As the dramatic rise in breaches, theft of patient health data and increasingly complex regulatory environment continues to put health care organizations and their business relationships under intense pressure and scrutiny regarding security and privacy, Deloitte, a New York-based risk consulting and security advisory services company, announced it has been designated as a Common Security Framework (CSF) Assessor status from the Frisco, Texas-based Health Information Trust Alliance (HITRUST).
HITRUST’s CSF is the first information technology security control framework developed explicitly for health care information. As a CSF Assessor, Deloitte expands its ability to serve clients that process, store, transmit and use protected health information, as well as other sensitive information. In particular, Deloitte will be able to assist clients in streamlining their security and compliance processes, remediating information security gaps and complying with the HIPAA security rule, HITECH Act and state breach notification laws.
CSF Assessors are organizations approved by HITRUST to perform assessment and/or certification services associated with the CSF, including services delivered through the CSF Assurance program. In becoming a CSF Assessor, organizations must go through a rigorous due diligence process and demonstrate that they have a strong information security practice and leadership, experience delivering information security solutions to health care organizations, and a dedicated group of practitioners that can deliver CSF-related services to organizations.