HITRUST CSF, HIPAA/HITECH, and DEA EPCS Third-Party Audits
Understanding the HITRUST CSF
Having become the most widely-adopted security framework in the U.S. healthcare industry; the HITRUST Common Security Framework (CSF) is a comprehensive and flexible security framework that is made up of prescriptive and scalable security controls taken from globally recognized standards and regulations.
Assisting covered entities and business associates assess the organizational alignment with the HITRUST CSF requirements and provide guidelines for best practices to support the HITRUST CSF. An optional gap analysis indicating the areas for improvement and then after remediation come in as an independent third party to perform either an independent validaition of the self-assessment or a complete certification.
LEARN MOREProviding business associates an independent third-party attestation report that they can share with their covered entities to help ensure they have the controls in place to meet the HIPAA security and privacy safeguards as well as the HITECH breach notification requirements.
LEARN MOREReporting on the compliance of your prescribing or pharmacy application and electronic processing environment through DEA-approved Third Party Audit validation, controls or measures that process owners assert are in place for each EPCS requirement. Identification of EPCS requirements that are determined to be achieved by existing.
LEARN MOREOur Schellman teams have experience performing hundreds of healthcare audits and attestations.
We’re here to answer any questions.