April 23, 2024
Daily Briefs
HITRUST introduces new 'methodology' for determining risks posed by third parties
Data protection standards and certification organization HITRUST introduced a new “methodology” Thursday for companies to determine the risks of sharing sensitive information with a third party and to streamline this process.
The HITRUST Third-Party Assurance Risk Triage Methodology, developed “in consultation and coordination” with the Provider Third Party Risk Management Council, serves as a “streamlined approach to assessing” risks from third parties, and assists in selecting an assurance mechanism through leveraging the HITRUST cybersecurity framework, or CSF.
“There is...