BluePrint Health Information Security™

HITRUST Certification

More than a service provider – we’re a long-term partner.

Intraprise Health’s BluePrint Security services have been at the forefront of healthcare privacy and security for over a decade. As one of the first 100% healthcare-focused assessors, we offer HITRUST Consulting and services for business associates and covered entities.

Achieving HITRUST Certification indicates that your security management program has been successfully assessed, scored, and validated against the HITRUST Common Security framework (CSF).

Our Goal

To guide customers through a facilitated, rigorous, and proven approach towards the goal of achieving compliance with the HITRUST CSF.


Healthcare focused


Years as HITRUST CSF Assessor


Began providing healthcare Security, Privacy and Compliance (SPAC) services



Submission for Certification

Our Process


Our Certified HITRUST CSF Practitioners thoroughly advise your team in identifying the appropriate administrative details and factors that will be used to create your organization’s HITRUST Self-Assessment. The collaboration in this initial scoping exercise ensures alignment with the business justification for the assessment and the expectations of the HITRUST Alliance.

It is also one of the most critical activities in our engagement as it identifies the number of control requirements you will need to comply with in order to become HITRUST Certified.


Next, the Intraprse Health team will guide your organization through its HITRUST Self-Assessment. Upon completion of the Self-Assessment, a list of Action Items for all 19 domains of the HITRUST CSF will be provided to improve overall compliance. The Action Items will include remediation suggestions, such as revisions to your organization’s specific responses as well as revisions to policy and process documentation.


During the remediation phase, your organization will be responsible for addressing the Action Items provided. Intraprise Health’s security experts will continue to meet with your organization’s primary point of contact on a recurring basis to identify remediation progress. When all Action Items have been addressed, Intraprise Health will perform an Adoption Review in preparation for the Validated Assessment.


Finally, Intraprise Health’s security team will perform an assessment of the completed Self-Assessment to validate compliance with the HITRUST CSF. We follow a rigid testing plan comprised of three elements for each requirement: the response, the score and the evidence. Once completed, Intraprise Health will submit the assessment to HITRUST via the MyCSF portal. Intraprise Health acts as the liaison with HITRUST throughout the entire submission and certification process.


Contact Us

Embedded Contact - HITRUST
Copyright © 2019 – TouchPoint Health, LLC t/a Intraprise Health
All Rights Reserved