HITRUST kicks off program to give security support to startups

HITRUST is hoping to support small, new healthcare businesses in adopting best practices and baking security into their products from the foundation.
By Jessica Davis
02:08 PM
man pointing at a computer screen with phone in hand

HITRUST launched a security program to help start-up companies bolster their privacy and security foundations, including the adoption of the most comprehensive risk management, compliance and security services.


The goal is to support startups in adopting best practices as they grow. HITRUST is working closely with those small businesses to ensure these security features are baked into their products from the beginning.

To accomplish this, HITRUST is bundling and pricing its programs to align with small businesses that have been in business for less than three years, have fewer than 50 employees and less than $10 million in annual revenue. The program will streamline HITRUST adoption.


“Navigating risk management and compliance requirements can be costly and a strain on internal resources and can be daunting for any company, but it can be compounded in start-ups that are focusing on bringing their vision to market,” Mike Parisi, HITRUST’s vice president of assurance strategy and community development, said in a statement.


HITRUST was formed in 2007 and is seen as one of the industry’s gold standards for security. In May, it launched a certification program for the NIST Cybersecurity Framework for hospitals and health systems to ensure security compliance.

The RightStart Program will ensure these startups embed these security standards into “their evolving business models,” Parisi added.

HITRUST officials stressed that often these types of security measures are seen as a barrier to adoption. And as a result, companies will add programs in an ad hoc way, which leads to a loss of time and money, without a guaranteed improved risk posture.

To Hoala Greevy, Paubox CEO, the hope is that the program will give the company the ability to adopt a security framework that will scale with the organization.

“HITRUST provides us with the tools for secure, compliant growth needed to increase our bottom line,” Greevy said in a statement. “Our customer focus demands we have security, compliance, and risk management in place by design and not as an afterthought.”

Focus on Cybersecurity

In October, we take a deep dive into security strategy and pressing threats.

Twitter: @JF_Davis_
Email the writer: jessica.davis@himssmedia.com

More regional news

Doctor in PPE

Photo by Morsa Images/Getty Images

MemorialCare Saddleback Medical Center MemorialCare Health System mental health

MemorialCare Saddleback Medical Center (Credit: MemorialCare Health System)

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.