CRI’s 4-Step Process
Top 3 Reasons to Consider a HITRUST CSF Assessor
HITRUST now offers more! Healthcare providers are able to verify that their organization has met all of the industry-defined certification requirements of the HITRUST CSF. With HITRUSTĀ CSF, organizations are able to demonstrate ācomplianceā with NISTāa fact that was recognized recently in a 2018 Government Accountability Office (GAO)Ā Report to Congressional Committees on Critical Infrastructure Protection.Ā Not only does NIST support the development of third-party certification programs but HITRUSTĀ now has a program certifying an organizationās implementation of the Framework.Ā Integrating the New York State Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500) into the HITRUST CSF enables the financial industry to leverage the framework to achieve better cybersecurity resilience and protection. The Requirements for Financial Services Companies affect not only financial institutions but also healthcare organizations such as health insurers and their business associates. Incorporation of the EU General Data Protection Regulation (GDPR) is part of HITRUSTās initiative towards internationalization of the CSF and increased support for global organizational privacy programs. The updated framework allows organizations to easily manage and report on the controls intended to address GDPR requirements.