Takeaways from the HITRUST Community Extension Program San Francisco

Featured image

Share this article

Takeaways from the HITRUST Community Extension Program San Francisco

Last Thursday I attended the HITRUST Community Extension Program at the Salesforce tower in San Francisco. I was invited to the event by Michael Parisi, VP, Assurance Strategy & Community Development at HITRUST.

If you went to the HITRUST annual conference, you’ll know Mike as the guy who led just about every keynote panel, he has also been a good friend of Paubox throughout our HITRUST journey and helped champion us into the RightStart Program.

Much of the 4 hour session was an open discussion on the lessons, strategies, best practices, and (spoiler alert) the extensive challenges of implementing an enterprise risk management program.

In a room of roughly 30-40 security and privacy professionals, it was clear that to me as a relative outsider (that is to say, someone who has not spent my career up to this point enforcing security and privacy policy) that this group was hungry for solutions.

As the cohost of the event, PwC has been fielding these concerns for years, and it seemed to me that they had found partner in providing strategic guidance as a certified HITRUST assessor firm.

There was one main point that kept coming up in a couple formats – “Our company needs to get HITRUST for [insert strategic / business / non-security related reason], but I don’t want to spend the budget and get a certification for the sake of a certification, is this framework really worth the effort?”

Fair question.

We similarly started our HITRUST journey when a Fortune 50 came knocking and we wanted to win that deal.

  • Is the deal off the table? Yes.
  • Did we do our diligence and decide HITRUST was a highly strategic decision for our company? Yes.
  • Did we have the same question when we were vetting it out? Yes.

Here’s the conclusion we had, while there are many enormous benefits once your company achieves its HITRUST certification, the biggest one is still the core competency of the certification – a validated security and privacy infrastructure.

The shiny logo on your sales deck is icing on the cake for a program that prides itself on a focusing on assessing risks and then implementing the correct controls, not just implementing controls for the sake of achieving compliance some arbitrary framework.

These are real risks, updated regularly, with real controls to keep your business secure.

In our opinion, with the amount of industry leaders (in healthcare and beyond) that are adopting the HITRUST CSF, the day is quickly approaching where HITRUST will be a requirement to sit at the table.

More importantly, it may just provide the answers you’ve been looking for to validate your security standards.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Tyler Dornenburg

Read more by Tyler Dornenburg

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022