How to obtain—and maintain—your HITRUST certification

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.

Overview

Organizations seeking to align their controls to the HITRUST framework can spend significant amounts of time and resources making it happen. And no wonder, when the potential benefits of HITRUST alignment and certification can be significant. Obtaining an independent, third-party assessment over the maturity of information security controls to safeguard protected health information (PHI) builds customer trust. 

Once a vendor’s initial efforts toward certification are complete, however, it’s not uncommon for them to become complacent, neglecting to implement ongoing measures to continuously monitor their compliance status.

Download Best practices for obtaining – and maintaining – HITRUST certification

Organizations’ governance must undertake a dynamic reassessment to mitigate risk and monitor controls

HITRUST certification is not a one-shot deal. Companies must continually track updates to the HITRUST framework to keep risk and compliance issues in check and avoid incurring high costs. This publication serves as a guide to the best practices for pre- and post-certification monitoring: 

  • Work with the right assessor
  • Centralize the ownership of HITRUST 
  • Regularly refresh scope 
  • Monitor certification requirements on an interim basis 
  • Implement a process for control effectiveness maintenance

Related content

Aligning with the HITRUST CSF framework: PwC

Aligning with the HITRUST framework: Here's what you need to know before certification

Obtaining and retaining a HITRUST CSF certification requires monitoring and compliance. By implementing review processes before undertaking the HITRUST...

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.
HITRUST v9.0 common security framework upgrade: PwC

HITRUST has released version 9.0 of the common security framework

The HITRUST Alliance released version 9.0 of the Common Security Framework (CSF), which updates the requirements for alignment and certification.

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.

Contact us

Todd Bialick

Todd Bialick

Digital Assurance and Transparency Leader, PwC US

Linkedin Follow Twitter Follow Email
Follow us
Audit and assurance Consulting Tax services Newsroom Alumni US offices Contact us

© 2017 - Mon Mar 08 15:30:38 UTC 2021 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.