• AiNews.com
  • Posts
  • HITRUST Unveils AI Risk Management Tool for Better Governance

HITRUST Unveils AI Risk Management Tool for Better Governance

Author

Alicia Shapiro
August 21, 2024 • Estimated Reading Time: 4 minutes

A professional and modern illustration representing HITRUST's new AI Risk Management Assessment tool. The image includes digital shields, a secure AI framework, and healthcare symbols like a stethoscope and medical cross. A network of AI and machine learning models is shown with interconnected data streams, emphasizing governance and risk management. The background features elements of a SaaS platform and compliance checkmarks, symbolizing alignment with industry standards such as NIST and ISO. The overall theme conveys trust, security, and responsible AI implementation in healthcare

Image Source: ChatGPT

HITRUST Unveils AI Risk Management Tool for Better Governance

HITRUST has introduced a new tool aimed at bolstering the governance of artificial intelligence (AI) deployments within healthcare and other sectors. The AI Risk Management Assessment is designed to help organizations effectively manage the risks associated with implementing AI and machine learning (ML) models. This tool ensures that governance strategies are robust and can be clearly communicated to both management and boards of directors.

Comprehensive AI Risk Management Approach

HITRUST’s AI Risk Management Assessment aligns with industry standards set by the National Institute of Standards and Technology (NIST) and the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC). Supported by an advanced assessment framework and SaaS platform, this tool allows organizations to demonstrate their commitment to managing AI risks in compliance with these standards.

"The total effort to address risk management at scale can take weeks or months of labor just to design and maintain an assessment approach, socialize that approach and to prepare for the assessment work itself," explained Bimal Sheth, EVP of Standards Development and Assurance Operations at HITRUST. He highlighted the challenges of ensuring the process meets multiple industry standards, which can be both exhaustive and resource-intensive.

Targeted at AI and ML Deployments

This framework is suitable for any organization utilizing AI, including those deploying machine learning algorithms and large language models. It provides healthcare leaders and others with a method to validate their risk management practices for these rapidly advancing technologies.

Organizations can use the AI RM solution for self-assessment and benchmarking or opt to work with one of over 100 HITRUST external assessor firms for a more formal validation of their AI risk management strategies, according to Jeremy Huval, Chief Innovation Officer at HITRUST.

Building on Previous AI Initiatives

This new tool follows the launch of HITRUST’s AI Assurance Program in October 2023, which was developed to guide healthcare organizations in creating secure, sustainable, and trustworthy AI models. HITRUST is also planning to introduce an AI Security Certification Program later this year, which will include AI-specific control specifications within the HITRUST CSF framework.

Adapting to Evolving AI Risk Standards

As standards for AI risk management continue to evolve, HITRUST is staying ahead by offering tools that address these emerging challenges. Recently, NIST released Dioptra, an open-source platform designed to help developers mitigate data risks associated with AI and ML models.

Robert Booker, Chief Strategy Officer at HITRUST, emphasized the importance of a well-rounded approach to AI governance. "Governance of this important and powerful capability is vital to unlocking the potential that AI offers, and risk management is critical to implementing AI responsibly."