Skip to main content »

HITRUST Compliance – Health Information Trust Alliance

Cybersecurity, Remote Work, Abacus Private Cloud

What does HITRUST mean and how is HITRUST compliance determined?

HITRUST stands for the Health Information Trust Alliance, which is a trade organization of major insurance companies and providers across private and public healthcare sectors. This alliance adopted a voluntary common security framework designed to meet stringent state, federal and international data security standards—including NIST, ISO, HIPAA, PCI DSS, and—starting in January 2018—GDPR and New York State’s new data security rules for business and institutions serving the financial industry. Due to HITRUST’s heightened data security requirements, a number of business organizations outside the healthcare sector are beginning to adopt this standard to handle their data security needs.

To begin the process, organizations should pre-assess their existing safeguards and then select a licensed HITRUST assessor. Afterwards, organizations will need to purchase and complete an assessment, which the assessor will then audit and validate independently. Organizations that pass HITRUST’s subsequent graded score card are certified as HITRUST-compliant.

How does HITRUST data center and cloud hosting work?

Because virtual cloud hosting is flexible and customizable, our support team can work with you to ensure your Abacus Private Cloud hosting environment is tailored to meet your organization’s specific compliance needs.

How can I audit and maintain compliance with HITRUST?

The HITRUST Alliance requires organizations to undergo an interim review about one year after the initial assessment date, as well as re-assessments every two years—or sooner if a data breach occurred. Our experienced HITRUST support specialists can work with you to help ensure that your organization is meeting all of HITRUST’s stringent requirements.

What other compliance standards are similar to HITRUST?

HITRUST is unique in that it is an all-encompassing standard that takes into account the most highly-respected security standards across industries, but it borrows from standards such as NIST, ISO, HIPAA, PCI DSS, GDPR and more.

Are there Abacus clients that are HITRUST compliant today?

Absolutely! Contact our HITRUST hosting specialists today to see how Abacus Private Cloud can help your organization meet your HITRUST compliance needs.

Additional Resources

  1. CSF Assurance Program Requirements 
Share this article