Information Security Overview
Rosettahealth has developed an Information Security Management Plan (ISMP) based on the NIST Cybersecurity Framework. The RosettaHealth ISMP covers the following 5 core functions:
-
Identify (ID) – Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
-
Protect (PR) – Develop and implement appropriate safeguards to ensure delivery of critical services.
-
Detect – Develop and implement appropriate activities to identify the occurrence of a cybersecurity event.
-
Respond – Develop and implement appropriate activities to take action regarding a detected cybersecurity incident.
-
Recover – Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.
A detailed view of the ISMP functions and their mapping to RosettaHealth policies.
RosettaHealth has developed polices and procedures that align with these core functions to ensure that all aspects of HealthBus and operations comply with applicable regulatory requirements. In addition RosettaHealth has had these polices and procedures audited and accredited by ENHAC for compliance to the applicable HIPAA Privacy and Security rules for a Business Associate.