HITRUST
What does the acronym HITRUST stand for?
Health Information Trust Alliance
Overall intention and direction as formally expressed by management, most often articulated in documents that record high level principals or actions that have been decided on.
Policy
What does the acronyms for HIPAA stand for?
Health Insurance Portability and Accountability Act
A program that is inserted into a system, usually covertly with the intent of compromising the confidentiality, integrity or availability of the victim's data, applications, and operating systems.
Malware
MTM is committed to doing more and working to ensure diversity equity and inclusion are cultural pillars throughout every level at MTM.
Respect Individuals
A framework for managing information security and privacy risks and compliance.
HITRUST CSF
A document that explains and organization privacy practices, how information about the information may be shared, the individual rights, and the organization legal duties also known as notice of privacy practices.
Privacy Notice
Electronic record of an individual's health information by which the individual controls access to the information and may have the ability to manage, track, and participate in his or her own health care.
Personal Health Record (PHR)
A live test of the effectiveness of security defenses through mimicking the actions of real-life hackers.
Penetration Test
The management of appropriate business partnerships
Collaborate to Innovate
A common taxonomy and standard set of processes, procedures, activities, and tools that support the identification, assessment, response control and reporting of risk.
Risk Management Framework (RMF)
A person designated by an organization to develop, implement, and oversee the organization compliance with applicable with privacy laws, and acts as the point of contact for all patient privacy issues.
Chief Information Security Officer (CISO) Also known as Privacy Officer.
Information that is a subset of Health Information, including demographic information collected from an individual.
Individually identifiable Health Information
Media that are designed and or capable of being easily and routinely moved from one location to another (BG, USB Drives, Memory Card, CDs/DVDs).
Respecting clients and their members
Align with Clients
A model for controlling access to resources where permitted actions by resources are identified with roles rather than with individual subject identities.
Role Based Access Controls (RBAC)
A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities.
Disaster Recovery Plan (DRP)
Subtitle D of the Health Information Technology for Economic and clinical health act.
HITECH
Attack, via cyberspace, targeting an enterprise use of cyber space for the purpose of disrupting, destroying or maliciously controlling a computer environment/infrastructure.
Cyber Attack
Prioritization of health safety and wellness.
Deliver Value
Scoring guide used to evaluate the quality or effectiveness of a HITRUST CSF control requirements implementation.
Rubric
Logically related series of activities conducted toward a defined objective.
Process/Procedure
Any data that could potentially identify a specific individual, including: any piece of information or combination of information that together can be used to distinguish or trace an individual identity such as name, social security, date and place of birth.
(PII) Personal Identifying Information
Safeguard that employs cryptography to achieve the desired protection.
Cryptographic Controls
Act in good faith, responsibly manner, with confidence, and diligence and to do the right thing ethically and legally.
Act with Integrity