HITRUST has recognized for some time that the current model used in the industry for third-party Assurance is fraught with inefficiencies and unnecessary costs by requiring duplicative questionnaires and assessments, which tend to distract organizations from monitoring controls and remediating identified deficiencies. Organizations can streamline the compliance process and reduce costs with a standardized approach to performing assessments and reporting security controls by utilizing the HITRUST CSF Assurance Program. The tools and methodologies organizations utilize to complete assessments as part of the HITRUST CSF Assurance Program are built around the HITRUST CSF and allow organizations to assess and report against multiple sets of requirements. The result allows assessing organizations to undergo one assessment and report to multiple entities, providing the industry with a consistent and effective standard. In fact, several large healthcare entities now require their business associates to provide a HITRUST CSF Validated or Certified Report.

For more information, refer to the HITRUST Third Party Assurance Program FAQ the HITRUST CSF Assurance Program FAQ.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment