Wipfli logo
Insights - Articles, Blogs and on-demand webcasts

Articles & E-Books


The service organization's path to HITRUST CSF Certification

Download Article (PDF 3853kB)
Oct 07, 2019

The Health Information Trust (HITRUST) Alliance developed the Common Security Framework (CSF) in 2007 to give health care organizations a comprehensive set of baseline security controls. The initial development is now in version seven and has become the most widely adopted security framework in the U.S. health care industry.

The New Standard

An increasing number of health care organizations are now changing partner agreement language to require their vendors also to adopt the new HITRUST CSF Assurance Program and obtain certification.

As the program quickly becomes the new standard for streamlining third-party assurance, business associates choosing to adopt the framework and pursue certification must prepare for a two-year journey.

This whitepaper presents the key measures and corresponding activities business associates can expect to encounter along the path to HITRUST CSF certification.

Download Article (PDF 3853kB)


Paul J. Johnson, CPA
View Profile