1-888-PIVOT-POINT | 1-888-748-6876
Questions about the Wcrypt (WannaCry) ransomware attack? Click here!


HITRUST Certification

HITRUST certification is focused on providing a prescriptive set of controls that are cross mapped and referenced to standards and regulations relevant to healthcare to simplify the process of becoming largely compliant with relevant laws and regulations and mitigating most risks that a typical hospital has to an acceptable level. An over-simplified view is that HITRUST is a set of predefined controls for an assumed set of risks and compliance requirements – with an IT-GRC like mapping. It’s a pre-customized CSF in a box. HITRUST has the advantage over ISO 27001 by being a bit “simpler” as the risks and risk treatments are largely defined.

HITRUST is a compliance framework, which incorporates ISO 27001, COBIT, NIST and a variety of other best practices frameworks as well as specific compliance requirements relevant to the health care industry. (e.g., HIPAA/CMS and NIST, PCI-DSS, and ARRA/HITECH).  HITRUST  is produced by an alliance of health care payers, providers and vendors, so the HITRUST compliance framework is designed for healthcare by healthcare.