Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:14 PM
Dark Reading
Dark Reading
Products and Releases

LockPath Adds HITRUST Common Security Framework To Keylight Platform

Will help healthcare organizations better ensure personal health information privacy by understanding and mitigating security risks

OVERLAND PARK, KS – December 17, 2012 – LockPath, a provider of innovative governance, risk and compliance (GRC) applications, today announced it will integrate the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) with its Keylight platform. This addition to Keylight’s extensive Content Library will offer the ability to quickly access and correlate the HITRUST CSF within Keylight, simplifying compliance reporting and helping healthcare organizations better ensure personal health information privacy by understanding and mitigating security risks.

The HITRUST CSF is an information security framework that harmonizes the requirements of existing standards and regulations, including federal (HIPAA, HITECH), third party (PCI, COBIT) and government (NIST, FTC). As a framework, the CSF provides organizations with the needed structure, detail and clarity relating to information security tailored to the healthcare industry.

Integrating and correlating data from multiple sources and systems into a single view is essential to effectively safeguard patient records and manage compliance risk factors. Keylight delivers integrated, actionable dashboards and reports to provide a holistic view of an organization’s security and risk posture. Healthcare organizations of all sizes are using LockPath to address the increasingly complex issues of regulatory compliance and risk management. With LockPath, healthcare organizations can:

· Get one consolidated view of all compliance and risk factors

· Manage regulations and standards including HIPAA, NIST, CMS, FDA

· Minimize data breaches and litigation

· Increase operational efficiency while managing risk

· Automate processes and simplify reporting

· Streamline vendor audits and risk assessments

· Ensure employee training and awareness for emergency procedures

· Prove environmental standards compliance

“While governance, risk and compliance solutions are available for large hospital networks, most are too expensive and unwieldy for smaller entities. Our mission is to give customers an easy-to-use, affordable solution for their risk and compliance headaches,” said Chris Caldwell, co-founder and CEO, LockPath. “The addition of the HITRUST CSF ensures that we continue to do just that – giving our healthcare customers a simple, best-practice approach to better manage risks and demonstrate compliance.”

“Safeguarding personal health information is absolutely critical for healthcare organizations of all sizes,” said Dr. Bryan Cline, vice president, CSF development and implementation, and chief information security officer, HITRUST. "The HITRUST CSF and advanced GRC tools like Keylight are simplifying and streamlining the assessment and compliance process so healthcare organizations across the country can improve information protection.”

For more information on the Keylight platform, please visit LockPath.com or call 913-601-4800.


The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with health care, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health or financial information. In addition to establishing the CSF, HITRUST is driving adoption of and widespread confidence in a framework and sound risk-management practices through education, advocacy and outreach activities. For more information, visit http://www.hitrustalliance.net/.

About LockPath

LockPath speeds and improves organizations’ business and risk decision making. Its purpose-built Keylight platform correlates data, policies, procedures and assets from numerous sources to provide a comprehensive information security management system (ISMS) and IT government, risk and compliance (GRC) reporting across any organization. Forward-thinking product design is recognized by analysts and leading industry publications/awards as the next generation of IT GRC. LockPath is headquartered in Kansas City. Visit LockPath.com to learn more.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-11-20
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP har...
PUBLISHED: 2019-11-20
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.
PUBLISHED: 2019-11-20
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.
PUBLISHED: 2019-11-20
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.
PUBLISHED: 2019-11-20
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as d...