The Health Information Trust Alliance, now rebranded as HITRUST, is an organization governed by representatives from across the healthcare industry. HITRUST was founded in 2007 and created the Common Security Framework (CSF), a framework for verifying the security of sensitive or regulated healthcare data.
HITRUST CSF combines existing frameworks, including the ISO/IEC 27000-series, and HIPAA to create a single, comprehensive set of security and privacy standards.
For entities covered by HIPAA regulation, HITRUST CSF offers a certifiable framework that demonstrates compliance with security standards.
The services listed below have a HITRUST Certificate available, representing a period of time during which controls were assessed. IBM Service Descriptions (SDs) indicate if a given offering maintains a HITRUST letter of certification. Services below renew and issue a letter of certification every two years.