Practical assessments backed by industry insight
Threats to healthcare organizations are everywhere. With Wipfli’s Health Information Trust Alliance Common Security Framework (HITRUST CSF) assessment services, you can protect data and build a more resilient organization.
With the adoption of electronic health records and health information exchanges, the growing threat of medical identity theft and the increased emphasis on individual privacy, healthcare organizations need reliable security controls in place. And those controls also need to meet ever-changing regulations.
HITRUST CSF is the healthcare industry’s most widely adopted security framework, and — as an authorized external assessor — Wipfli can guide you in applying HITRUST standards to your security program.
How our HITRUST consulting is different
Wipfli is one of the longest-tenured assessor firms in HITRUST. Since we became an approved HITRUST assessor in 2013, we have completed more than 100 HITRUST assessments.
We take the time to get to know your organization and work with you every step of the way to help ensure your success. With our HITRUST consulting, our clients have an impeccable record of success in attaining certification.
Our HITRUST core services
HITRUST gap assessment
Together, we define the scope of the HITRUST assessment, identify effective controls to meet each requirement and provide tailored recommendations for addressing gaps.
HITRUST validated assessment
Help ensure your success in achieving HITRUST certification. Our independent testing is balanced with a collaborative approach to complete the project efficiently and with accurate testing results, maximizing your investment in time and money.
Interim assessment
Let our team help you breeze through your midterm interim assessment to maintain your two-year HITRUST certification.
Additional solutions to improve your security confidence:
Gap remediation assistance
Stay on track for certification by tracking remediation progress, gaining answers to your HITRUST-related questions and acquiring recommended evidence needed for the validated assessment.
Validated assessment coordination
Lessen your burden during the validated assessment process with our help uploading information and documentation into your assessment. We also help coordinate the evidence-collection process with your team, helping ensure you have the appropriate information to support your assessment results.
Policies and procedures
Jump-start your readiness efforts by leveraging our policy and procedure template library. We can also help customize templates to meet your needs.
Cybersecurity protection, training
Security is a moving target, with new risks, threats and vulnerabilities surfacing daily. Wipfli brings a profound understanding of the healthcare industry and cybersecurity landscape to identify vulnerabilities and deficiencies — from both internal and external threats — that could put your healthcare organization at risk.
Get started today assessing your HITRUST compliance and risk management.
Our team
Paul J. Johnson, CPA
Paul Johnson works with clients to assess, improve, and test their information security and risk management systems. He also helps clients determine their compliance with health care security requirements including HIPAA and HITRUST.
Karen Johnston, CCSFP, CIA, CISA, CCSFP-CHQP
Karen has more than 15 years of experience in public accounting and private industry. She applies her experience in risk advisory services and assists her clients in protecting and tailoring their business environment to mitigate risk, identify trends, increase efficiencies, and gain a competitive advantage.
Angela Haasch, CCSFP
Angela Haasch is a versatile management consulting professional with over 10 years of experience helping organizations with risk advisory services, project management, process improvement, and technology initiatives.
