AWS HITRUST Shared Responsibility Matrix for HITRUST CSF v11.2 now available

The most recent model of the AWS HITRUST Shared Accountability Matrix (SRM)—SRM model 1.4.2—is now out there. To request a replica, select SRM model 1.4.2 from the HITRUST web site.

SRM model 1.4.2 provides help for the HITRUST Frequent Safety Framework (CSF) v11.2 assessments along with continued help for earlier variations of HITRUST CSF assessments v9.1–v11.2. As with the earlier SRM variations v1.4 and v1.4.1, SRM v1.4.2 permits customers to hint the HITRUST CSF cross-version lineage and inheritability of requirement statements, particularly when inheriting from or to v9.x and 11.x assessments.

The SRM is meant to function a useful resource to assist prospects use the AWS Shared Accountability Mannequin to navigate their safety compliance wants. The SRM gives an summary of management inheritance, and prospects additionally use it to carry out the management scoring inheritance features for organizations that use AWS companies.

Utilizing the HITRUST certification, you’ll be able to tailor your safety management baselines to a wide range of components—together with, however not restricted to, regulatory necessities and group sort. As a part of their strategy to safety and privateness, main organizations in a wide range of industries have adopted the HITRUST CSF.

AWS doesn’t present compliance recommendation, and prospects are accountable for figuring out compliance necessities and validating management implementation in accordance with their group’s insurance policies, necessities, and aims. You’ll be able to deploy your environments on AWS and inherit our HITRUST CSF certification, supplied that you simply use solely in-scope companies and apply the controls detailed on the HITRUST web site.

What this implies for our prospects

The brand new AWS HITRUST SRM model 1.4.2 has been tailor-made to mirror each the Cross Model ID (CVID) and Baseline Distinctive ID (BUID) within the CSF object so as to choose the proper management for inheritance even in the event you’re nonetheless utilizing an older model of the HITRUST CSF in your personal evaluation. As a further profit, the AWS HITRUST Inheritance Program additionally helps the management inheritance of AWS cloud-based workloads for brand spanking new HITRUST e1 and i1 evaluation varieties, along with the validated r2-type assessments provided by HITRUST.

For added particulars on the AWS HITRUST program, see our HITRUST CSF compliance web page.

At AWS, we’re dedicated to serving to you obtain and keep the very best requirements of safety and compliance. We worth your suggestions and questions. Contact the AWS HITRUST group at AWS Compliance Contact Us. In case you have suggestions about this put up, submit feedback within the Feedback part beneath.

Mark Weech

Mark is the Program Supervisor for the AWS HITRUST Safety Assurance Program. He has over 10 years of expertise within the healthcare business holding director-level IT and safety positions each inside hospital amenities and enterprise-level positions supporting larger than 30,000 consumer healthcare environments. Mark has been concerned with HITRUST as each an assessor and validated entity for over 9 years.