HITRUST Common Security Framework (CSF) is the United States equivalent to the European General Data Protection Regulation. Certification involves an independent third-party assessment that verifies an organization has met all the industry-defined certification requirements relating to security and privacy of sensitive data. To learn more about Why digital health companies should be HITRUST certified, review this timely article from Jim Farrell in MedCity News.
In our case, this means an in-depth analysis and evidence-based investigation of over 256 different data privacy and protection domains by an independent third-party auditor on an annual basis.
The requirements imposed on companies seeking HITRUST Certification include the following:
Contact us to learn more about our regulatory compliance, data security, and privacy approach.