HITRUST CSF consulting & certification

Practical assessments backed by industry expertise.

How protected is your organization?

With the Health Information Trust Alliance Common Security Framework (HITRUST CSF) assessment you can confidently answer that question.

HITRUST CSF is the healthcare industry’s most widely adopted security framework, and — as an authorized external assessor — our team can guide you in applying HITRUST’s standards to your security program.

Our HITRUST assessments evaluate your security programs against regulatory mandates and industry standards (e.g., HIPAA, HITECH, CMS, PCI, COBIT and NIST).

Our HITRUST consulting team can also help you achieve HITRUST certification so you can let your stakeholders know their information is secure. 

How our HITRUST consulting is different

Wipfli is one of the longest tenured assessor firms in HITRUST. Since we became an Approved HITRUST Assessor in 2013, we have completed more than 100 HITRUST assessments.

We take the time to get to know your organization and work with you every step of the way to help ensure your success. With our HITRUST consulting, our clients have an impeccable record of success in attaining certification.

When you work with us, you will get:

1. Professional engagement management

Our professional project managers use a proven methodology during our HITRUST assessments to ensure your project is completed on time. Your Wipfli project manager and relationship executive will meet with you monthly during phase I and weekly during phase II to track status, issues and upcoming tasks.

2. Experienced HITRUST consultants

Wipfli readiness assistance services are performed by consultants with special training in the HITRUST framework and practical experience in designing and implementing security and privacy controls. Our HITRUST consultants know how to create better testing up front so the assessments move through the QA phase more quickly and smoothly.

3. Broad spectrum of services

Wipfli offers a broad spectrum of HITRUST assessment services to assist you with your readiness and ongoing compliance efforts including:

  • Policies and procedures
  • Privacy compliance consulting
  • Vulnerability assessments and penetration testing
  • Security awareness and training
  • Vendor management assistance
  • Incident management plan development and response services
  • Business continuity plan/disaster recovery plan development, exercise facilitation

As a Top 20 accounting and consulting firm we also offer a wide range of services that can help you grow your business.

Contact us today to get started assessing your HITRUST compliance and risk management. 


Featured Insight

Tips for gathering evidence for your HITRUST validated assessment

Evidence gathering is one of the biggest tasks your organization will undertake during your HITRUST validated assessment.

Featured Insight

HITRUST® and the cloud

During HITRUST CSF Certification, cloud computing is a frequent topic that comes up. In this paper, we cover cloud compliance and compare different solutions.