The service organization's path to HITRUST CSF CertificationDownload Article (PDF 3853kB)
The Health Information Trust (HITRUST) Alliance developed the Common Security Framework (CSF) in 2007 to give health care organizations a comprehensive set of baseline security controls. The initial development is now in version seven and has become the most widely adopted security framework in the U.S. health care industry.
The New Standard
An increasing number of health care organizations are now changing partner agreement language to require their vendors also to adopt the new HITRUST CSF Assurance Program and obtain certification.
As the program quickly becomes the new standard for streamlining third-party assurance, business associates choosing to adopt the framework and pursue certification must prepare for a two-year journey.
This whitepaper presents the key measures and corresponding activities business associates can expect to encounter along the path to HITRUST CSF certification.