eHealth Technologies has officially started the HITRUST CSF Control/Bake-in Period beginning Monday, June 21, 2021 at 9:01 a.m. (ET) (“Control Period”). The Control Period will last for 90 days and continue through Sunday, September 19, 2021 at 9:01 a.m. (ET).
The Control Period is the period of time that all of our polices, procedures, workflows, and processes, will be reviewed by external auditors, including the HITRUST CSF governing body (“Auditors”). The Auditors will be reviewing ePHI access, audit logs, network access, event history, badge access, visitor logs, Help Desk ticketing system, documentation, Qualio Training, Traliant Training, Live HIPAA Classroom Training, etc., to ensure that each and every employee and contractor is following the control in place based on our policy, procedure, workflow, or process.
Each one of you has an important role to eHealth Technologies becoming HITRUST CSF Certified. Please make sure you continue to follow all policies, procedures, workflows, and processes. We need to demonstrate to the Auditors that we are aware of our controls and are following them as written and as we have been trained upon. Together, we can do this and contribute to a successful audit!
As always, please let the eHealth Technologies’ Privacy and Security Compliance Team know if you have any questions on the privacy and security of Covered Information, including PHI, ePHI, and other Confidential Information.