Insurance firm Willis Group, which sells cyber risk insurance, is partnering with industry stakeholder coalition HITRUST to offer healthcare-specific cyber risk assessment services.
The goal is to make it easier to determine an accurate risk profile of an organization seeking coverage and align insurance premiums appropriately for providers and vendors. The project also aims to establish a more standard assessment and risk scoring methodology to better understand the maturity of an organizations privacy and security program and residual risk.
The program will use the Common Security Framework, or CSF, a network platform that supports numerous HITRUST programs. According to both organizations, benefits will include easing the securing of cyber insurance for organizations that can demonstrate effective security programs while helping Willis more accurately score security controls and assess risk.
Risk assessment services are expected to start by the end of 2015 and the program will provide incentives to organizations to improve security and get better rates, says Daniel Nutkis, CEO of HITRUST.
Other services from HITRUST include data collection to detect advanced and persistent threats; guidance to de-identify healthcare data; free monthly cyber threat briefings; the launching of real but harmless attacks on a participating organization to assess how well it recognizes and responds to the attack (benevolent hacking); Cyber Threat XChange, an automated service to collect, analyze and share threat data; and CyberVision software, which aids in assessing threats in unique environments to find the one or two percent of threats that are most dangerous.
Register or login for access to this item and much more
All Health Data Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access