Content provided by Robyn Barton, Shareholder, Cybersecurity, LBMC, PC
Last fall, my best friend and I took our 12-year-old daughters to see Taylor Swift’s Eras Tour in New Orleans. The experience will forever and always be one of my favorite memories with my daughter – it was MAGICAL!
If you know me, you know my mind is always spinning with many things at once – and as I think back on the concert, I can’t help but draw a comparison between the Eras Tour and the HITRUST assessment process.
From setlists, to stage design, to outfit changes, EVERY SINGLE DETAIL was meticulously planned. Did you know that Taylor Swift trained for six months before the tour kicked off? Per Time magazine,she ran on the treadmill every day while singing the full setlist, adjusting her speed to the cadence of the song. She also did 3 months of dance lessons. All of this boils down to doing as much as possible to be prepared for what was coming.
Whenever we chat with clients about HITRUST, we always talk about planning. It’s so important to know what the process involves and set a realistic timeline for getting certified. This means gathering all the necessary documents, putting the right controls in place, and making sure everything meets HITRUST standards.
The Eras tour is a journey through all of Taylor Swift’s musical eras, each one representing a different phase of her life and career.
I always describe the HITRUST process as a journey. For organizations aiming for their first HITRUST certification, LBMC suggests kicking things off with a readiness assessment to see where you stand and spot any gaps. Once you know this, you’ll work on fixing policies, procedures, and implementation of controls as needed based on those gaps. The controls need some time to operate, and then you can proceed with the validated assessment.
The Eras Tour has 16 dancers, 6 band members, 4 backup vocalists, 90 semi-trucks, and hundreds of production and crew members. Execution requires a dedicated team effort all working together to bring the show to life.
Getting HITRUST certified is definitely a team effort. It takes collaboration across different parts of the business to cover all aspects of your organization’s security. The most successful projects also involve working closely with your assessor firm.
Every aspect of the tour illustrates incredible attention to detail. Surprise songs, special guests, light-up wristbands that sync with the music. What an experience!
Listen, if I was only allowed to tell you one piece of advice about the HITRUST process, it would be this – pay attention to the details. You need to make sure every policy, procedure, and control is clearly documented and maintained. Your assessor will carefully review evidence to meet HITRUST’s strict standards. Details matter. That level of detail and thoroughness are what make the HITRUST certification so reliable.
Going to the Eras tour took a lot of effort and dedication. Getting tickets was tough with all the long waits, limited availability, and high resale prices. Once we had tickets, we made travel arrangements, planned outfits, made dozens of friendship bracelets, learned chants, and managed logistics in a city with 65,000 of our closest friends (Swifties). Was it worth it? 100%. Would I do it again? Absolutely.
Achieving HITRUST certification is a huge accomplishment. It represents a commitment to security and compliance, and it’s definitely a moment to celebrate the hard work and dedication of the entire team.
When you think about it, both a HITRUST assessment and the Taylor Swift Eras Tour need a lot of planning, teamwork, and attention to detail. In the end, all the hard work really pays off. Just like my daughter and I will forever treasure the unforgettable moments of the concert, organizations can be proud of the security and trust they build with the HITRUST framework. Both journeys, while different, show how important commitment and excellence are in their own ways.
Whether you are starting your HITRUST journey or have been on this ride for years, LBMC is here to help. As the leader of the “10-year club” of HITRUST assessors, LBMC stands as the longest-serving assessor in the business with the most experienced team in the industry and offers comprehensive services to assist organizations in transitioning to HITRUST CSF v11, including delta assessments, policy and procedure reviews, readiness testing, and remediation support. Our team of experts can help you make the transition and reach your HITRUST CSF Certification goal.
Contact LBMC today to learn more about our HITRUST services and how we can help your organization achieve and maintain certification.
