HITRUST Certification & Compliance, HITRUST CSF Certification | Requirements
  • Services
    • Links
      • SOC ASSESSMENTS
        • SOC 1
        • SOC 2
      • ISO CERTIFICATIONS
        • ISO 27001
        • ISO 27701
        • ISO 22301
      • HEALTHCARE ASSESSMENTS
        • HITRUST
        • HIPAA
      • Federal Assessments
        • All Government
        • FedRAMP
        • StateRAMP
        • FISMA
        • CMMC
        • NIST 800-171
      • PCI Assessments
        • PCI DSS
        • PCI SSF
      • Cybersecurity
        • Penetration Testing
        • Ransomware Preparedness Assessment
        • Social Engineering
        • Vulnerability Assessment Service
      • Privacy
        • Data Protection Analysis
        • GDPR
      • Additional Services
        • Microsoft SSPA
        • CSA STAR
        • Business Continuity & Disaster Recovery
        • Limited Access Death Master File
    • FEATURED RESOURCES
      • SOC 2 Readiness Checklist

        SOC 2

        SOC 2 Compliance 2022 – The Complete Guide

        SOC 2

        A-SCEND: Compliance Management Platform

        A-SCEND

        The Ultimate Cybersecurity Guide

        Cybersecurity
  • Solutions
    • A-SCENDCompliance Automation Software
    • Integrations
    • SOC 2 Readiness Assessment
    • ISO 27001 Readiness Assessment
    • HIPAA Readiness Assessment
  • About Us
    • Our Company
    • Meet Our Team
    • Board of Directors
    • Partners
    • Careers
  • Resources
  • A-SCEND Login
  • Careers
CONTACT US

HITRUST

Demonstrate your commitment to compliance and provide confidence to your customers with HITRUST certification. 

A-LIGN knows HITRUST certification better than anyone. As one of the top HITRUST assessors in the world, we’ve helped more than one hundred clients successfully achieve HITRUST certification.  

 We can help you during any part of your HITRUST journey.  

Get Started
fedramp certified
About Services Why A-LIGN Resources

Proper Planning = HITRUST Success

The HITRUST CSF is a comprehensive, flexible, and certifiable security framework used by organizations across multiple industries to efficiently approach regulatory compliance and risk management.

By pulling from major pre-existing frameworks and working with organizations to better understand their needs, HITRUST provides a complete, certifiable security and privacy standard. This standard gives customers confidence that their data and confidential information is secure.

The Benefits of HITRUST Certification:

  • Satisfies regulatory requirements mandated by third-party organizations and laws 
  • Accelerates your revenue and market growth by differentiating your business from the competition
  • Saves time and money by leveraging a solid and scalable framework that includes multiple regulatory standards 

HITRUST Services

Readiness Assessment
Implemented 1-Year (i1) Assessment
Risk-Based 2-Year (r2) Assessment
Interim Assessment Testing
HITRUST Risk & Advisory Services

Readiness Assessment

We examine your organization’s environment and flow of data between systems that are in-scope, identify gaps for control, and provide recommendations for remediation.

Implemented 1-Year (i1) Assessment

The i1 Assessment is suitable for moderate assurance and results in a 1-year certification if requirements are met. There are 219 static controls in an i1 Assessment and only the Implemented maturity is tested. Once your assessment has been submitted to myCSF, we will review, validate and submit the assessment to HITRUST for approval.

 

Risk-Based 2-Year (r2) Assessment

This validated assessment focuses on a comprehensive risk-based specification of controls with a very rigorous approach to evaluation, suitable for high assurance requirements. A minimum of three of five maturities must be addressed during the r2 Assessment, Policy, Process, and Implemented. This certification is issued for two years with an Interim Assessment required during the one-year anniversary of the certification. Similar to the i1 Assessment, we will review and validate your assessment scores and will submit your final assessment to HITRUST for approval.

Interim Assessment Testing

If an r2 assessment was completed we will test a subset of requirements including 19 controls from the prior r2 assessment and determine the progress of any Corrective Action Plans. This ensures the ongoing effectiveness of those controls to identify and document any scope changes that may impact your HITRUST certification.

HITRUST Risk & Advisory Services

The A-LIGN Advisory Team will review your company’s policy and procedure documents and evaluate them against the HITRUST CSF standard. We will share any gaps identified and will remediate those gaps by updating and documenting the policies and procedures accordingly to meet the HITRUST CSF specifications. If your company needs policies and procedures created, we can design and document those appropriately after performing interviews to understand the control environment. We can also assist in documenting non-technical controls such as Risk Assessment, Incident Response, Disaster Recovery, and more.

Why A-LIGN

500+ HITRUST Assessments
100% Successful
Certification Rate
300+ HITRUST Clients
Certified

The A-LIGN team has been awesome. I have recommended A-LIGN more times than I can count.”

James Groff

Head of IT Security at Nuxeo
RESOURCES
Article

The Dos and Don’ts of Getting Started with HITRUST

Blaise Wabo | 8 min
HITRUST
Article

4 Reasons Your Organization Should Consider HITRUST i1 Certification

Blaise Wabo | 4 min
HITRUST
Business People At Work
Article

What is HITRUST? Complete Guide to HITRUST Certification

Blaise Wabo | 9 mins
HITRUST
FEATURED CASE STUDY

Sandata Achieves CMS Certification with HITRUST

In certain cases, HITRUST can be used to maximize efficiency and replace one or more other compliance requirements. Learn how Sandata’s healthcare client used HITRUST instead of completing a range of varying assessments to meet their rigorous compliance requirements being demanded by government and private healthcare institutions for CMS certification.

VIEW CASE STUDY
A-LIGN works with client to complete audit

Related Services

HIPAA

SOC 2

ISO 27001

Get started with A-LIGN

Are you ready to start your compliance journey? A-LIGN is ready to assist with any of your compliance, cybersecurity, and privacy needs.

  • Services
  • Software
  • About Us
  • Partners
  • Careers
  • A-SCEND Login
  • Privacy Policy
  • Cookie Policy
  • Impartiality and Inquiries
  • Terms of Use
CONTACT US

Price and Associates CPAs, LLC dba A-LIGN ASSURANCE is a licensed certified public accounting firm registered with the Public Company Accounting Oversight Board (PCAOB). A-LIGN Compliance and Security, Inc. dba A-LIGN is a leading cybersecurity and compliance professional services firm.

A-LIGN 2023. All rights reserved.

  • Services
    • SOC ASSESSMENTS
      • SOC 1
      • SOC 2
    • ISO CERTIFICATIONS
      • ISO 27001
      • ISO 27701
      • ISO 22301
    • HEALTHCARE ASSESSMENTS
      • HITRUST
      • HIPAA
    • Federal Assessments
      • FedRAMP
      • StateRAMP
      • FISMA
      • CMMC
      • NIST 800-171
    • PCI DSS
    • Cybersecurity
      • Penetration Testing
      • Ransomware Preparedness Assessment
      • Social Engineering
      • Vulnerability Assessment Service
    • Privacy
      • Data Protection Analysis
      • GDPR
    • Additional Services
      • Microsoft SSPA
      • CSA STAR
      • Business Continuity and Disaster Recovery Plan Services
  • Solutions
    • A-SCENDAudit Automation and Compliance Software
    • Integrations
    • SOC 2 Readiness Assessment
    • ISO 27001 Readiness Assessment
    • HIPAA Readiness Assessment
  • About Us
    • Our Company
    • Meet Our Team
    • Board of Directors
    • Partners
    • Careers
  • Resources
  • A-SCEND Login
  • Careers
CONTACT US