We look at partner programs from 10 cloud vendors that will arm partners with the tools, support and revenue to be successful in cloud computing.
Apple doesn't often buy companies, and it's almost always tight lipped about how they'll fit into its strategy.
FileMaker Pro 11 has arrived, and we had a chance to try out some of the new features.
Formed in late 2007, the group is based in Frisco, Texas, comprises 155 entities and includes national hospital chains like HCA and insurance firms like Humana. Last month, it released a draft outline of its proposed security framework, and, according to its Web site, will make the 2009 HITRUST Common Security Framework (CSF) available starting in January.
The CSF includes three components, starting with Hitrust's Information Security Implementation Manual, which is founded on the ISO/IEC 27001:2005 and ISO/IEC 27002:2005 standards for information management and a code of practice, and includes the implementation aspects for a range of the industry's major standards and certifications, including ISO/IEC 27799 health informatics, the NIST SP 800 series, HIPAA, COBIT 4.1, PCI DSS Version 1.1 and 21CFR Part 11.
The second piece is a Standards and Regulations Cross-Reference Matrix, which syncs up the details of many of those standards and certifications. Third is the Readiness Assessment Toolkit, a tool for health-care providers to test their own security practices against what the CSF lays out in the manual. Single entity licenses are priced at $8,500 and enterprisewide licenses (up to 25 partially owned and controlled affiliates) at $31,000. Hitrust will also offer an XML version.
Hitrust highlights three particular areas the group says aren't adequately addressed by current specifications:
-- How do we address access for shared workstations in common areas?
-- To what degree is the industry using automated tools for user registration and termination?
-- Is two-factor authentication required for remote access to my network by physicians? Are other organizations maintaining this standard?
Organizations involved in Hitrust would see significant cost savings if Hitrust's certification is adopted. Having one certification to work from would relieve them of time and resources devoted to working around numerous organization-specific security practices.
"Every time [doctors] say, 'The place across the street doesn't make me do this,' it puts pressure on us," Michael Frederick, information security officer for Baylor Health Care System, told The Wall Street Journal.
Watch for more from the Hitrust camp in the coming months.
Subscribe To This Feed
