MSP Today Expert Feature
September 29, 2014

Cautela Labs Designated by HITRUST as Common Security Framework (CSF) Assessor

Information technology makes it possible for consumers and businesses to communicate more effectively and exchange data across different platforms. As more organizations integrate this technology, they have to ensure regulatory compliances are not being violated when they interact with customers, partners and coworkers. The rules in place are designed to protect privacy and lower the chances for the information to get into the wrong hands. Violating any of the regulations not only jeopardizes the consumer, but the government levies heavy fines if a company is caught not complying. Cautela Labs, a consulting firm specializing in managed security services on premise or in the cloud, announced it has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor.

The HITRUST established the CSF, a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information in collaboration with healthcare, business, technology and information security leaders. The CSF framework complements existing standards and regulations in: federal regulations with HIPAA and HITECH; third party providers with PCI (News - Alert) and COBIT; and the government with NIST and FTC.

The goal of the framework is to provide organizations with the structure, detail and transparency to interact with the healthcare industry as it relates to information tailored to security so users can access solutions to perform assessments, manage remediation activities, and reporting and tracking compliance.

As one of only 22 assessors in the United States, Cautela Labs will be able to provide services using the HITRUST CSF, which will give healthcare organizations access to trained resources so they can pass compliancy audits.

In order to achieve this status the company had to go through an extensive screening process and demonstrate its proficiency by being capable of providing the help healthcare organizations will require to meet their compliance goals while at the same time securely protecting their information.

Cautela Labs provides services that help healthcare organizations comply with HIPAA and associated reporting by delivering:

  • Security assessment for to identify gaps in the current security posture of the environment
  • Log management and threat management identification of internal and external risks that face the enterprise
  • Vulnerability assessment scanning of the physical and application environment to validate and tightened your security posture
  • Data loss prevention identifies critical data, location and assist in preventing its outflow
  • Network access control safeguards your perimeter and enhance endpoint security
  • Managed security services to reduce time and cost of monitoring and testing

The company also provides Security as a Service solution for resellers and end-users on-site and in the cloud to manage costs, improve risk management, enhance decision making, and drive fast remediation for day-to-day security incidents.

“The healthcare industry has become a prime target for data breaches, patient data theft, and a challenge to meet the increasingly complex compliance regulations. Cautela Labs provides organizations with all the documentation and the corrective measures needed to pass and stay in compliance with the IT portion of a compliance audit,” said Nancy Wilson, Vice President Compliance and Security Services. 

Edited by Maurice Nagle