Breach, Data Security, Network Security

Health orgs asking third party associates to get CSF certification

Alarmed by the number of healthcare breaches that have come through third-party vendors, as well as by the high cost the breaches extract from healthcare companies, the industry will expand the use of the CSF Assurance program to business associates, the Health Information Trust Alliance (HITRUST) said Monday.

Many healthcare companies will require their business associates to get CSF Certification over the next 24 months, according to a HITRUST release. The program offers a way for healthcare organizations to evaluate and demonstrate their information privacy and security chops.

Acknowledging that the interconnectedness of companies within the healthcare industry poses systemic risk, Anthem, Health Care Services Corp., Highmark, Humana, and UnitedHealth Group are among the companies that will now require third-party businesses to undergo similar rigors to obtain CSF Certification.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.