What is the advantage of getting HITRUST CSF certified?
An organization that creates, accesses, stores or exchanges Protected Health Information (“PHI”) can use its HITRUST CSF Certification to demonstrate that they meet the high standards of security prescribed within the HITRUST CSF. Many companies now accept a HITRUST Certification as evidence of compliance, thus relieving them of the obligation to audit their vendors. Companies such as Highmark, Humana, United Health Group, HCSC and Anthem now require their vendors to undergo a HITRUST CSF assessment. The HITRUST CSF incorporates all major information security-related requirements and best practices, and provides scalable cyber security measures based on different risks and exposures.