Post by Pradeep Nair "Azure and HITRUST publish shared responsibility matrix" should be renamed
When I clicked through the links to HITRUST, I got a mail later titled "Violation of HITRUST CSF License Agreement", where I was threatened with legal action.
If Azure is "publishing" something then it should be clear about whether it is safe for me to access it. The title should be corrected as "offer ... under strict license terms."
Our records indicate that you have clicked through and agreed to the terms and conditions of the HITRUST CSF® License Agreement, which subsequently provides you with access to the HITRUST CSF. Per the terms and conditions, to be eligible to download the HITRUST CSF, you must be a HITRUST Qualified Organization. A HITRUST Qualified Organization is an organization seeking to assess its internal information protection systems using the HITRUST CSF. Please note that any organization that is an: information protection service provider, information protection product provider, information protection consultant, information protection vendor and/or supplier, or an organization providing security or privacy professional services IS NOT a Qualified Organization and therefore should not click-through the License Agreement and download the HITRUST CSF.
To protect its intellectual property, HITRUST strictly enforces the terms of the License Agreement. You must stop all use of the HITRUST CSF and delete or shred, as appropriate, any copies of the HITRUST CSF that you have or have shared with others. If we do not hear back from you within seven (7) business days, HITRUST will assume that you are not a Qualified Organization and have violated the License Agreement by downloading the HITRUST CSF.
If you believe that your organization is a Qualified Organization, as defined in the HITRUST CSF License Agreement, HITRUST hereby requests that you provide information as to your eligibility.