Sometimes, when information is stored on the cloud, miscommunication and lack of coordination can cause confusion. Organizations begin to question who is responsible for IT security. A new HITRUST program is offering clarity on the issue.
Hector Rodriquez and Matthew Datel, published an article on the HITRUST Alliance Blog, describing the new Shared Responsibility Program.
The Shared Responsibility Program by HITRUST clarifies the “roles and responsibilities over the operation of each security control to protect information.” This program will address the misunderstandings, dangers, and complications that may present themselves when partnering with service providers.
By clearly assigning responsibilities of each party involved, it will be easier to determine who is accountable for a breach. Organizations will also be able to allocate more resources to providing security in their designated area.
“From our perspective, we are seeing a shift in security models that indicate the HITRUST Shared Responsibility Program is meeting a distinct need in the marketplace. “
Project Hosts provides HIPAA/HITRUST and FedRAMP compliant cloud environments. We work with your organization to clearly assign responsibilities. Our services include Azure Security Management, Continuous Monitoring and Performance Optimization, and Applications Access and Management. We also provide 24/7 person-2-person support to assist your organization with any questions that arise.
The full article is available here, Improving Cloud Security with a Shared Responsibility Model.
The HITRUST Alliance is a, “not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain.”