HITRUST was developed in collaboration with the healthcare and information security industry. The HITRUST CSF streamlines the myriad of healthcare and security regulations/standards into one holistic security framework. As HITRUST is both risk and compliance-oriented, organizations have the ability to customize the framework on organization type, size, systems, and regulatory requirements.
“The established Common Security Framework will provide organizations a defined set of requirements to assess their security programs. This approach will help healthcare organizations and their business associates with the adoption of prescriptive requirements and security frameworks to meet the challenges of the industry and secure protected health information.”
Schellman is the only CSF Assessor that already provides third parties and business associates with ISO 27001, SOC 2, HIPAA attestations, PCI compliance, and other privacy and security initiatives. These standards have been combined to make the CSF. We therefore have thousands of examinations and decades of experience providing technology and healthcare audit services to our clients.
Our Schellman teams have experience performing hundreds of healthcare audits and attestations.
We’re here to answer any questions.