Today, Booz Allen Hamilton (NYSE: BAH) announced that the Health Information Trust Alliance (HITRUST), a leading authority on healthcare information security, has designated the firm as a Common Security Framework (CSF) Assessor.
The CSF, developed in collaboration with healthcare and security experts, is a certifiable, information security framework that provides organizations with an actionable roadmap tailored to the unique needs of the healthcare industry. As a CSF Assessor, Booz Allen will provide information security audits for healthcare organizations, of varying size and complexity, to assess compliance with industry security requirements and standards, and create solutions that help organizations align with the CSF.
"Booz Allen Hamilton understands the new cyber security risks and challenges facing the healthcare industry as it moves toward new models of integrated delivery leveraging digital, mobile, and cloud technologies," said Booz Allen Principal Bill Fox. “We believe that a robust cyber health strategy must be a fundamental pillar for any healthcare organization and look forward to supporting HITRUST and the healthcare industry as a valued CSF Assessor."
To date, the HITRUST CSF is the most widely-adopted security framework in the U.S. healthcare industry. Booz Allen obtained this designation by demonstrating the firm’s strong healthcare-specific cyber security expertise and commitment to CSF and delivering CSF-related services to the healthcare industry.
"We are pleased to have Booz Allen as a CSF Assessor to help healthcare organizations with the process of adopting and utilizing the CSF's requirements for protecting information," said Ken Vander Wal, Chief Compliance Officer, HITRUST. "The company’s long-standing expertise and leadership in health IT privacy and security solutions make it a perfect addition to our program.”
Healthcare organizations are becoming increasingly reliant on health IT to deliver quality care while bending the cost curve. However, these big changes in the healthcare ecosystem leave personal health information and financial data more exposed, increasing threats to systems and patient privacy.