Cybersecurity

Day Two Highlights from HITRUST Collaborate 2024: Expanding Global Compliance and AI Security

Nicole janko

Nicole Janko

Senior Director, Advisory Services, Coalfire

October 2, 2024
Pxl 20241002 122219556 mp

Chalice and Nicole are back with more updates from Dallas, Texas, where HITRUST Collaborate 2024 is delivering impactful sessions and discussions. Here's a recap of the top five takeaways from Day Two:

1. Global Compliance and AI in Healthcare

This morning, Chalice had the privilege of participating in a roundtable discussion with Microsoft and HITRUST, focusing on Global Compliance in Healthcare and the operationalization of AI. One staggering insight shared was that, according to the Sophos 2024 report, 67% of healthcare organizations fell victim to ransomware, and 53% paid to recover their data. The conversation highlighted the critical need for robust security frameworks, especially as AI and ransomware threats evolve in healthcare.

2. HITRUST Trust Report: A Strong Record of Protection

According to the 2024 HITRUST Trust Report, 99.4% of HITRUST-certified environments have experienced no reported security breaches. This statistic underscores the strength of the HITRUST framework, which is continuously updated with insights from over 50 global standards. HITRUST leadership emphasized their commitment to being cyber threat adaptive, leveraging industry trends to ensure organizations stay ahead of emerging threats. For more key findings from the 2024 report, check out the report linked above.

3. HITRUST AI Certification: Proactively Addressing AI Security

One of the most anticipated developments is the upcoming HITRUST AI Certification expected in December 2024. This new certification will focus on the security of AI systems and will be critical for AI providers seeking to address growing concerns around AI security and third-party risk management. As AI becomes more embedded in various sectors, the HITRUST framework is positioning itself to help organizations manage these risks with comprehensive AI-specific security controls.

4. Tailoring Compliance to Client Needs: Traversable Portfolios & Expanded Insights

HITRUST is evolving to better meet the unique needs of its clients, evidenced by the success of its traversable portfolio, the newly released Combined Assessments and the expansion of insights reports. These tools are particularly valuable for organizations needing to demonstrate compliance across multiple authoritative sources such as HIPAA, PHIPA, HITRUST’s AI RMF and soon GDPR, allowing for flexibility and a more tailored approach to cybersecurity and compliance.

5. Cyber Insurance Trends: The Role of Security Assurances

We also learned about the current trends in the cybersecurity insurance industry. Discussions focused on how information security assurances and real-time telemetry are shaping coverage decisions and speeding up the underwriting process. With the increased reliance on cybersecurity frameworks like HITRUST, insurers are gaining confidence in providing more favorable coverage for well-secured organizations.

 

Day Two has been packed with critical insights into the future of AI security, global compliance, and the growing importance of HITRUST in shaping the cyber insurance landscape. Stay tuned for tomorrow’s blog as we cover the final day and how HITRUST is paving the way for the future!