RESTON, Va., July 8 Brabeion Software, a leader in ITGovernance, Risk and Compliance (IT GRC) Management, today announced that theHealth Information Trust Alliance (HITRUST) has selected Brabeion as its ITGRC tool to aid in the development and coordination of the Common SecurityFramework (CSF). HITRUST will use key components of Brabeion's acclaimed ITrisk and compliance software and knowledgebase to assist in mapping theHITRUST CSF to regulations and industry control frameworks. Additionally,Brabeion will aid in providing assistance in format design of the CSF.
The HITRUST CSF is a comprehensive set of tools to aid organizations thatcreate, store, access or exchange electronic health, financial, and othersensitive information in protecting their information assets and managingrelated risks, costs and complexities. The HITRUST CSF is comprised of threecomponents -- an Information Security Implementation Manual, a Standards andRegulations Cross-Reference Matrix, and a Readiness Assessment Toolkit.
"The magnitude, complexity and number of diverse organizations involved indeveloping the HITRUST Common Security Framework make it a very significantundertaking with many coordination challenges. The only way to meet our goalsis to adopt a tool that can create the mappings, linkages and delivery formatrequired as well as coordinate the numerous individuals developing andreviewing the various CSF components - and Brabeion is the best choice to aidin completing the task at hand," said Daniel S. Nutkis, CEO of HITRUST.
Healthcare organizations are facing multiple challenges with regards toinformation security, including costs, complexities and inconsistenciessurrounding regulations and standards, and the auditing of these acrosspeople, process and technologies. HITRUST is fostering the industrycollaboration needed to solve these urgent problems. Leading health careorganizations, professional services firms, information security specialists,liability insurers and other organizations have joined together to activelyparticipate in the HITRUST CSF program.
"The HITRUST effort promises to transform information security programswithin the entire healthcare industry. Both Brabeion and HITRUST share thesame vision to provide organizations with a better way to manage risk,demonstrate compliance, and improve operational efficiency. We are excited toleverage our practical experience in IT GRC to play a hands-on role in thissignificant effort," commented Julian Waits, CEO of Brabeion.
The HITRUST CSF is expected to be available in January 2009 for anyorganization that creates, accesses, stores or exchanges personal health andfinancial information. The Information Security Implementation Manual andStandards and Regulations Cross-Reference Matrix will be made available inboth PDF and XML versions.
Brabeion Software is the only company to provide a complete IT GRCmanagement software solution and has gained public recognition as a leaderover the past year by Fortune 500 companies and industry analysts. TheBrabeion Polaris IT GRC Management Suite manages policies, automates ITcontrol monitoring, and measures what actually occurs against what businesspolicies, internal governance, and regulatory sources demand.
About the HITRUST
The Health Information Trust Alliance (HITRUST) was born out of the beliefthat information security should be a core pillar of, rather than an obstacleto, the broad adoption of health information systems and exchanges. Securityis critical to the broad adoption, utilization of and confidence in healthinformation systems, medical technologies and electronic exchanges of healthinformation. This, in turn, is critical to realizing the related promise ofquality improvement and cost containment in America's healthcare system.HITRUST is collaborating with healthcare, business, technology, andinformation security