The Certified CSF Practitioner Course include in-depth instruction on risk management practices, and how to implement the CSF and utilize the methodology to perform assessments and validate compliance. The curriculum is supported by case studies, hands-on learning and real-world application of the knowledge learned.

This course is delivered in two modules; at the participant’s convenience via a prerequisite online learning management system and by an instructor in a classroom setting in Frisco, Texas.

Online Topics

  • Overview of the healthcare industry, including key players and how they interconnect
  • Analysis and discussion of trends in the industry relating to privacy and security (e.g., challenges and constraints, top concerns and initiatives)
  • Overview of the regulatory landscape that affects healthcare organization (e.g., compliance agencies, standards, regulations)
  • Review of market dynamics and the challenges facing healthcare
  • Introduction to HITRUST and the CSF
  • Discussion of risk management and its relation to the CSF
  • Review of the CSF Assurance Program

Classroom Topics

  • Thorough review of the structure of the CSF, including the control objectives, multiple levels of implementation requirements, risk factors and authoritative sources cross referenced
  • Detailed explanation of MyCSF, including a review of each component and case studies with hands-on use of each component
  • Overview of the CSF Assurance Programs as a means of managing and communicating security internally and with third parties (e.g., business associates, customers, vendors)
  • Introduction to the tools and methodology for utilizing the CSF
  • Discussion of best practices for adoption and performing an assessment
  • Explanation of the differences between CSF Validated and CSF Certified and the value to an organization
  • A review of the requirements for CSF certification

Intended Audience

The course is required for individuals working as part of a HITRUST CSF Assessor organization who wish to provide HITRUST and CSF-related services.


Attendees must have completed the online training topics within the last six months prior to attending the onsite class. The onsite classroom portion of the course consists of 3 days at the HITRUST training center in Frisco, TX.


Attendees must pass the Practitioner Exam delivered on the final day of the course in order to become a Certified CSF Practitioner (CCSFP).

Continuing Professional Education Credit

Participants who complete the Certified CSF Practitioner Course and pass the Exam are eligible for 24 hours to be applied toward continuing professional education (CPE) credit. Attendees will be provided documentation upon request.


The cost for Certified CSF Practitioner Course is $3,000. The Practitioner Exam is included in the course price (Practitioner Exam retake fee is $500).

Payment and Change Policies

More detailed information regarding payment, cancellations, refunds, transfer and substitutions is available here.

Travel Information

To help you prepare for HITRUST Academy, additional travel information is available here.

Additional Information

Once you have registered on the HITRUST Academy Schedule page, you will receive login credentials and further instructions to access the online training portal. Content for the online course is delivered at the participant’s convenience via an online learning management system and takes approximately eight hours to complete.

For more information on this or other HITRUST Academy courses, please call 855.HITRUST or email