In the ever changing world of information security, compliance with regulatory and contractual obligations has become an onerous and monotonous task. Whether you are looking to obtain an industry recognized security certification or you are looking to establish alignment and governance over your information security program, the HITRUST CSF may be an option worth considering.
Born out of the regulatory imperative to secure Protected Health Information (PHI), the HITRUST CSF offers a certifiable framework covering many different security and privacy related imperatives. We observe in the marketplace many organizations adopting and or leveraging the CSF to govern their information security programs regardless of whether their primary business involves PHI.
At PwC we have taken an innovative approach to working with the HITRUST Alliance and the HITRUST CSF. We combine the diverse skillsets of our people to bring technical security experts, controls and process professionals, and governance experts into one team to enable a truly sustainable security governance model.
HITRUST certification is an industry recognized credential that helps to differentiate you in the marketplace.
Regardless of whether your organization’s goal is to achieve HITRUST certification or use the CSF as a governance framework, PwC’s security , controls and governance professionals will help you evaluate the best solution for your organization. PwC can assist you with the adoption of the HITRUST CSF as the foundation of your security and privacy compliance program.
As a Certified HITRUST assessor, PwC is authorized by the HITRUST Alliance to perform readiness, remediation, and certification assessment work using the HITRUST CSF. Additionally, we are on the AICPA task force aligned with the responsibility of mapping the HITRUST CSF into the SOC 2 framework to enable SOC 2+HITRUST reporting.