(ISC)²® (“ISC-squared”), the world’s largest information security professional body and administrators of the CISSP®, and the Health Information Trust Alliance (HITRUST), a non-profit organization responsible for the development, management, education and awareness relating to health information security and the leading organization aiding the healthcare industry in advancing the state of information protection, announced recently they have entered into an agreement to meet the growing demand for qualified security professionals who can protect sensitive healthcare information.
This relationship was also established to allow both organizations to connect with key stakeholders in the healthcare market that can contribute to building new IT security certification and education programs for healthcare professionals.
According to a recently released HITRUST report, “A Look Back: U.S. Healthcare Data Breach Trends,” the healthcare industry has made very little progress in reducing the number of breaches and that the industry’s susceptibility to certain types of breaches has been largely
unchanged since breach data became available from the U.S. Department of Health and Human Services (HHS) and the new Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act went into effect.
The HITRUST analysis concludes that every organization would benefit from better education of professionals and the simpler identification of the necessary skills in professionals available to assist them in their security efforts. In fact, HHS recommends that smaller organizations seek out certified professionals to help conduct risk assessment and analysis if they lack the capability in-house.
“Through this cooperative relationship, HITRUST and (ISC)² will work together to ensure information security professionals working in healthcare have the required skills to be successful within their organizations and careers,” said Daniel Nutkis, chief executive officer, HITRUST.
“Our experience has shown us that organizations with more knowledgeable security professionals manage information risks better and have more advanced information security programs. Healthcare organizations will benefit from having a simpler method to ensure their information protection professionals have the appropriate skills.”