HITRUST Readiness Services
HITRUST is the Health Information Trust Alliance, a collaboration with healthcare, technology and information security leaders. They have established the Common Security Framework (CSF) that can be used by all organizations that create, access, store or exchange sensitive and/or regulated data such as PHI (protected health information). The CSF includes a prescriptive set of controls that seek to harmonize the requirements of multiple regulations and standards, and has a set of increasing requirements depending on the size of the organization. The HITRUST CSF brings a universal framework that fully integrates HIPAA Security Rule requirements with the standards of ISO, NIST and many other federal and state requirements.
The HITRUST CSF combines several frameworks and standards, including ISO/IEC 27002:2013, NIST SP 800-53, PCI-DSS v3, NIST CSF, and others. HITRUST also has their MyCSF tool, a GCR tool that allows organizations to upload and self-assess their compliance with the HITRUST CSF as they work toward HITRUST certification.
Our services for HITRUST CSF
We can assist with HITRUST certification by providing services for HITRUST readiness including:
- Review and scope of systems and processes, including systems, infrastructure and applications.
- Findings report including feedback and recommendations for improvements.
- Creation of Policies and Procedures.
- Assisting with reports to be submitted.