Which HITRUST framework element is most relevant when assessing the security of health data shared through an HIE?