Wipfli logo

The What, Why, and How of HITRUST

Torpey White
May 05, 2016

This webinar was recorded on May 5, 2016. Click the Download button to watch the recording and to view the presentation slides.  

Wipfli and Xtium team up to provide an informative and interactive discussion regarding the Health Information Trust Alliance (HITRUST) and the adoption of their Common Security Framework (CSF) to address HIPAA requirements. As HITRUST is one of the health care industry’s most adopted security frameworks, we will explore the evolution of the standard and discuss best practices for both covered entities and service providers.

During the webinar, we explore answers to the following questions:

  • What is the relationship between HIPAA and HITRUST?
  • How is HITRUST being used by covered entities to manage HIPAA security policies and procedures?
  • How does HITRUST compare to the AICPA’s more common SOC 2® and other frameworks?
  • How is HITRUST impacting the relationship between covered entities and service providers?
  • What is the future of HITRUST from the perspective of covered entities?
  • What are the pros and cons of HITRUST from a service providers’ perspective?
  • How are service providers prioritizing HITRUST certification among other vendor management issues?
  • Should service providers require certification of their service providers?
  • What best practices have service providers learned by going through the certification process?
  • What is the overall process like to achieve certification?
  • What are the common gaps identified in initial assessments?
  • What time and resources are required to achieve and maintain certification?


Torpey White


Tracy Bush 07/02/2024
Preventing appraisal bias
Proposed IRS regulations could impact the bad debt conformity election
Establishing the foundation for digital transformation in healthcare