Resources > Thought Leadership
The Trusted Authority for Unmatched Confidence
Since our founding in 2007, we have led the charge in building trust in our industry, communities, and the world through education, harmonization, and implementation of information security best practices that protect us all.
Resources
Feb 1, 2019
Sep 8, 2021
HITRUST TPRM Program Datasheet HITRUST TPRM Program Datasheet
Assessments,
Third-Party Risk Management
Feb 1, 2019
r2 Assessment Datasheet r2 Assessment Datasheet
Certifications,
Data Privacy ,
HITRUST Framework (CSF)
Apr 20, 2020
Providing Reliable Assurances Providing Reliable Assurances
Certifications,
Maturity Scoring
Aug 14, 2023
Jan 2, 2023
Dec 6, 2024
HITRUST Glossary of Terms and Acronyms v11.4 HITRUST Glossary of Terms and Acronyms v11.4
Risk Management,
HIPAA
Feb 1, 2019
Elements of Assurance: Maximizing the Value of Framework Adoption - HITRUST Whitepaper Elements of Assurance: Maximizing the Value of Framework Adoption - HITRUST Whitepaper
HITRUST Framework (CSF),
Information Technology
Feb 1, 2019
Guide to Tailoring a HITRUST Security Assessment for TEFCA QHIN Applicants Guide to Tailoring a HITRUST Security Assessment for TEFCA QHIN Applicants
Assessments,
HITRUST Framework (CSF)
Jan 18, 2024
Feb 1, 2019
HITRUST CSF and CSF Assurance HITRUST CSF and CSF Assurance
Risk Management,
Healthcare
Feb 1, 2019
CSF v11.0.0 Summary of Changes CSF v11.0.0 Summary of Changes
Risk Management,
Assessments
Feb 1, 2019
Feb 1, 2019
HITRUST CSF v11.2.0 Authoritative Sources Cross Reference HITRUST CSF v11.2.0 Authoritative Sources Cross Reference
Information Technology,
IT Compliance
Feb 1, 2019
Feb 1, 2019
HITRUST Internal Assessor Application Form HITRUST Internal Assessor Application Form
Assessors,
Compliance,
IT Compliance
Feb 1, 2019
Evaluating Control Maturity Using the HITRUST Approach Evaluating Control Maturity Using the HITRUST Approach
Assessments,
MyCSF,
Maturity Scoring
Feb 1, 2019
HITRUST Approach to HIPAA Compliance HITRUST Approach to HIPAA Compliance
HIPAA,
Compliance
Feb 1, 2019
HITRUST Essentials e1 Assessment HITRUST Essentials e1 Assessment
Assessments,
Cybersecurity
Feb 1, 2019
HITRUST Implemented 1-Year i1 Assessments HITRUST Implemented 1-Year i1 Assessments
Certifications,
Cybersecurity,
Information Technology
Jan 18, 2024
HITRUST and HIPAA Safe Harbor HITRUST and HIPAA Safe Harbor
HIPAA,
Results Distribution System,
Professional Education
Feb 1, 2019
v9.6 to v11.0 - i1 Assessment Crosswalk v9.6 to v11.0 - i1 Assessment Crosswalk
Assessments,
HITRUST Framework (CSF)
Feb 1, 2019
Venture Capital Participation Pledge Venture Capital Participation Pledge
Compliance,
Information Technology,
IT Compliance
Feb 1, 2019
How Do You Know if a CSF Assurance Report is Rely-able How Do You Know if a CSF Assurance Report is Rely-able
Cybersecurity,
NIST,
ISO,
GDPR
Feb 1, 2019
The ISSA Journal - September 2017 The ISSA Journal - September 2017
Cybersecurity,
Healthcare
Feb 1, 2019
Launching Authorized IA Function Launching Authorized IA Function
Certifications,
HITRUST Framework (CSF),
Information Technology
Feb 1, 2019
CSF Assurance Letter from Relying Party to Business Associate CSF Assurance Letter from Relying Party to Business Associate
HIPAA,
MyCSF,
HITRUST Assurance Program
Feb 1, 2019
Improving Risk Management Assurance Improving Risk Management Assurance
Risk Management,
Cybersecurity,
Data Privacy
Feb 1, 2019
HITRUST CSF Assessor Quality Checklist HITRUST CSF Assessor Quality Checklist
TEFCA,
Certifications,
ISO
Feb 1, 2019
Feb 1, 2019
