About Richard Rieben (CISSP, CCSFP, GSNA)

Richard Rieben | Auditor at Linford & Co

Richard Rieben is a Partner and HITRUST practice lead at Linford & Co., where he leads audits and assessments covering various frameworks including HITRUST, SOC, CMMC, and NIST. With over 20 years of experience in IT and cybersecurity and various certifications including PMP, CISSP, CCSFP, GSNA, and CASP+, Richard is skilled in helping growing organizations achieve their information security and compliance goals. He holds a Bachelor of Science in Business Management and an MBA from Western Governors University.

Guide to the HITRUST certification process

The Definitive Guide to the HITRUST Certification Process

What is HITRUST Certified? Put simply, HITRUST Certified organizations demonstrate compliance with a prescriptive set of requirements at a prescribed level of maturity in a manner intended to provide a given level of assurance depending on the level of certification desired. Under the HITRUST CSF® Assurance Program Requirements “‘HITRUST CSF Certified’ refers to an organization […]


Understanding the HITRUST CSF: A Guide for Beginners

“What is HITRUST?” is typically the first question asked by organizations exploring HITRUST for the first time. Formerly, HITRUST stood for Health Information Trust Alliance but several years ago it rebranded to simply HITRUST to align with changes to the “framework,” making it industry agnostic. Is HITRUST a Framework? HITRUST is far more than a […]

HITRUST external assessors - how can they help?

The Role of the HITRUST Assessor: Your Trusted Partner

A request for proposal has just come out that is in your company’s wheelhouse but instead of only requiring HIPAA and SOC 2, the proposal suggests that those who are HITRUST compliant either receive more consideration or may be the only proposals considered at all. What happens now? Are you prepared? Do you know what […]

Comprehensive guide to HITRUST

What is HITRUST? A Comprehensive Guide

Our firm has been a HITRUST External Assessor Organization since 2017, and in that time we have successfully helped dozens of organizations obtain and maintain HITRUST certifications. We have identified common pitfalls and other barriers to success and we’ve also learned some keys to success. In this article, I’ll break down some of the most […]

How to score HITRUST CSF controls

How to Score HITRUST CSF Controls

In order to perform a HITRUST assessment, you must be able to score your organization’s control environment compliance with the HITRUST CSF Maturity Model. The maturity model is used for scoring both Self-Assessments and Validated Assessments (more info). Understanding how to use the HITRUST Maturity Model to accurately rate your controls’ compliance is critical as […]

Five AWS security tools for SOC 2 compliance

How to Simplify SOC 2 Compliance with AWS Security Tools

Amazon Web Services (AWS) is an ever-evolving cloud services platform that continues on its path to remaining the market leader in cloud infrastructure. If you use AWS services, you have an idea of what we’re talking about. However, are you sure you’re using all the AWS tools possible for SOC 2 compliance? Do you know […]

HITRUST Self Assessment Pitfalls

Avoiding HITRUST Self-Assessment Pitfalls

Healthcare is a complicated topic. When the term is raised, the altruists among us focus on helping their fellow man. But like any endeavor managed by people, there is a business aspect to it. The business of healthcare faces the same problems as other types of businesses. It must operate efficiently, securely, and offer something […]