|February 10, 2011|
BlueCross Adopts HITRUST Common Security Framework
CHATTANOOGA, Tenn. — BlueCross BlueShield of Tennessee announced today that it has adopted the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most comprehensive and widely adopted security framework in the U.S. health care industry, and that it is accepting assessments conducted by its business partners through the HITRUST CSF Assurance program. |
“The CSF and CSF Assurance program provide BlueCross with a practical and common sense approach to evaluating ourselves and verifying our business partners’ capabilities for protecting health information,” said Dr. Robert Mandel, senior vice president of health care services for BlueCross and executive council member for HITRUST. “Trust is a primary component to building and maintaining relationships with our members and business partners. The adoption of the CSF further strengthens that trust and builds upon our own security principles."
In addition to the use of the CSF, BlueCross has recently issued a set of seven security principles to ensure that security remains a top priority in every facet of the company’s administration. These principles are a reference point for the company and its employees to ensure that security is being taken into consideration in every decision made by BlueCross as well as its business partners. Principles include safeguarding personal data entrusted to the company; conducting ongoing security education among employees, contractors and business partners, and continually improving security and privacy functions and processes.
“BlueCross has long supported HITRUST and worked with the industry to build the most up-to-date and comprehensive security framework for Tennessee,” said Daniel Nutkis, chief executive officer for HITRUST. “We welcome their official adoption of the CSF and participation in the CSF Assurance program and look forward to working with them to provide the utmost protection of their members’ information.”
The CSF Assurance program utilizes the HITRUST CSF, a comprehensive security framework that incorporates the existing security requirements of health care organizations, including federal, state, third party and other government agencies. Organizations participating in the program can perform a single assessment for reporting to multiple internal and external parties to meet all government and internal requirements. The result is managed risk, reduced cost and a process that negates the need for multiple assessments and reviews.
To view BlueCross’ Security Principles in full visit: http://www.bcbst.com/about/company_profile/Principles_for_Security/
The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit HITRUSTalliance.net.
BlueCross BlueShield of Tennessee's mission is to provide its customers and communities with peace of mind through affordable solutions for health and healing, life and living. Founded in 1945, the Chattanooga-based company is focused on reinventing the health plan for its 3 million members in Tennessee and across the country. Through its integrated health management approach, BlueCross provides patient-centric products and services that drive health improvement and positively impact health care quality and value. BlueCross BlueShield of Tennessee Inc. is an independent licensee of the BlueCross BlueShield Association. For more information, visit the company's website at www.bcbst.com.
Return to Press Releases