IBM Cloud® compliance: HITRUST
Illustration showing a person interacting with a computer interface, behind which are various documents and a miniature skyscraper
What is HITRUST?

The Health Information Trust Alliance, now rebranded as HITRUST, is an organization governed by representatives from across the healthcare industry. HITRUST was founded in 2007 and created the Common Security Framework (CSF), a framework for verifying the security of sensitive or regulated healthcare data.

HITRUST CSF combines existing frameworks, including the ISO/IEC 27000-series, and HIPAA to create a single, comprehensive set of security and privacy standards.

For entities covered by HIPAA regulation, HITRUST CSF offers a certifiable framework that demonstrates compliance with security standards.

IBM position

The services listed below have a HITRUST Certificate available, representing a period of time during which controls were assessed. IBM Service Descriptions (SDs) indicate if a given offering maintains a HITRUST letter of certification. Services below renew and issue a letter of certification every two years. 

Reports and other documentation
View the IBM Cloud infrastructure HITRUST letter of certification
Take the next step

Questions about a compliance program? Need a protected compliance report? We can help.

See more compliance programs