FY24 - Leveraging AI in HITRUST CSF FY24 - Leveraging AI in HITRUST CSF
Assessments,
AI,
MyCSF
Feb 1, 2019
Solving the Third-Party Risk Management Problem Solving the Third-Party Risk Management Problem
Risk Management,
Assessments,
Third-Party Risk Management
Feb 1, 2019
HITRUST Shared Responsibility Matrix - V1.4.2 - Google 2022 v9.4 HITRUST Shared Responsibility Matrix - V1.4.2 - Google 2022 v9.4
Shared Responsibility and Inheritance,
Data Security,
HITRUST Assurance Program,
Inheritance
Feb 1, 2019
HITRUST Shared Responsibility Matrix Baseline Template - V1.4.2 HITRUST Shared Responsibility Matrix Baseline Template - V1.4.2
HITRUST Collaborate,
Shared Responsibility and Inheritance,
Data Security,
Inheritance
Feb 1, 2019
HITRUST r2 Assurance Letter - Vendor to Relying Parties HITRUST r2 Assurance Letter - Vendor to Relying Parties
Assessors,
HITRUST Framework (CSF),
Healthcare
Feb 1, 2019
Welcome to HITRUST - 2024 Authoritative Sources Welcome to HITRUST - 2024 Authoritative Sources
HIPAA,
Cybersecurity
Feb 1, 2019
Texas House Bill 300 - Compliance through HITRUST v1.2.1 Texas House Bill 300 - Compliance through HITRUST v1.2.1
Compliance,
Professional Education
Feb 1, 2019
HITRUST Risk-Based 2-Year r2 Validated Assessments HITRUST Risk-Based 2-Year r2 Validated Assessments
Assessments,
MyCSF,
HITRUST Framework (CSF)
Feb 1, 2019
Executive Summary - Risk Management Handbook Executive Summary - Risk Management Handbook
Risk Management,
HITRUST Assurance Program
Feb 1, 2019
Scope Definition Guidance Scope Definition Guidance
Assessments,
Professional Education
Feb 1, 2019
HITRUST i1 Assurance Letter - Vendor to Relying Parties HITRUST i1 Assurance Letter - Vendor to Relying Parties
Assessors,
HITRUST Assurance Program,
Inheritance
Feb 1, 2019
The HITRUST Industry Standards Organization The HITRUST Industry Standards Organization
NIST,
Professional Education
Feb 1, 2019
Leveraging CSF v9 Assessment Reports Leveraging CSF v9 Assessment Reports
Assessments,
Assessors,
HITRUST Assurance Program
Feb 1, 2019
Feb 1, 2019
Feb 18, 2022
HITRUST Authorized Internal Assessor Program Benefit Overview HITRUST Authorized Internal Assessor Program Benefit Overview
Assessors,
Professional Education
Feb 1, 2019
Why HITRUST Certifications are Broadly Accepted and Considered the Gold Standard Why HITRUST Certifications are Broadly Accepted and Considered the Gold Standard
Risk Management,
HITRUST Framework (CSF),
HITRUST Academy
Feb 1, 2019
CSF v11.0.0 Introduction CSF v11.0.0 Introduction
HITRUST Assurance Program,
Information Technology
Feb 1, 2019
Enabling a Robust Cybersecurity Posture Through HITRUST Certification Enabling a Robust Cybersecurity Posture Through HITRUST Certification
Cybersecurity,
HITRUST Framework (CSF),
SOC 2,
Privacy Management
Feb 1, 2019
HITRUST Control Maturity Scoring Rubric Update FAQs HITRUST Control Maturity Scoring Rubric Update FAQs
Data Privacy ,
Maturity Scoring
Feb 1, 2019
Responsibilities of Engagement Executives Quality Assurance Reviewers and Engagement Leads Responsibilities of Engagement Executives Quality Assurance Reviewers and Engagement Leads
AI,
HITRUST Assurance Program,
Compliance
Feb 1, 2019
HITRUST Academy Overview HITRUST Academy Overview
Assessments,
Data Security,
Threat Management,
HITRUST Academy
Mar 24, 2021
Feb 1, 2019
HITRUST Approach to Accepting Sampling in the i1 Rapid Recertification Program HITRUST Approach to Accepting Sampling in the i1 Rapid Recertification Program
Risk Management,
Assessments,
Certifications,
PHIPA
Feb 1, 2019
