By including federal and state regulations standards frameworks and incorporating a risk based approach the hitrust csf helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security and privacy controls.
Hitrust common security framework.
Between the csf s 19 reporting domains are 149 control specifications which can each be assessed to one of three implementation levels.
The health information trust alliance hitrust is an organization governed by representatives from the healthcare industry.
Roughly 38 000 common security framework csf assessments have been performed in the last three years.
The governing body further added that the requests for combining soc 2 and hitrust reports are also.
The hitrust csf assurance program combines aspects from common security frameworks like iso nist pci and hipaa.
The hitrust csf provides the structure transparency guidance and cross references to authoritative sources organizations globally need to be certain of their data protection compliance.
Hitrust created and maintains the common security framework csf a certifiable framework to help healthcare organizations and their providers demonstrate their security and compliance in a consistent and streamlined manner.
Hitrust is a privately held company located in frisco texas united states that in collaboration with healthcare technology and information security organizations established the hitrust csf.
Read about the hitrust common security framework here.
The company claims csf is a comprehensive prescriptive and certifiable framework that can be used by all organizations that create access store or exchange sensitive and or regulated data.
Hitrust common security framework 2014.
Download the hitrust csf v9 4 free of charge.
The hitrust csf was developed to address the multitude of security privacy and regulatory challenges facing organizations.
Hitrust in collaboration with private sector government technology and information privacy and security leaders has established the hitrust csf a certifiable framework that can be used by any organization that creates accesses stores or exchanges sensitive information.
Due to this hitrust csf has become a widely adopted security and privacy framework across industries globally.