HITRUST Security and Configuration Audit Service
powered by nCircle
Try It Now and Receive:
- Free scan of one IP for security vulnerabilities
- Free unlimited discovery scans
- Critical first step to CSF certification
The HITRUST Security and Configuration Audit service, powered by nCircle is an easy-to-use, Internet accessible service that enables healthcare organizations to easily and automatically audit their IT systems for known vulnerabilities and to ensure their IT systems and medical devices are securely configured.
How it Works
HITRUST Security and Configuration Audit service, powered by nCircle provides a simple, 3 step process:
- Discover. The service scans your Internet-facing IP addresses and discovers all active systems, confirming that you know about all the Internet-facing systems on your network.
- Scan. The service then thoroughly scans each discovered system, identifying vulnerabilities and gathering configurations.
- Review Results. Upon completion of the scan, a report is generated that highlights any issues found and provides in-depth remediation and mitigation information to ensure timely remediation.
The scan report clearly indicates whether the network is secure and can be provided to auditors as proof of compliance.
  |
  |
  |
||
Step 1: Discover |
Step 2: Scan |
Step 3: Review Results |
The offering is based on solutions from nCircle, the leader in automated security and compliance auditing for the healthcare industry. The service enables healthcare organizations from the smallest physician’s offices to the largest global organizations to reduce risk and ensure compliance with regulations and standards such as the HITECH Act, HIPAA and PCI.
The HITRUST Security and Configuration Audit service, powered by nCircle delivers:
- On demand scanning of Internet-facing systems for vulnerabilities
- On demand scanning for configuration changes and compliance (coming soon)
- Concise reports with clear results and actionable remediation steps
HITRUST
The service is accessible through the HITRUST Central portal and is the first critical step in the HITRUST Common Security Framework (CSF) certification. The CSF standardizes and streamlines security and compliance through clearly defined prescriptive controls. The CSF leverages and cross-references existing standards and regulations, simplifying compliance efforts and avoiding control redundancy. CSF certification provides healthcare organizations with a common security baseline, and the HITRUST Security and Configuration Audit service powered by nCircle is the first proactive step towards CSF certification.
nCircle plays an active role in HITRUST working groups in the development of Security Configuration Packs (SCPs) for the HITRUST Common Security Framework. SCPs proactively address ideal configuration standards for third-party health information systems. Initial SCPs are targeted for the following vendors: Cerner, Eclipsys, eClinicalWorks, Epic Systems and McKesson.
The HITRUST Common Security Framework
HITRUST has developed a Common Security Framework (CSF) that standardizes and streamlines security and compliance through clearly defined prescriptive controls. The CSF leverages and cross-references existing standards and regulations, simplifying compliance efforts and avoiding control redundancy. CSF certification provides healthcare organizations with a common security baseline, and the HITRUST Security and Configuration Audit service powered by nCircle is a good first step towards CSF certification.
Pricing
Pricing for the HITRUST Security and Configuration Audit service, powered by nCircle is based on the number of IP addresses a customer needs to scan.