Introduction to the HITRUST Threat Catalog Introduction to the HITRUST Threat Catalog
Risk Management,
Threat Management,
Cybersecurity
Feb 1, 2019
Retirement of Legacy Assessment Workflow FAQs Retirement of Legacy Assessment Workflow FAQs
Assessments,
MyCSF
Feb 1, 2019
Feb 1, 2019
HITRUST CSF Assurance Program Documentation Requirement HITRUST CSF Assurance Program Documentation Requirement
Assessments,
Assessors
Feb 1, 2019
HITRUST C-Level Overview 2023 HITRUST C-Level Overview 2023
Risk Management,
Professional Education
Feb 1, 2019
CSF Comparison Between v11.1.0 to v11.2.0 CSF Comparison Between v11.1.0 to v11.2.0
MyCSF,
Privacy Management
Feb 1, 2019
HITRUST Authorized Internal Assessor Program Application HITRUST Authorized Internal Assessor Program Application
Assessors,
IT Compliance
Feb 1, 2019
HITRUST RFI on Cybersecurity Regulatory Harmonization HITRUST RFI on Cybersecurity Regulatory Harmonization
Cybersecurity,
HITRUST Framework (CSF),
HITRUST Assurance Program
Sep 14, 2022
The Assurance Intelligence Engine The Assurance Intelligence Engine
NIST,
HITRUST Assurance Program
Feb 1, 2019
HITRUST External Assessor Requirements HITRUST External Assessor Requirements
Assessors,
Professional Education
Feb 1, 2019
TPRM Methodologies Programs Services TPRM Methodologies Programs Services
MyCSF,
Third-Party Risk Management
Jul 1, 2023
Jan 17, 2024
FY24 Q1 HITRUST Approach to Cyber Resilience NIST 2.0 FY24 Q1 HITRUST Approach to Cyber Resilience NIST 2.0
NIST
May 1, 2024
May 1, 2024
HITRUST Assurance Letter from Relying Party to Vendor HITRUST Assurance Letter from Relying Party to Vendor
Assessments,
HIPAA
Jul 1, 2022
HITRUST Third-Party Risk Management (TPRM) Methodology: The Qualification Process HITRUST Third-Party Risk Management (TPRM) Methodology: The Qualification Process
Third-Party Risk Management
Oct 17, 2022
HITRUST TRPM Implementation: Handbook HITRUST TRPM Implementation: Handbook
Risk Management,
Assessments,
Third-Party Risk Management
Sep 27, 2022
Jun 7, 2022
HITRUST Bridge Assessment HITRUST Bridge Assessment
Leadership,
Certifications,
Inheritance
Sep 12, 2023
HITRUST CSF Control Maturity Scoring Rubrics HITRUST CSF Control Maturity Scoring Rubrics
Assessments,
Maturity Scoring
Oct 9, 2023
HITRUST Glossary of Terms and Acronyms HITRUST Glossary of Terms and Acronyms
Risk Management,
HIPAA
Jun 16, 2022
HITRUST Approach to a Quasi Quantitative Residual Risk Analysis (QQRRA) HITRUST Approach to a Quasi Quantitative Residual Risk Analysis (QQRRA)
Risk Management,
Data Security
Jan 2, 2023
HITRUST Summary of RFI - Opportunities and Obstacles to Harmonizing Cybersecurity Regulations HITRUST Summary of RFI - Opportunities and Obstacles to Harmonizing Cybersecurity Regulations
Cybersecurity,
Healthcare
Jan 3, 2021
Jan 1, 2021
Apr 30, 2024
CSF Assurance Letter from Business to Relying Parties CSF Assurance Letter from Business to Relying Parties
HIPAA,
HITRUST Assurance Program
Apr 30, 2023
Apr 11, 2018
RiskVsComplianceWhitepaper.pdf RiskVsComplianceWhitepaper.pdf
Risk Management,
Compliance
Jan 18, 2024
HITRUST-Barr-Advisory-Whitepaper.pdf HITRUST-Barr-Advisory-Whitepaper.pdf
Assessments,
Certifications
Mar 8, 2021
Mar 1, 2021
No results found
X
Legal and Regulatory
We work closely with the public and private sectors as well as government agencies to provide an integrated approach to cybersecurity that can address multiple best practice frameworks, standards, and legislative and regulatory requirements.
Read our response to the White House Office of the National Cyber Director (ONCD) RFI on cyber regulatory harmonization.