Alliance of healthcare leaders collaborate on health information protection

Release of Common Security Framework major milestone for industry in commitment to greater electronic health information protection and growing regulatory compliance

With the dramatic rise in breaches, theft of patient health data and the increase in regulatory requirements such as those mandated by the American Recovery and Reinvestment Act of 2009 - healthcare organizations and their business partners are now under intense pressure and scrutiny regarding security and privacy. But without a fundamental change in approach the industry will continue to see inconsistencies in the interpretation of regulations, inefficiencies and unacceptably high costs in the exchange of health information, and lagging adoption of standards (such as HIPAA) that have plagued the protection of health information technology in this complex market.


To address this “implementation” gap, the Health Information Trust Alliance (HITRUST) representing the healthcare industry spectrum – from health providers, plans and data exchanges to pharmacies, biotech firms and device manufacturers –unveiled a Common Security Framework (CSF), A broad range of organizations will announce their application security packs, third-party services around HITRUST certification, and contributions to the HITRUST Central community – including Accenture, Archer Technologies, BearingPoint, Cisco Systems, McKesson Corporation, PricewaterhouseCoopers, VeriSign, and others.


(SOURCES: HITRUST,, accessed March 4, 2009; The Advisory Board Daily Briefing;, March 4, 2009)