Insights

The Business Associates Path to HITRUST CSF Certification

The Business Associates Path to HITRUST CSF Certification

Mar 28, 2016

Download Article (PDF 4352kB)

The Health Information Trust (HITRUST) Alliance developed the Common Security Framework (CSF) in 2007 to give health care organizations a comprehensive set of baseline security controls. The initial development is now in version seven and has become the most widely adopted security framework in the U.S. health care industry.

The New Standard

An increasing number of health care organizations are now changing partner agreement language to require their vendors also to adopt the new HITRUST CSF Assurance Program and obtain certification.

As the program quickly becomes the new standard for streamlining third-party assurance, business associates choosing to adopt the framework and pursue certification must prepare for a two-year journey.

This whitepaper presents the key measures and corresponding activities business associates can expect to encounter along the path to HITRUST CSF certification.

Download Article (PDF 4352kB)

Author(s)

Paul Johnson
Paul J. Johnson, CISSP, CCSFP, CPA
Partner
View Profile