The security program of InterFax Communications Ltd., including ShieldQ, has been assessed, rated and certified by HITRUST according to the maturity levels presented in the graph below.
What does HITRUST mean to your business?
By engaging a HITRUST-certified business such as InterFAX, you are adopting a service which enables you to manage confidential data in a secure and industry-compliant manner. Thus, reducing risk of exposure to breach, and increasing confidence within your organisation, and clients.
What is HITRUST?
The Health Information Trust Alliance (HITRUST) is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis and resilience.
HITRUST actively participates in many efforts in government advocacy, community building and cybersecurity education.
What is the HITRUST CSF?
The HITRUST Common Security Framework (CSF) was developed to address the multitude of security, privacy and regulatory challenges facing organisations. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, HITRUST helps organisations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.
The required controls for certification in the HITRUST CSF reflect the controls needed to mitigate the most common sources of breaches for the industry. An organisation must achieve a level of 3+ for each assessment domain (control area) to qualify for certification.
InterFAX Communications HITRUST Assessment Results:
HITRUST Rating Scale:
As used in the HITRUST CSF Assurance Program, the PRISMA-based maturity scores are converted to a15-level maturity rating as follows:
The structure of a PRISMA Review is based on the Software Engineering Institute’s (ESI) former Capability Maturity Model (CMM) where an organisation’s developmental advancement is measured by one of five maturity levels. The rating is an indicator of an organisation’s ability to protect information in a sustainable manner.
HITRUST CSF v9 Evaluation Criteria:
-
Information Protection Program
-
Endpoint Protection
-
Portable Media Security
-
Mobile Device Security
-
Wireless Security
-
Configuration Management
-
Vulnerability Management
-
Network Protection
-
Transmission Protection
-
Password Management
-
Access Control
-
Audit Logging & Monitoring
-
Education, Training & Awareness
-
Third Party Assurance
-
Incident Management
-
Business Continuity & Disaster Recovery
-
Risk Management
-
Physical & Environmental Security
-
Data Protection & Privacy
For more information about HITRUST, the HITRUST CSF and other HITRUST offerings and programs, visit the HITRUST Alliance site.