Common Security Framework

The foundation of all HITRUST programs and services is the HITRUST Common Security Framework (CSF), a certifiable framework that provides organizations with the needed structure, detail and clarity relating to information security tailored to the healthcare industry.

CSF-related programs and offerings:

Understanding and leveraging the CSF

Available through HITRUST Central, the CSF harmonizes the requirements of existing standards and regulations, including federal, third party and government.

CSF Assurance

Utilizing a common set of information security requirements, the program delivers simplified compliance assessment and reporting for HIPAA, HITECH, state, and business associate requirements.

CSF Assessors

Assisting organizations in realizing the benefits from the CSF Assurance Program are CSF Assessors, those organizations uniquely qualified to deliver services under the program.

HITRUST Central

A Professional subscription provides access to the online, interactive CSF , the CSF Assurance Toolkit, and many other resources developed specifically for healthcare information security professionals.

CSF Assurance Program

Learn how the program simplifies compliance assessment and reporting through a common set of information security requirements.

News Events