Overview
Syllabus
Intro
About me
Goals
Assumptions
Why HITRUST? - Multiple authoritative sources
Ginger HITRUST Journey
Ginger HITRUST Metrics (1/2)
Breakdown
Perform the gap assessment and remediation yourself
Gap Remediation
Make HITRUST part of your Information Security Program
Initiate an organization-wide Security Awareness Program
Get at least one team member HITRUST CCSEP certified
Identify the inheritance controls
Include technical controls in SDLC
Implement a SaaS Management tool
Electronically approve documentation
Start with the relevant scope
Document everything!
Summary
Taught by
Security BSides San Francisco