New HITRUST program helps start-ups with information privacy and security

HITRUST is helping start-up companies make information privacy and security a foundational component while still focusing on growing their business with the introduction of the RightStart Program. The newly introduced program helps start-ups accelerate their adoption of the risk management, compliance, privacy and security suite of services in the marketplace.

HITRUST is bundling and pricing its programs to align with growing small businesses ensuring management and customers that information privacy and security programs are a core tenet of the start-up firm’s operations.

“Navigating risk management and compliance requirements can be costly, a strain on internal resources and can be daunting for any company, but it can be compounded in start-ups that are focusing on bringing their vision to market,” says Mike Parisi, HITRUST’s vice president of Assurance Strategy & Community Development.

“The RightStart Program will ensure dedicated programs managing risk, compliance, security and privacy are foundational practices within a start-up by embedding these security standards into their evolving business models.”

Meeting these requirements should not be a barrier to business growth but too often start-up companies try to institute the proper programs in an ad hoc manner only to lose valuable time and money and in the end, not improving their risk posture.

“The RightStart Program gives us the ability to adopt a security framework that will scale with our organization and provide brand name peace of mind to our customers, partners and investors, says Hoala Greevy, CEO of Paubox, an email encryption company.

“HITRUST provides us with the tools for secure, compliant growth needed to increase our bottom line. Our customer focus demands we have security, compliance, and risk management in place by design and not as an afterthought.”

Designed for start-ups that have been in business for less than three years, have fewer than 50 employees and have less than $10 million in annual revenue, the program offers a risk management solution. The Right Start Program streamlines the adoption of HITRUST’s suite of services, including:

The HITRUST CSF allows organizations to perform assessments and report against its privacy and security controls or any one of the thirty-five authoritative sources included in the framework, such as the NIST Cybersecurity Framework, HIPAA and GDPR.

The HITRUST CSF Assurance Program provides an approach to assessments and reporting against the HITRUST CSF. Since the HITRUST CSF synthesizes numerous standards and frameworks into a single framework, it negates the need for multiple assessments with an ‘Assess Once, Report Many’ approach.

The HITRUST MyCSF Assessment Platform makes it easier and more cost-effective for an organization to manage information risk and meet international, federal and state regulations concerning privacy and security.

The HITRUST Academy offers the training courses designed to educate security professionals about information protection and the utilization of the HITRUST CSF to manage risk.