By Jack Anderson
February 26, 2019
The answer to why HITRUST is marketing the NIST CSF was given at a previous webinar in response to a question from a attendee. The answer was that many clients or potential clients were demanding certification on the NIST CSF as a higher standard than the HITRUST CSF.
As to the “HITRUST approach”, it involves expensive consultants spending hours on-site running up huge bills.
By contrast, the “Jumpstart approach” involves utilizing the Internet to connect with the same quality consultants, editing, adopting, and implementing NIST policies, and receiving quarterly NIST CSF risk assessments. This approach costs thousands, versus hundreds of thousands for the HITRUST approach.
These fundamenntally different approaches deliver the same result but are developed by teams with a different viewpoint. The consultant is always focused on “billable hours” while the software developer is focused on technology to support repeatable process.
For more information go to www.compliancehelper.com