HiTrust compliance

CHALLENGE

Over 80 percent of hospitals and health plans use the HITRUST Common Security Framework (CSF) to take the guesswork out of healthcare cybersecurity compliance. As of June 2017, Anthem, Humana, Highmark, United Health, and Health Care Services Corp are requiring their business associates to have HITRUST certification.

SOLUTION

Save money and time complying with HITRUST CSF with Illumio:

 

See What's Communicating

Illumio shows you in real time all the connections between system components that store or process ePHI. You can also monitor current and historic flows of ePHI across your network, identifying vulnerabilities and potential attack vectors.

  • Easily identify the full extent of your ePHI environment, whether in the cloud or your data center.

 

Find and Solve Compliance Problems with Explorer

Undiscovered compliance challenges, like a production server that handles ePHI communicating with a development server, can stall compliance and cost you money and time. Illumio Explorer lets you find problems before the audit starts, and speed the audit along once it gets going.

  • Ensure that you have properly encrypted all ePHI traffic.
  • Identify anywhere that Dev is talking to Prod.
  • Find and validate mysterious processes in minutes.

 

Control Access To Your ePHI Environment With Micro-Segmentation

Limit communications into, out of, and within your ePHI environment to only the minimum necessary communications that your systems require to function. Since Illumio is software-based and does not depend on the network for segmentation, implementation is faster, and our micro-segmentation automatically adapts to changes in your environment to ensure security policies always remain in place.

  • Segment your ePHI environment in any cloud or data center;
  • Address HITRUST Access Controls 01.m, 01.n, 01.o, 01.w and Communications Controls (09.m, 09.2, 09.w)

Deep dive into our micro-segmentation technology.

Encrypt ePHI Traffic in One Click

HITRUST requires that any ePHI data transmitted across an open or untrusted network be encrypted. This means any ePHI data that moves between data centers or into the cloud. Illumio SecureConnect offers one-click encryption that secures your ePHI data no matter where it is going or coming.

  • Save time and avoid mistakes by using Illumio SecureConnect. Instantly encrypt ePHI traffic with point-to-point IPSEC tunnels.

 

Show HITRUST Compliance

Speed up and simplify your HITRUST audits with one-click reporting that avoids slow and costly firewall rule set review.

  • Review and validate security policy in minutes instead of hours.


BENEFITS INCLUDE:

  • Real-time visibility into all the systems and communications within your ePHI environment.
  • Identify compliance challenges before your audit using Explorer.
  • Segment high-value systems and applications that handle ePHI in any data center or cloud.
  • Generate compliance data in minutes that validates the communications and segmentation of your ePHI environment.
  • One-click IPsec encryption of communications within your ePHI environment and with external systems to comply with HiTrust security controls using Illumio SecureConnect.
Building a Smart Segmentation Strategy Guide

How-To Guide

BUILDING A SMART SEGMENTATION STRATEGY

Use this guide to create a rock-solid micro-segmentation strategy in only five steps.

Get the guide »