ANSI and ISA to study impact of health information breaches.
Press Release Summary:
April 26, 2011 - ANSI, Internet Security Alliance (ISA), and Shared Assessments Program have partnered to assess financial impact of unauthorized access to protected health information (PHI). "Our focus will be on helping to inform organizations' investment decisions in information security best practices and in financial risk mitigation strategies," said ISA's Larry Clinton. Project follows earlier work on cybersecurity by ISA and ANSI and aims to develop report on its analysis within a few months.
Original Press Release
Internet Security Alliance Partners with ANSI and Shared Assessments for Launch of Project on Financial Impact of Breached Protected Health Information
Press release date: April 19, 2011
- a survey subcommittee that will query chief security / privacy officers or consumers on what they consider to be sensitive data, led Christine El Eris and Michael Morelli of Affinion Group, Larry Ponemon of the Ponemon Institute, Don Rebovich of the Center for Identity Management and Information Protection at Utica College, and Andrew Serwin from Foley & Lardner LLP;
- an ecosystem subcommittee that will define points of compromise in the healthcare ecosystem where there are risks of exposure, co-chaired by James Christiansen of Evantix, Gary Gordon of the Center for Identity at the University of Texas at Austin, and Lynda Martel of DriveSavers Data Recovery, Inc.;
- a financial subcommittee that will assess the financial impact of the disclosure of PHI, led by Larry Clinton of ISA, Sandeep Tiwari of Zafesoft, and Debbie Wolf of Booz Allen Hamilton;
- a communications subcommittee that will develop and manage a communications plan, co-chaired by Catherine Allen, chairman and CEO of The Santa Fe Group, representing Shared Assessments, and Linnea Solem of Deluxe Corporation; and
- a final subcommittee that will facilitate overall integration of the subcommittee input with a view toward producing a coherent final report, led by Rick Kam of ID Experts and Ed Stull of Direct Computer Resources, Inc. For additional information, see www.ansi.org/phi or send an email to firstname.lastname@example.org. The initiative is made possible through the generous support of the organizations listed below. Additional partner sponsors are welcome; see sponsorship opportunities for more information. Premium Sponsors: - Clearwater Compliance
- DriveSavers Data Recovery, Inc. Partner Sponsors: - Affinion Security Center
- Booz Allen Hamilton
- Center for Identity Management and Information Protection at Utica College
- Direct Computer Resources, Inc.
- Europ Assistance USA
- ID Experts
- ZOHO ManageEngine About ANSI The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standardization and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. The Institute represents the diverse interests of more than 125,000 companies and organizations and 3.5 million professionals worldwide. The Institute is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC), and is a U.S. representative to the International Accreditation Forum (IAF). About the Shared Assessments Program The Shared Assessments Program was created by leading financial institutions, the Big Four accounting firms, and key service providers to inject standardization, consistency, speed, efficiency and cost savings into the service provider assessment process. Through membership and use of the Shared Assessments tools (the Agreed Upon Procedures and the Standardized Information Gathering questionnaire), Shared Assessments offers outsourcers and their service providers a faster, more efficient and less costly means of conducting rigorous assessments of controls for security, privacy and business continuity. The Shared Assessments Program is managed by The Santa Fe Group, a strategic consulting company based in Santa Fe, New Mexico. About the Internet Security Alliance The Internet Security Alliance is a multi-sector trade association established in collaboration with Carnegie Mellon University in 2000. ISA's mission is to combine advanced technology with the pragmatic business needs of its members and help create effective public policy leading to a sustainable system of world-wide cybersecurity. ISA advocates a modernized social contract between industry and government creating market based incentives to motivate enhanced security of cyber systems. ISA provides its members with a range of technical, business and public policy services to assist them in fulfilling their mission. SOURCE
American National Standards Institute CONTACT: Elizabeth Neiman, +1-212-642-4911, email@example.com; Susanna Space, +1-505-699-7185, firstname.lastname@example.org; or Marjorie Morgan, +1-703-907-7090, email@example.com Web Site: http://www.ansi.org/