HITRUST includes and embodies requirements from various authoritative sources such as ISO, NIST, PCI DSS, HIPAA and others, and tailors the requirements to healthcare organizations based on specific organizational, system and regulatory risk factors. The level of integration and prescription in the framework, along with the quality and rigor of HITRUST Assurance Program and supporting HITRUST products and services, makes HITRUST the easy choice for healthcare organizations.