CHICAGO--(EON: Enhanced Online News)--R. R. Donnelley & Sons Company (NYSE:RRD), a leader in integrated multichannel marketing and business communications, announced today that it is among the first companies to have successfully leveraged and integrated the HITRUST Common Security Framework (CSF) program into the annual SOC2 audit process. HITRUST CSF is an information security framework created to meet the specific needs of the healthcare industry. The completed SOC2+CSF report attests to RR Donnelley’s compliance with the HITRUST CSF controls and three of the AICPA Trust Principles.
“Our security and compliance program is built on the AICPA Trust Principles of Data Security, Data Confidentiality, and Data Availability, so integrating the HITRUST CSF controls was a natural evolution for us”
“RR Donnelley has always emphasized the importance of data security for all of the customers that we serve across a broad range of industries, including healthcare,” said Dan Knotts, RR Donnelley’s President & Chief Executive Officer. “We are pleased to have the opportunity to provide yet another example of our commitment to ensuring the confidentiality of the sensitive information that our customers entrust us to handle on a daily basis.”
RR Donnelley was an early supporter of and is committed to the integration of the SOC2 reporting process with the HITRUST CSF controls, and serves as a founding member on the HITRUST Business Associate Council. RR Donnelley was also one of the first companies to complete the SAS70 on data security more than a decade ago, and then one of the first companies to adopt the AT101 SOC2 when it replaced the SAS70.
“Our security and compliance program is built on the AICPA Trust Principles of Data Security, Data Confidentiality, and Data Availability, so integrating the HITRUST CSF controls was a natural evolution for us,” said Dr. Pete Tiemeyer, RR Donnelley’s Chief Information Security Officer.
“We are pleased to be positioned as early adopters of this new framework, recognizing that HITRUST CSF is widely relied upon by the healthcare industry to ensure the protection and confidentiality of their information. It’s important to the Company that we continue to invest in areas that make a difference to the security of all of our customers.”
About RR Donnelley
RR Donnelley is a leading global provider of integrated multichannel marketing and business communications solutions. With more than 52,000 customers and 42,000 employees across 28 countries, RR Donnelley offers a comprehensive portfolio of capabilities, experience and scale that enables organizations around the world to effectively create, manage, deliver and optimize their multichannel communications strategies. For more information, and for RR Donnelley's Global Social Responsibility Report, visit the company's web site at http://www.rrdonnelley.com.
Use of Forward-Looking Statements
This news release may contain "forward-looking statements" within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended, and the U.S. Private Securities Litigation Reform Act of 1995. Readers are cautioned not to place undue reliance on these forward-looking statements and any such forward-looking statements are qualified in their entirety by reference to the following cautionary statements. All forward-looking statements speak only as of the date of this news release and are based on current expectations and involve a number of assumptions, risks and uncertainties that could cause the actual results to differ materially from such forward-looking statements. Readers are strongly encouraged to read the full cautionary statements contained in RR Donnelley's filings with the SEC. RR Donnelley disclaims any obligation to update or revise any forward-looking statements.