Security is in our DNA, so we're proud to be part of HITRUST's new RightStart program, which is aimed at giving start-ups the tools needed to make information security and compliance easier to establish and manage.
“Navigating risk management and compliance requirements can be costly, a strain on internal resources and can be daunting for any company, but it can be compounded in start-ups that are focusing on bringing their vision to market,” says Mike Parisi, HITRUST’s vice president of Assurance Strategy & Community Development. “The RightStart Program will ensure dedicated programs managing risk, compliance, security and privacy are foundational practices within a start-up by embedding these security standards into their evolving business models.”
Paubox has already passed two independent HIPAA compliance certifications, but HITRUST will help take our security frameworks to another level. The HITRUST Alliance is a non-profit organization that has established a common security framework that is widely viewed as the standard for healthcare.
“The RightStart Program gives us the ability to adopt a security framework that will scale with our organization and provide brand name peace of mind to our customers, partners and investors, says Hoala Greevy, CEO of Paubox, an email encryption company. “HITRUST provides us with the tools for secure, compliant growth needed to increase our bottom line. Our customer focus demands we have security, compliance, and risk management in place by design and not as an afterthought.”
About HITRUST Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.