About Richard Rieben (CISSP, PMP, CCSFP)

Richard Rieben | Auditor at Linford & Co

Richard is a leader in the HITRUST practice with Linford & Company and performs a variety of other assessments including SOC, HIPAA and NIST. He has guided more than 100 clients on their compliance journeys and holds a variety of certifications including the PMP, CISSP, GSNA and CCSFP as well as the CASP+, CySA+, Security+ and others from CompTIA, which he supports actively as a member of the Subject Matter Expert Governance Committee. He also holds an MBA from Western Governors University.


Understanding the HITRUST CSF: A Guide for Beginners

“What is HITRUST?” is typically the first question asked by organizations exploring HITRUST for the first time. Formerly, HITRUST stood for Health Information Trust Alliance but several years ago it rebranded to simply HITRUST to align with changes to the “framework,” making it industry agnostic. Is HITRUST a Framework? HITRUST is far more than a […]

How to score HITRUST CSF controls

How to Score HITRUST CSF Controls?

In order to perform a HITRUST assessment, you must be able to score your organization’s control environment compliance with the HITRUST CSF Maturity Model. The maturity model is used for scoring both Self-Assessments and Validated Assessments (more info). Understanding how to use the HITRUST Maturity Model to accurately rate your controls’ compliance is critical as […]

Comprehensive guide to HITRUST

What is HITRUST? A Comprehensive Guide

Our firm has been a HITRUST External Assessor Organization since 2017, and in that time we have successfully helped dozens of organizations obtain and maintain HITRUST certifications. We have identified common pitfalls and other barriers to success and we’ve also learned some keys to success. In this article, I’ll break down some of the most […]

The definitive guide to the HITRUST certification process

The Definitive Guide to the HITRUST Certification Process

Preface: In October and December of 2021, the HITRUST Alliance released a series of press releases addressing upcoming changes which include the rollout of new assessment types. This article is updated and based on the latest information available as of January 2022 and will be revised as necessary to provide enhanced clarity. What is HITRUST […]

Five AWS security tools for SOC 2 compliance

How to Simplify SOC 2 Compliance with AWS Security Tools

Amazon Web Services (AWS) is an ever-evolving cloud services platform that continues on its path to remaining the market leader in cloud infrastructure. If you use AWS services, you have an idea of what we’re talking about. However, are you sure you’re using all the AWS tools possible for SOC 2 compliance? Do you know […]

HITRUST Self Assessment Pitfalls

Avoiding HITRUST Self-Assessment Pitfalls

Healthcare is a complicated topic. When the term is raised, the altruists among us focus on helping their fellow man. But like any endeavor managed by people, there is a business aspect to it. The business of healthcare faces the same problems as other types of businesses. It must operate efficiently, securely, and offer something […]