HITRUST (BTS): Transmission protection & incident response

Featured image

Share this article

Tyler "Commish" Dornenburg and Hoala Greevy

As part of our journey on the RightStart program by HITRUST, we forged ahead today by knocking out swaths of Transmission Protection and Incident Response assessment sections.

This post is a Behind The Scenes (BTS) look at our progress today.

Transmission Protection

Transmission Protection is covered in Section 9 of the HITRUST assessment. There are 16 controls to address within in it.

Topics from this section that stuck out to me were:

  • Properly protecting E-Commerce transactions
  • Establishing and maintaining communication protocols
  • Usage Policy for Fax Machines (hint: we recently held a wake for the fax machine)

Incident Response

Incident Response is one of 14 controls that comprise Section 15, Incident Management.

Topics from this section that stood out to me today were:

  • Updating our Incident Response Plan
  • Fleshing out appropriate Response Categories for security-related events
  • Compiling and documenting a more robust Identification Phase

As an aside, today we discovered Datica open sourced their HIPAA Compliance Policies on GitHub. Very neat.

Daily Status Calls with HITRUST Assessor

HITRUST (BTS): Transmission protection & incident response

Along with our progress from yesterday and last Saturday, we are projecting to submit our HITRUST Assessment before the month is over.

As such, we are now doing Daily Status Calls with our HITRUST Assessor, Jeff Pochily from KirkpatrickPrice.

Topics we covered on our Daily Status call today were:

  • Configuring permissions in the MyCSF portal
  • Incident Management, Response & Reporting
  • Hardware Inventory disposal log

About HITRUST

Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis, and resilience.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022