Cloudticity™ Joins Amazon, Google, Microsoft, and Oracle in HITRUST’s Shared Responsibility and Inheritance Program

News Image

“Cloudticity is the first non-hyperscale cloud provider to release a published HITRUST SRM,” said founder and CEO of Cloudticity, Gerry Miller.

To address the challenges organizations face when engaging with their cloud service providers, Cloudticity joins Amazon, Google, Microsoft, and Oracle in releasing its Shared Responsibility Matrix documenting the inheritable HITRUST CSF controls from Cloudticity’s HITRUST Certification.

The HITRUST Shared Responsibility Matrix® (HITRUST SRM) is a no-cost, easy-to-use, out-of-box, baseline template with pre-populated shared responsibility and controls inheritability that are perfectly suitable for shared cloud environments. The HITRUST SRM is aligned to a shared responsibility model that demystifies the practical application of control sharing with a unique set of rational core principles and terminology. Through inheritance, customers have the opportunity to externally rely upon requirements for more than 350 HITRUST controls.

“Cloudticity is the first non-hyperscale cloud provider to release a published HITRUST SRM,” said founder and CEO of Cloudticity, Gerry Miller. “There is a large and incredibly varied ecosystem of cloud resources in the industry now. Choosing the right cloud provider is absolutely essential, and that requires access to industry-specific capability sets and detailed documentation. We’re proud to empower informed decision-making for healthcare organizations on the cloud journey in selecting the most suitable and secure platforms and services for their needs.”

The new HITRUST SRM is focused on the Cloudticity Oxygen™ platform. It quickly identifies which of the Cloudticity-attested 350+ HITRUST controls are available for full or partial inheritance to Cloudticity customers and prospects. Organizations, such as Cloudticity, that participate in the HITRUST Shared Responsibility and Inheritance Program by allowing controls inheritance along with publishing HITRUST SRMs, make it significantly easier to plan HITRUST inheritance from any participating vendor to ensure that relevant control implementation is done completely and correctly.

“The HITRUST Shared Responsibility™ and Inheritance Program was introduced in 2018 as an industry-first innovation to address misunderstandings, risks, and complexities that can arise when organizations and their service providers share the responsibility for performing and assessing cybersecurity controls,” said Becky Swain, Director of Standards and Shared Responsibility Program Lead for HITRUST. “It is intended to provide greater clarity regarding the ownership and operation of security controls between organizations and their service providers and reflects our mission to simplify and resolve our customers’ most pressing risk management challenges.”

The HITRUST SRM is built on the industry’s first vendor-agnostic Shared Responsibility Model suite for cloud assurance with a standard set of core principles and common taxonomy to equip cloud-hosted and other service providers and their relying customers with a clear, consistent, and pragmatic blueprint for navigating and coming to ready and reasonable agreement on the distribution of cloud control ownership and allocation of shared responsibilities.

To learn more about why Cloudticity recommends HITRUST, read High Time for HITRUST in Health Information Exchange (HIE) or schedule a consultation.

Share article on social media or email: