NexTTyme LLC

"Solutions For Everyday People"

NexTTyme Home

Services

IT Risk Management

IT Compliance

IT Governance

BCP/DR

Vendor Risk Management

Service Request

Products

AlertUs Home

Professional Affiliations

How to Order "AlertUs"

Valuable Safety Links

Testimonials

AlertUs Advantages

AlertUs Docs

AlertUs Awards

Our Story

Contact Us

IT Compliance
HITECH Security / HIPAA Administrative Safeguards:

ADMINISTRATIVE SAFEGUARDS
- Security Management Process
- Assigned Security Responsibility
- Workforce Security, Information Access Management
- Security Awareness and Training, Security Incident Procedures
- Contingency Plan, Evaluation, Business Associate Contracts and Other Arrangements

HIPAA SECURITY STANDARDS - PHYSICAL SAFEGUARDS
- Facility Access, Physical Controls, Workstation Use, Workstation Security, Device and Media Controls

TECHNICAL SAFEGUARDS
- Access Control, Audit Controls, Integrity, Person or Entity Authentication, Transmission Security

ORGANIZATIONAL REQUIREMENTS
- Business Associate

CONTRACTS AND OTHER ARRANGEMENTS
- Requirements for Group Health Plans
HITRUST Common Security Framework:
The CSF integrates and normalizes these different authoritative sources, incorporating key objectives under one umbrella framework that also provides prescriptive implementation requirements for meeting the objectives. 

HITRUST CSF accomplishes the  following: 

  • Establishes a single benchmark for organizations to facilitate internal and external measurement  that incorporates the requirements of applicable standards and regulations including ISO, PCI,  COBIT, HIPAA, HITECH, and NIST   
  • Increases trust and transparency among business partners and consumers by incorporating best  practices, building confidence, and streamlining interactions across the industry
  • Obtains industry consensus on the most effective way to address information security while  containing the cost of compliance and the number, complexity, and degree of variation in  security audits or reviews. 

Key Components The HITRUST CSF has the following components:

  • Information Security Control Specifications: Certifiable and best‐practice based specifications that include sound security governance practices (e.g., organization, policies, etc.) and security control practices (e.g., people, process, technology) that scale according to the type, size, and complexity of each organization.
  • Standards and Regulations Mapping: A reconciliation of the framework to common and different aspects of generally adopted standards.
Organizational Standards & Policies:

We perform a gap analysis of your standards & policies to determine the following;
  • Creation of new policies to include level 1 HITRUST language to prepare you for OCR HIPAA audits
    • Due to process, technology and policy changes
  • Mature existing policies and standards
  • Merge policies and standards
It is imparitive that your organization create strong, supported policies and standards to drive compliance
 
Contact Information.....

NexTTyme LLC
PO Box 620328
Charlotte, NC 28262
Email: Inbox@nexttyme.com



View Terry Evans - HITRUST's profile on LinkedIn