Skip to content

MyCSF Feedback

MyCSF

Categories

JUMP TO ANOTHER FORUM

(thinking…)

How can we improve MyCSF?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

11 results found

  1. Scope of the Assessment - Description on Access

    Description of how the Systems are Accessed by all parties should be a separate column and not embedded in the Description portion. It is not intuitive that Access is part of the Description. Access is a separate attribute and should be treated as such.

    2 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  2. Business Associate Domain 19

    Can there be an additional risk factor question for business associates that asks whether they have any responsibility for handling ePHI/PHI requests from end users/consumers (e.g. disclosures, restrictions in writing)?

    Domain 19 has many requirements that are focused on covered entities, and if a BA can confirm they would never be involved in the handling of ePHI requests from end users/consumers I think it would remove several requirements that wind up being N/A and would provide clarity during QA.

    5 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  3. change sort order of presets to align with assurance levels

    change the left to right sort order of assessment presets to align with assurance provided....r2 should be left, i1 center, e1 right.

    1 vote
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  4. Allow select-all for Facilities in Platforms/Systems table

    When selecting the facilities where a platform/system is running, have the option to select all facilities rather than needing to go one-by-one.

    2 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  5. Applications & Databases are mandatory fields in the Platforms/Systems table, mark them as such when the table is being filled out.

    When completing the Platforms/Systems table, some fields are marked mandatory. The Applications & Databases fields are not. However, HITRUST QA requires something to be included here. Please mark these fields as mandatory up front to minimize these QA tasks/findings.

    2 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  6. Organize compliance factors by type

    It would be helpful to organize the various authoritative sources on the factors page by type, similar to how the sources are organized in Microsoft's Trust Center. See pic for their example.

    2 votes
    1 comment  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  7. Data Clean Up

    remove acccess to previous subscriber's data if non renewal

    4 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  8. Suggestive Factor Changes

    MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment

    5 votes
    1 comment  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  9. Separate discretionary factors from mandatory factors

    I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.

    33 votes
    Under Specification  ·  0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  10. [BL] Information button for Administrative Details and Factors tab

    When customer is selecting and inputting data in the Administrative Details and Factors tab have the information button for each question like in 1.0- definition for each org type question and reg factor

    2 votes
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?

  11. [BL] Allow Assessors to Generate Assessments in Preview State

    Give the Assessor Organizations the ability to populate Assessments with Library Versions that are either in the state of "Published" or "Preview"

    1 vote
    0 comments  ·  Pre-Assessment & Scoping  ·  Admin →
    How important is this to you?
  • Don't see your idea?