All Posts By

Frank Kremm

Understanding HITRUST Scoping: Tips from an Experienced HITRUST Assessor

By | Previously Recorded

Scoping may well be the most critical phase of your HITRUST Certification process. During this phase you must identify the number of control requirements your organization needs to comply with in order to become HITRUST certified.

The larger your Scope, the more complex your Assessment.

Understanding the Scoping process helps organizations truly focus on what systems need to be scoped – saving the organization time and money while more efficiently managing their resources.

This webinar focuses on the intricacies of proper Scoping including:

  • What does HITRUST certify?
  • What is an Assessment Object?
  • Why are your business drivers so important to Scoping?
  • What factors define the Scope for your organization?
  • How do data sensitivity, type and volume of records affect Scope?
  •  The ins and outs of leveraging your cloud hosting provider’s HITRUST certification under the “Inheritance” benefit
  • Why do most organizations over-scope?
  • What are the “trap doors” of improper scoping?
Webinar : Understanding HITRUST Scoping: Tips from an Experienced HITRUST Assessor

Focused Security Risk Assessments – Remote Work in the age of COVID-19

By | Previously Recorded

Focusing and Improving Your Security Risk Assessment 

A basic yet critical practice for healthcare organizations is to perform a security risk assessment, at least annually, and whenever there is significant change in the environment – such as large scale remote work.

 Understand the security implications of remote work at this current unprecedented scale – and how best to prepare and respond to them. Remote Access SRAs evaluate your organization’s current remote access environment and the security risks that may be present. 

During this webinar, Intraprise Health security experts discuss:

  • What is the value to your organization of an SRA?
  • How an SRA is a critical component of crisis management preparedness
  • How to prepare for and execute your SRA
  • How frameworks can be used to enhance the SRA process
  • How to introduce quantitative analysis into your SRA
  • How the prioritized recommendations from your SRA can guide your risk program
  • How to determine your remediation approach


Maintaining vigilance for your healthcare organization includes staying focused on the fundamentals and maintaining solid security practices.


Focused Security Risk Assessments - Remote Work in the age of COVID-19 Slide
Webinar : Focusing And Improving Your Security Risk Assessment

HITRUST Essentials – Catapult Health’s Journey to HITRUST Certification

By | Previously Recorded

Catapult Health’s Journey to HITRUST Certification

Working with Intraprise Health, Catapult’s journey to certification took about one year—faster than many organizations. During this webinar, Joe Bell, Catapult Health’s VP of Technology discusses what he learned along the way to HITRUST certification, how it has impacted his organization and how it will change the way Catapult does business going forward.

Intraprise Health is one of the longest serving HITRUST External Assessors. We hold 2 seats on the HITRUST Assessor Council and one seat on the Quality Assurance Subcommittee.

Catapult Health is a National Preventive Healthcare Practice that has served over 600,000 patients.

Listen as Joe discusses where Catapult was at the beginning of their HITRUST journey—what procedures and processes were already in place—and what hurdles they overcame at each stage of the HITRUST journey.

Gain a stronger understanding of:

  1. Scoping and assessments
  2. Identifying Risks/Gaps
  3. Risk Remediation
  4. Testing/Validation

At the end of the webinar, participants will understand the phases of certification and how to work with a HITRUST Advisor to identify areas in your program that need improvement, remediate risk within your organization, and be well-prepared to submit an application for HITRUST certification.

HITRUST Essentials - Catapult Health's Journey to HITRUST Certification Slide
Webinar : HITRUST Essentials - Catapult Health Journey to HITRUST Certification

Performing an Annual Security Risk Assessment

By | Previously Recorded

What you need to know about a HIPAA SRA 

Listen as our security experts discuss:

The requirements for performing a HIPAA SRA under Federal and State law

  1. Regulations and guidance from HHS, OCR and other agencies?
  2. How often do you have to perform an SRA?
  3. What if you are HITRUST certified?
  4. How to review policy and process documentation
  5. How to assess your technical environment

Gain a better understanding of industry best practices, as well as:

  1. How to use frameworks to support your SRA
  2. What your resultant data should look like
  3. What are some of the most common mistakes organizations make when undertaking an SRA

Learn how to get the most out of your SRA and improve your security program

Listen to our webinar and gain a deeper understanding of the components of an SRA, as well as the deliverables you should have after the completion of an SRA.

HIPAA SRA Webinar Title Slide
Webinar : Performing an Annual Security Risk Assessment

Third-Party Risk Management: The essential elements of a strong program

By | Previously Recorded

Listen as our panel of cybersecurity experts share the elements of a strong third-party risk management program.

Gain a better understanding of:

  • What type of companies need TPRM and why
  • How to determine the potential risk a vendor brings to your organization
  • The key elements of assessing vendors and risk
  • How to scale from your current TPRM program to a stronger, more mature approach

Scaling Third-Party and Enterprise Risk Management

By | Previously Recorded

Listen as our panel of experts, including Valley Health’s CISO share information on building a strong security program. The panel discusses:

  • Trends behind the focus on TPRM
  • How Valley Health is approaching TPRM
  • Keys to a scalable TPRM program
  • Current solutions and emerging software platforms
  • How CISO’s can foster adoption within their organizations
Scaling Third Party Enterprise Risk Management Title Slide
Webinar : Scaling Third Party and Enterprise Risk Management

HITRUST Essentials

By | Previously Recorded

Listen as Michael Parisi from HITRUST joins Intraprise Health and discusses:

  • The benefits of HITRUST certification
  • What you should know as you begin your HITRUST journey
  • What types of information will be evaluated
  • How your Assessment will be scored
  • How you can best prepare for a HITRUST Assessment
HITRUST Certification Essentials Slide
Webinar : HITRUST Essentials Webinar

Third-Party Risk Management: What Every CISO Needs to Know

By | White Papers

Drawing upon our extensive experience creating strong cybersecurity programs for healthcare organizations, Intraprise Health has put together a guide to best practices CISOs should follow. Highlights include:

  • Gaining internal support for TPRM
    • What are the risk factors your organization faces?
  • The 5 key components of a comprehensive TPRM program:
    • Program Governance
    • Tiering and Prioritization
    • Vendor Security Assessment
    • Vendor Collaboration
    • Informed Decision-Making
  • An overview of various platforms that include TPRM
  • A checklist of elements essential to a TPRM program

This whitepaper offers practical, actionable guidance on what to consider as you build your TPRM program as well as the different types of programs and solutions that are available as you scale your program.

Provide your contact information to request immediate access to this to informative white paper : Building a Third-Party Risk Management Program from the Ground Up: What Every CISO Needs to Know.

TPRM Paper COver
White Paper : Building a Third Party Risk Management Program
We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Privacy Policy