The HITRUST Common Security Framework (HITRUST CSF) is a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. The HITRUST Alliance is a not-for-profit organization, founded in 2007, born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST also leads many efforts in awareness, education, and advocacy related to information protection. In addition, HITRUST’s framework has since been developed to be non-industry specific.
The HITRUST CSF consists of 14 Control Categories (see below), 19 Domains, 49 Control Objectives, 156 Control References, and 3 Implementation Levels. The HITRUST CSF was built on the primary principles of ISO 27001/27002 and has evolved to align with a wide range of regulations, standards, and business requirements. These include HIPAA, PCI-DSS, NIST 800-53, NIST Cybersecurity Framework, COBIT, GDPR, and more.
SOC 2 + Examinations | HIPAA | IT TPRM |
Receive all the latest insights and industry tips.
Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and business advisory services to public and private companies, not-for-profit organizations and global companies. We also offer Internal Audit; Technology Consulting; Software Solutions; Personal Financial Services; Retirement Plan Solutions and Corporate Finance Services. Schneider Downs is the 13th largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH, and McLean, VA.
© 2024 Schneider Downs & Co., Inc. Maryland license number 35239.
Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.
"*" indicates required fields