HITRUST

The Do’s and Don’ts of Getting Started with HITRUST

HITRUST

A-LIGN created a list of the do’s and don’ts to better prepare you for the HITRUST assessment. 

Read More

HITRUST vs. HIPAA: Which Is Right for My Organization?

HITRUST vs. HIPAA: Which Is Right for My Organization?

Looking at the HITRUST CSF vs. HIPAA isn’t an accurate comparison. Here’s how the security framework and the law are different, plus the ways in which they interact.  

Read More

4 Miscellaneous HITRUST Regulatory Factors to Consider

4 Miscellaneous HITRUST Regulatory Factors to Consider

Over the last few blogs, we have provided a comprehensive overview of the HITRUST landscape, from the authoritative sources at its core, to the optional regulations, or regulatory factors, that are commonly added on to a HITRUST assessment for industry-specific purposes.  

Read More

5 HITRUST Regulatory Factors to Consider for International and State-level Privacy Compliance

WS HITRUST Blog Series

There are more than 20 optional regulatory factors that an organization can consider as part of a HITRUST assessment. These are individual options, based on specific industry requirements, and can be quite tricky to parse.  

Read More

7 HITRUST Factors to Consider for Federal Compliance

WS_HITRUST-Blog-Series

Our discussion of HITRUST regulatory factors continues with a focus on federal compliance and their influence on HITRUST. Here are 7 HITRUST regulatory factors to consider for federal compliance, and our recommendations on how to address them. 

Read More

7 HITRUST Regulatory Factors to Consider for Healthcare

7 HITRUST Regulatory Factors to Consider for Healthcare

This article is Part One of a Four-part Series on the HITRUST Framework When you think of HITRUST, you probably think of healthcare. After all, HITRUST was originally created as the “Health Information Trust Alliance.”

Read More

Mind the Gap: How to Change Auditors without Impacting Compliance

Mind the Gap: How to Change Auditors without Impacting Compliance

Increasingly, organizations are realizing that a strategic compliance program increases operational efficiencies by replacing ad hoc and transactional audits with a more thoughtful approach. And as organizations get more serious about strategic compliance, they realize consolidation is a key component.

Read More

The New Normal:
Fully-Enabled Remote Audits

The New Normal: Fully-enabled Remote Audits

The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote audits so that organizations can continue to demonstrate trust.

Read More

HITRUST Assurance Advisory Adds Strategic Scoping Factors

HITRUST Assurance Advisory Strategic Scoping

Even though compliance is an on-going process, each individual assessment has its own lifecycle, which begins with a self-assessment of scoping factors. This can be a tedious process to complete for every audit, especially if the same questions get asked more than once, or continue to show up in assessment requirements.

Read More

HITRUST Bridge Assessment Offers Relief From Pandemic Pressures

HITRUST Bridge Assessment

HITRUST is granting organizations the ability to gain a 90-day grace period to demonstrate continuous compliance with its new Bridge Assessment.

Read More