Request Information
1.877.459.4347

Request Information

or Call 1.877.459.4347

Financial Services Security Needs Embraced by HITRUST

Financial Services Security Needs Embraced by HITRUST
February 22, 2018 / Evolve IP

HITRUST is already applicable to and accepted by key players in the financial services industry. This fact was explained at Evolve IP’s Cybersecurity 2018 conference held last November at Evolve IP’s HQ in Wayne, PA.

During the keynote address by cybersecurity expert and author Tom Norman from Ingram Micro, Tom explained the importance of HITRUST and how it evolved into such a comprehensive and powerful standard:

“The HITRUST process is the pinnacle today of IT security. Evolve IP’s customers can rest assured that the data that they entrust to Evolve IP is being protected at the highest possible standards. HITRUST is a single, best-practice approach and it has the potential to work across every single vertical sector…financial services, military, healthcare, retail, education, government, transportation, distribution…you name it. It looks like HITRUST is going to be, if not today, within the next couple of years a solution across all of those verticals and across all of the compliance standards, including European compliance standards.”

Both of Tom’s predictions (for the financial services market and international market) have now come to pass with HITRUST version 9.1 release. Specifically, v9.1 of the HITRUST CSF incorporates 1) the New York State Cybersecurity Requirements for Financial Services Companies and 2) the European Union General Data Protection Regulation (GDPR).

The expansion of HITRUST to address the needs of financial services is the result of a strong wave of recognition and encouragement by the financial services community to ‘open up’ the robust HITRUST framework that emerged out of the healthcare industry in response to stringent HIPAA requirements. It is part of their ongoing initiative to make the HITRUST CSF more open and comprehensive so that it is applied more effectively to meet all compliance requirements across a variety of global industries.

Omar Khawaja, a board member at HITRUST, also presented at the November conference. In his presentation, he explained how there has been extensive work over the last two years to harmonize the HITRUST framework with the AICPA to align it with the process of obtaining a SOC II. Also, he also explained that there was already one top 10 bank in country that was going forward to obtain their HITRUST certification based on the general strength of the framework and because of the deep security assurances it provides (see 90 second video clip of this commentary).

Tom Norman also explained how the broad scope of HITRUST is a key part of its appeal:

“This is the thing that’s most appealing to me about HITRUST. It started out in support of HIPAA. But they took a very strategic approach to this and understood that every healthcare organization also has to comply with PCI DSS. So that’s a very prescriptive process. And as they looked at the NIST framework, COBIT, and ISO 27001, each provided a checklist of all of the things that you have to do. Somebody had the bright idea of just making HITRUST compliant with the worst case of every compliance standard out there. So it’s not an accident that HITRUST became the go-to solution for compliance.”

Further, according to their press release on v9.1, HITRUST’s cross-industry adoption has been further validated by two new independent reports: the NIST Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT) recognizes the HITRUST CSF as an industry-led security standard that addresses multiple areas of concern; and the Government Accountability Office (GAO) Report to Congressional Committees on Critical Infrastructure Protection cites the HITRUST CSF as a means of demonstrating compliance with the NIST Framework for Improving Critical Infrastructure Cybersecurity in the HPH sector.

Contact us today, for more information about Evolve IP’s HITRUST certified Evolve Cloud East or Evolve Cloud West datacenters. We’ll be happy to share and show how our secure cloud strategies and compliance-driven cloud solutions suite leverage our HITRUST certification to provide the ultimate protection to our financial services clients across the country.

Categories: Finance General
Listening To Needs. Solving Complex Challenges.

Helping enterprise IT focus on business results, not infrastructure

  • One of the nation’s largest and fastest-growing dermatology businesses estimates savings of $6.45 Million over 5 years

    View Case Study

    “Evolve IP’s digital workspaces have allowed us to acquire more practices in a faster and more profitable way. That is resulting in bottom-line cost savings and top-line business benefits.”

    – Jeff Francis, Vice President of IT USDP

  • International Law Firm Drives Communications Reliability Across 60+ Worldwide Locations and Saves Over $300,000 a Year

    View Case Study

    “That’s the type of proposition I like to bring to a Board of Directors. When I can say, ‘we can get everything new, be completely redundant, it can meet all of our needs and oh, by the way, we are going to save over $300,000 a year.’ It makes it easy for me to sell!”

    – Ken Schultz CIO of Ogletree Deakins

  • Financial advisory firm enables employees to Work Anywhere with an integrated platform

    View Case Study

    “The transition has been almost seamless to our folks, working from home full time. My team looks like heroes right now.”

    Ryan Easter, Director of IT and Principal at Johnson Investment Counsel

Simplify and future-proof your technology footprint with Evolve IP

It's nearly impossible to stay on top of every change in technology. Partner with Evolve IP and gain the combined experience of hundreds of technologists, all acting as an extension of your IT team. Helping you do more with less.

Recognized by:

Certified by:

close

Contact Us

or Call 1.877.459.4347
This site uses cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Want to know more? Please check our privacy statement.
Close