The HITRUST CSF Assessment Process and Beyond

by Sarah Harvey / December 19, 2022

What is the HITRUST Maturity Model? So far in this webinar series, you’ve learned who HITRUST is, what the HITRUST CSF is, how to scope your environment, and which risk factors affect your defined scope. In this webinar, Jessie Skibbe outlines HITRUST’s Maturity Model for control scoring, the assessment process, report options and timeline projections, and some strategies for maintaining compliance.  HITRUST Maturity Model You will be required to…

Navigating the HITRUST CSF

by Sarah Harvey / February 20, 2023

In this webinar, Jessie Skibbe discusses one of the most important steps in the certification journey: scoping. She will cover how to scope your environment for a HITRUST CSF assessment and how to define the risk factors related to your scope.  Scoping is the very first step in your certification journey. Before you even contact an assessor, you must determine what your scope is. The controls of the HITRUST…

Defining HITRUST CSF Compliance

by Sarah Harvey / February 20, 2023

Why Do You Need a HITRUST CSF Certification? Have you just received “the letter” from a top client indicating you must become HITRUST CSF Certified within “X” months? Did your boss just you for a project timeline on how long it would take to become HITRUST CSF Certified? Do you need to know how to become HITRUST CSF Certified in order to stay competitive in the healthcare market? Are you…

Compliance is Never Enough: Encryption & Key Management

by Sarah Harvey / November 27, 2023

Understanding a Key Management Program The purpose of this presentation is to give you a foundation of understanding encryption. This webinar will not delve into the math involved, but rather, you will learn about the different types of encryption, key management basics, algorithm uses, and encryption attacks. First, let’s define and discuss symmetric versus asymmetric encryption. Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both…

Compliance is Never Enough: Hardening and System Patching

by Sarah Harvey / December 19, 2022

Best Practices for Patch and Vulnerability Management Programs 75% of the assessments that we do will generally have a finding regarding patching. So, what’s missing? What can we do to change that? In this webinar, Jeff Wilder discusses best practices for patch management programs, best practices for vulnerability management and identification programs, false assumptions about patching, risk ranking, and recommended tools.  Patch management should only be a part of…