The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is one of the industry’s most widely adopted security frameworks. As a designated HITRUST CSF Assessor, Wipfli helps health care clients and business associates alike with HITRUST programs and does so in a variety of capacities.
Lately, we’ve uncovered uncertainties about cloud computing services with regard to HITRUST compliance—in particular, whether Amazon Web Services (AWS), Microsoft Azure, or other third-party tools offer features that can help address the assurances required across the 19 CSF assessment domains.
This series of articles will share some of the useful tools and features we’ve encountered while performing assessments. This is not intended to be a comprehensive list; rather, it’s a list of constructive observations. The intent is to share examples of tools that can help with HITRUST compliance by mentioning as many of the most useful offerings as possible. And if your organization already pays for an enterprise security solution, by all means ask your vendor if it can also provide some of the other security controls mentioned in this series of articles.
Length: 3 pages (PDF 340 kB)