can create the mappings, linkages and delivery format required as well as coordinate the numerous individuals developing and reviewing the various CSF components – and Brabeion is the best choice to aid in completing the task at hand,” said Daniel S. Nutkis, CEO of HITRUST.

Healthcare organizations are facing multiple challenges with regards to information security, including costs, complexities and inconsistencies surrounding regulations and standards, and the auditing of these across people, process and technologies. HITRUST is fostering the industry collaboration needed to solve these urgent problems. Leading health care organizations, professional services firms, information security specialists, liability insurers and other organizations have joined together to actively participate in the HITRUST CSF program.

“The HITRUST effort promises to transform information security programs within the entire healthcare industry. Both Brabeion and HITRUST share the same vision to provide organizations with a better way to manage risk, demonstrate compliance, and improve operational efficiency. We are excited to leverage our practical experience in IT GRC to play a hands-on role in this significant effort,” commented Julian Waits, CEO of Brabeion.

The HITRUST CSF is expected to be available in January 2009 for any organization that creates, accesses, stores or exchanges personal health and financial information. The Information Security Implementation Manual and Standards and Regulations Cross- Reference Matrix will be made available in both PDF and XML versions. Brabeion Software is the only company to provide a complete IT GRC management software solution and has gained public recognition as a leader over the past year by Fortune 500 companies and industry analysts. The Brabeion Polaris IT GRC Management Suite manages policies, automates IT control monitoring, and measures what actually occurs against what business policies, internal governance, and regulatory sources demand.

About the HITRUST The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. Security is critical to the broad adoption, utilization of and confidence in health information systems, medical technologies and electronic exchanges of health information. This, in turn, is critical to realizing the related promise of quality improvement and cost containment in America’s healthcare system. HITRUST is collaborating with healthcare, business, technology, and information security leaders to establish a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the first-ever common security framework, HITRUST is also driving adoption and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit www.hitrustalliance.org

About Brabeion Software Brabeion, the leading software provider in IT Governance, Risk and Compliance (IT GRC), helps organizations demonstrate governance, dramatically reduce risk and improve compliance while lowering costs.Brabeion’s Polaris Suite is the first IT GRC solution to trace the full lifecycle of risk and compliance impacts from business and legislative requirements through to policy, implementation procedures and controls with automated audits and assessments. It is powered by comprehensive information risk and audit content developed and maintained by our team of domain experts, through strategic alliances with organizations including PricewaterhouseCoopers LLP, IT Governance Institute and others. Brabeion Polaris puts you in control of your governance, risk and compliance profile at every level and stage of your business process. Brabeion is a member of the Open Compliance and Ethics Group Technology Council, Information Security Forum (ISF), PCI Vendors’ Alliance and Oracle’s GRC Vendor Alliance. For more information, visit www.brabeion.com

Share or bookmarklet this web page at: