Willis North America and the Health Information Trust Alliance (HITRUST) have announced a new partnership to “identify a common approach and develop solutions to better align insurance premiums with cyber risk profiles, tailor insurance coverage and establish a more streamlined process of securing cyber insurance for organizations that process and store protected health information (PHI).”
According to BusinessWire, the new partnership will improve healthcare organizations insurance premiums and coverage by:
- Making the process of securing cyber insurance easier, more efficient and more consistent by leveraging an existing comprehensive information privacy and security framework called the HITRUST CSF. This is the healthcare industry’s most widely adopted privacy and security framework and model implementation of the NIST Cybersecurity Framework.
- Improving the accuracy of risk assessments by using a robust assurance methodology that incorporates the ability to score the effectiveness of the organization’s controls.
- Supporting the identification and ranking of information security controls associated with cyber risk and the impact of any changes in scoring.
- Rewarding organizations that can document and demonstrate effective information security programs related to insurable cyber risks.