You’ve got Questions.
We’ve got Assessors.
With the guidance of an Authorized HITRUST® External Assessor, your organization’s HITRUST certification journey can be made transparent, consistent, and objective. They are invaluable, trained, and vetted resources that organizations of any size can depend on to assess performance and compliance with security control requirements and — when needed — help develop corrective action plans.
Find an External Assessor or Readiness Licensee That’s Right for You
External Assessors are organizations approved by HITRUST to perform assessment services using the HITRUST Framework (HITRUST CSF®) and methodology.
Readiness Licensees are organizations that do not wish to fully join the HITRUST External Assessor program but can license the HITRUST Framework (HITRUST CSF) to conduct readiness assessments and provide consulting on the HITRUST Framework (HITRUST CSF) and our methodologies.
Please note: HITRUST e1, i1, and r2 Validated Assessments are required to earn HITRUST certification and can only be performed by an Authorized HITRUST External Assessor.
Select up to five External Assessors you're interested in, click the red button to 'Find An External Assessor', and complete the form. Then, we'll contact you regarding next steps.
Each HITRUST® External Assessor Organization (“EA Organization”) has completed a vetting process that requires each EA Organization to demonstrate the capability of performing a HITRUST assessment.
The HITRUST vetting process includes reviewing policies and procedures and the background of the individuals performing the assessments. HITRUST strives to ensure that the list of EA Organizations stays current, and that all EA Organizations continue to meet HITRUST standards year over year.
HITRUST cannot guarantee that any EA Organization will be successful in their role as an EA Organization on any specific engagement. It is the responsibility of the Assessed Entity to perform its own due diligence prior to engaging the EA Organization to perform a HITRUST Assessment. HITRUST does not recommend specific EA Organizations for engagements. See the HITRUST Assessment Handbook for more information.