Health IT group to offer security certification to vendors

Health IT group to offer security certification to vendors
Health IT group to offer security certification to vendors 

By William Jackson
Aug 31, 2009

The Health Information Trust Alliance (HITRUST) announced today the 
creation of a program to certify IT security products against its Common 
Security Framework for information.

The CSF Ready program will be guided by a steering committee of major IT 
security companies and labs. It will develop criteria for independent 
evaluation of health IT security products and services that will enable 
compliance not only with the framework but also with federal regulations 
for handling and securing the sensitive information.

The program comes as the government is preparing to invest $20 billion 
in the development of a health IT infrastructure and is preparing 
standards for the secure exchange of health information, as well as new 
stiffer regulations to ensure the privacy of that data.

The Health Information Technology for Economic and Clinical Health Act, 
or HITECH, was passed this as part of the American Reinvestment and 
Recovery Act. As a result of financial incentives and technology 
development programs included in the legislation, the Congressional 
Budget Office has estimated that up to 90 percent of doctors and 70 
percent of hospitals will be using comprehensive electronic health 
records within the next decade.

"With security becoming a pillar of every organization, the industry 
warrants attention and criteria directed at information security 
products that are applicable to their unique needs," Stuart McClure, 
vice president of operations and strategy for McAfee's Risk and 
Compliance Business Unit, said in announcing CSF Ready. The 
certification program is intended to give the industry a starting point 
in sourcing security technology.


Subscribe to InfoSec News 

Site design & layout copyright © 1986-2014 CodeGods