HITRUST and NIST has brought together multiple industry-relevant statutory, regulatory and best practice requirements into a single basic structure for healthcare organizations to get a firm and clear understanding on their security posture. This also considers working towards building a cybersecurity program that aligns with goals of the NIST Framework.

HITRUST has started a certification program for the NIST Cybersecurity Framework. Through HITRUST CSF Assurance Program and assessment scoreboard for the NIST Framework, healthcare systems and hospitals can bring to use a more effective and efficient way to guarantee security compliance.

This NIST Cybersecurity Framework is extremely beneficial for health systems trying to protect themselves from different cyber threats. It could also be useful to tackle other vulnerabilities and enterprise wide risks, according to healthcare attorney Barry Herrin’s statement. He also believes that NIST Framework can be expanded to list expectations about how the organization is going to use it to manage enterprise security; not only data security but, all types of security.