Vulnerability and Configuration Scanning Service Helps Healthcare
Organizations Improve Security with an Accessible, Easy to Use, Cost Effective
SAN FRANCISCO, June 11 /PRNewswire/ -- nCircle, the leader in security
and compliance auditing solutions, and Health Information Trust Alliance
(HITRUST) announced today that nCircle has been selected as the provider of
vulnerability and configuration assessments as a service for the HITRUST
Central portal. The nCircle Suite360(TM)-based offering is an easy-to-use,
Internet accessible service that enables healthcare organizations to scan
their IT systems for known vulnerabilities and to ensure their IT systems and
medical devices are securely configured. This service enables healthcare
organizations from the smallest physician's offices to the largest global
organizations to reduce their risk from external threats and ensure that
sensitive personal and financial health data is protected. The service
dramatically reduces the complexities and costs associated with demonstrating
compliance with regulations and standards such as the HITECH Act, HIPAA and
The new nCircle vulnerability and configuration scanning service is an
integral component in the HITRUST Central strategy to ensure best practice
security tools and services are readily accessible to the thousands of
healthcare organizations - many of whom do not currently have the resources to
assemble a comprehensive solution.
"With many hospitals and healthcare providers moving to Electronic Health
Records, it is critical that these organizations have appropriate
vulnerability and configuration scanning capabilities--they are a critical way
to safeguard systems and applications that store sensitive personal and
financial health information. Without these scanning solutions, organizations
are unaware of the security risks," said Michael W. Frederick, Corporate
Director, Office of Information Security and Chief Information Security
Officer, Baylor Health Care System.
HITRUST, in collaboration with healthcare, business, technology and
information security leaders, is ensuring information security becomes a core
pillar that enables the electronic exchange of health information. To achieve
a standard level of IT security, HITRUST has delivered a Common Security
Framework (CSF) covering a range of regulatory requirements with a
consolidated set of controls and implementation guidelines.
"The industry is on the verge of broad adoption of electronic healthcare
information and it is imperative that organizations can ensure that
information is protected in a consistent, practical and cost effective
manner," stated Daniel Nutkis, CEO, HITRUST. "Vulnerability management is a
critical step and best practice for any security strategy. Our partnership
will enable the entire healthcare industry access to nCircle's solutions, the
industry leader for comprehensive security risk and configuration auditing. "
"HITRUST is not just establishing the methodology and approach for
organizations to safeguard health information, but making available a best of
breed suite of tools to allow organizations of all sizes and levels of
sophistication to implement it," said Abe Kleinfeld, CEO, nCircle. "nCircle is
committed to supporting this important initiative to make the entire
healthcare supply chain more secure."
As part of the partnership, nCircle will play an active role in HITRUST
working groups developing Security Configuration Packs (SCPs) for the HITRUST
Common Security Framework. The SCPs will proactively address ideal
configuration standards for third-party health information systems. The first
Security Configuration Packs are targeted for the following vendors: Cerner,
Eclipsys, eClinicalWorks, Epic Systems and McKesson.
The Software as a Service (SaaS) Vulnerability and Configuration
Assessment Service will be generally available in mid-July through HITRUST
Central, an online community for healthcare IT security and compliance
professionals. For more information on nCircle Suite360 security and
compliance auditing solutions, visit www.ncircle.com and for more information
on HITRUST Central, visit www.hitrustcentral.net.
nCircle is the leading provider of automated security and compliance
auditing solutions. More than 4,000 enterprises, government agencies and
service providers around the world rely on nCircle's proactive solutions to
manage and reduce security risk and achieve compliance on their networks.
nCircle has won numerous awards for growth, innovation, customer satisfaction
and technology leadership. nCircle is headquartered in San Francisco, CA, with
regional offices throughout the United States and in London and Toronto.
Additional information about nCircle is available at www.ncircle.com.
The Health Information Trust Alliance (HITRUST) was born out of the
belief that information security should be a core pillar of, rather than an
obstacle to, the broad adoption and utilization of health information
technologies and exchanges. This, in turn, is critical to realizing the
related promise of quality improvement and cost containment in America's
healthcare system. HITRUST is collaborating with healthcare, business,
technology, and information security leaders to establish a certifiable
framework that can be used by any and all organizations that create, access,
store or exchange personal health and financial information. Beyond the
establishment of the first Common Security Framework (CSF), HITRUST is also
driving adoption and widespread confidence in the framework and sound risk
management practices through awareness, education, advocacy and other outreach
activities. For more information, visit http://www.HITRUSTalliance.net.
For further information:
For further information: Shelley Boose of Shev Rush PR, +1-408-398-6987,
for nCircle; or Leslie Kesselring of Kesselring Communications,
+1-503-358-1012, email@example.com, for HITRUST Web Site: