The Health Information Trust Alliance (HITRUST) is a privately held company located in the United States. In collaboration with healthcare, technology and information security leaders, HITRUST has established a Common Security Framework (CSF) that can be used by all organizations that create, access, store or exchange sensitive and/or regulated data. The CSF includes a prescriptive set of controls intended to harmonize the requirements of multiple regulations and standards. It brings together several other compliance frameworks and standards including HIPAA, PCI, ISO, and NIST. CSF maps all of those standards together and acts as the central mapping key. According to HITRUST, CSF was “born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges.”

Thinking of using HITRUST to manage healthcare-related regulations with greater ease? Take a look at Rsam's HITRUST CSF and MyCSF offerings here.