Practical application backed by industry expertise.

Take security efforts to the next quality level with the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF). As an Authorized External Assessor, Wipfli teams use the HITRUST CSF to asses client information security programs against regulatory mandates and industry standards (e.g., HIPAA, HITECH, CMS, PCI, COBIT, and NIST).

Wipfli experts can help develop a roadmap for the organization to pursue HITRUST certification. Wipfli's highly-experienced experts help set clients' scope and timing, identify and address gaps, and once ready, complet their validated assessments for HITRUST certification using a methodology proven to maximize results. 

Manage third-party risk using the HITRUST CSF. Using the HITRUST CSF, Wipfli can assess business partners to ensure they are meeting compliance requirements.

Learn more about Wipfli's Cybersecurity Services, Business Continuity, and SOC audits.

HITRUST Authorized External Assessor

Featured Thought Leader

Paul J. Johnson, CISSP, CCSFP, CPA

Paul Johnson works with clients to assess, improve, and test their information security and risk management systems. He also helps clients determine their compliance with health care security requirements including HIPAA and HITRUST.

Karen Johnston, CIA, CFE, CISA, CCSFP

Karen has more than 15 years of experience in public accounting and private industry. She applies her experience in risk advisory services and assists her clients in protecting and tailoring their business environment to mitigate risk, identify trends, increase efficiencies, and gain a competitive advantage.


Rick is a career information security professional with over 35 years of experience working in health and financial industries, state and federal government, and for the U.S. Air Force. Rick brings thought leadership, practical hands on experience, and in-depth knowledge of program management, industry standards, realistic best practices and regulatory compliance to his clients. Rick has a reputation of establishing very long term working relationships with his clients.

Interested in HITRUST certification?

Wipfli offers free initial consultations. Simply complete the form below and one of our professionals will contact you:

HITRUST Solutions - Learn More

Featured Insight

The Business Associates Path to HITRUST CSF Certification

An increasing number of healthcare organizations are now changing partner agreement language to require their vendors also to adopt the new HITRUST CSF Assurance Program and obtain certification. This whitepaper presents the key measures and corresponding activities business associates can expect to encounter along the path to HITRUST CSF certification.

Featured Insight

Attention Vendors: 5 Reasons to Start Your Path to HITRUST Certification Now

There are five big reasons now is the best time to start moving toward the new CSF program.