As a Certified HITRUST Assessor, Linford & Company has the information security and healthcare expertise to help your organization to become HITRUST certified. Whether you are just adopting the HITRUST Common Security Framework (CSF) or are looking for an assessor to validate your HITRUST self-assessment, our professionals will guide you step-by-step through the HITRUST certification process to ensure to help your company achieve its object.
The HITRUST Alliance (HITRUST) was formed by a consortium of healthcare organizations 2007 to advocate programs that safeguard protected health information (PHI) and manage information risk for healthcare providers and their third-party service organizations. HITRUST developed a certifiable framework (HITRUST CSF) to help those entities who transmit and store PHI or ePHI address their information security risk. HITRUST CSF is based on regulatory and industry standards (e.g., HIPAA, ISO 27001, NIST, PCI DSS, COBIT, etc.) and is the most widely-adopted security framework in the U.S. healthcare industry. HITRUST compliance provides assurance to clients that their information is safe and secure with your organization.
HITRUST Audit & Assessment Services
All of our HITRUST audit services are provided in accordance with the HITRUST CSF Assurance Program. Linford & Company provides following HITRUST audit services to our clients.
- Readiness Assessment – As every organization is unique, each has unique set of controls from the HITRUST CSF that is applicable to them. Our readiness assessment includes a scoping exercise where our team of professionals help you identify the control framework within the HITRUST CSF that are applicable to your organization. We then work with your team to identify and map your organizational controls to framework to identify “gaps” between the two. We provide recommendations for each finding that management may follow to remediate and prepare for a self-assessment and validated assessment needed for certification.
- Validated Assessment – As a Certified HITRUST Assessor, Linford & Company can perform validated assessments that are required by HITRUST to issue validated report and certification to an organization. Our services begin much before the validation assessment as we walk our clients through each of the steps of the HITRUST certification process. This includes providing guidance on setting up and using the MyCSF tool, reviewing the inputs used to generate the unique HITRUST CSF for your organization, and providing additional direction as needed during your self-assessment to facilitate the process. Our involvement during these steps of the process result in an efficient validation assessment where we perform audit procedures to confirm the results of the self-assessment and submit to HITRUST.
Linford & Company performs each audit engagement using a proven phased approach to deliver the utmost value to each organization. Throughout all phases of the HITRUST assessments, we will capture and share knowledge and best practices for use throughout the organization. For more information, please contact us.