Wipfli logo

Wipfli News

Evolve IP and Wipfli Announce HITRUST Community Extension Program Coming to Philadelphia on July 11, 2018

Monday, June 11, 2018

Evolve IP and Wipfli announced today the HITRUST Community Extension Program is coming to Philadelphia, PA on July 11th 2018 (click here to register). Coordinated by HITRUST, hosted by Evolve IP, and facilitated by Wipfli, the one-day, no cost, town hall meeting will provide organizations of all types and sizes an opportunity to engage with peers to discuss the challenges, best practices and lessons learned in effectively implementing a risk management program and improving cybersecurity practices by leveraging the HITRUST CSF, HITRUST cyber threat sharing and response, and other HITRUST programs.

We are extremely pleased to be a part of the Community Extension Program in Philadelphia,” said Joe Pedano, Executive Vice President of Cloud Engineering of Evolve IP. “This event provides a great opportunity for executives and IT professionals in healthcare, financial services, and every industry we serve to learn more about the risk management benefits of the HITRUST CSF and how it is foundational in securing cloud based services.

Paul Johnson, a Partner with Wipfli LLP, agreed that the educational opportunity for attendees is special. “We’re thrilled to be part of the CEP program,” he explained. “With more and more organizations adopting the HITRUST CSF to manage their security risk and that of the vendors they rely upon, there’s a tremendous need to help business and IT leaders alike understand, embrace, and adjust to these security requirements.”

Some of the topics that will be covered include:

  • Structuring and implementing an information risk management program
  • Considerations in implementing the HITRUST CSF
  • Leveraging the HITRUST CSF to implement the NIST Cybersecurity Framework
  • Considerations regarding a HITRUST CSF Assessment and reporting options
  • Leveraging the HITRUST Cyber Threat Catalogue
  • Implementing a third-party assurance program and effective vendor risk management
  • How to align information risk management and cyber insurance programs
  • Engaging in cyber information sharing and how it supports cyber threat management regardless of size or cyber maturity

“We are very excited to be launching this new program and furthering HITRUST’s engagement with local communities,” said Michael Parisi, vice president, assurance strategy and community development, HITRUST. “This program provides significant value by allowing organizations to engage with, and learn from, others in the community about how they approach the challenges related to managing risk, controlling compliance costs while effectively implementing a strong security posture and defending against cyber threats.”

With the persistence of cyber related threats, organizations are striving not just to enhance and improve their information risk management, regulatory compliance and cyber resilience programs - but do so in an efficient and effective manner. Because the HITRUST CSF, CSF Assessment and cyber threat sharing and response programs are so widely adopted and are key components of many organization and third-party vendor strategies, this program will aid in streamlining adoption and promoting greater collaboration between organizations across the country. In addition, the growing number of CSF Assessors, currently over 65, will be leveraged as resources across the country and will enable more ongoing community collaboration.

More town hall events are happening in 50 cities within communities across the U.S. with more added based on demand over the next 12 months. Information on the other Community Extension Program dates and locations can be found here.


Founded in 2007, the HITRUST Alliance, a not for profit, was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST—in collaboration with public and private healthcare technology, privacy and information security leaders—has championed programs instrumental in safeguarding health information and managing information risk while ensuring consumer confidence in the organizations that create, store or exchange their information.

HITRUST develops, maintains and provides broad access to its common risk and compliance management and de-identification frameworks, and related assessment and assurance methodologies, as well as programs supporting cyber sharing, analysis and resilience. HITRUST also leads many efforts in advocacy, awareness and education relating to information protection.

For more information, visit www.HITRUSTalliance.net.