By William Jackson
Aug 31, 2009
The Health Information Trust Alliance (HITRUST) announced today the
creation of a program to certify IT security products against its Common
Security Framework for information.
The CSF Ready program will be guided by a steering committee of major IT
security companies and labs. It will develop criteria for independent
evaluation of health IT security products and services that will enable
compliance not only with the framework but also with federal regulations
for handling and securing the sensitive information.
The program comes as the government is preparing to invest $20 billion
in the development of a health IT infrastructure and is preparing
standards for the secure exchange of health information, as well as new
stiffer regulations to ensure the privacy of that data.
The Health Information Technology for Economic and Clinical Health Act,
or HITECH, was passed this as part of the American Reinvestment and
Recovery Act. As a result of financial incentives and technology
development programs included in the legislation, the Congressional
Budget Office has estimated that up to 90 percent of doctors and 70
percent of hospitals will be using comprehensive electronic health
records within the next decade.
"With security becoming a pillar of every organization, the industry
warrants attention and criteria directed at information security
products that are applicable to their unique needs," Stuart McClure,
vice president of operations and strategy for McAfee's Risk and
Compliance Business Unit, said in announcing CSF Ready. The
certification program is intended to give the industry a starting point
in sourcing security technology.
Subscribe to InfoSec News