BluePrint Health Information Security™

HITRUST Certification

More than a service provider – we’re a long-term partner.

Intraprise Health’s BluePrint Security services have been at the forefront of healthcare privacy and security for over a decade. As one of the first 100% healthcare-focused assessors, we offer HITRUST Consulting and services for business associates and covered entities.

Achieving HITRUST Certification indicates that your security management program has been successfully assessed, scored, and validated against the HITRUST Common Security framework (CSF).

Our Goal

To guide customers through a facilitated, rigorous, and proven approach towards the goal of achieving compliance with the HITRUST CSF.


Healthcare focused


Years as HITRUST CSF Assessor


Began providing healthcare Security, Privacy and Compliance (SPAC) services



Submission for Certification

Our Process


Our HITRUST CSF Practitioners closely advise your team in identifying the appropriate organizational details and factors that will be used to create your organization’s HITRUST Self-Assessment. The collaboration in this initial scoping exercise is one of the most critical activities on the journey towards adopting the HITRUST CSF.

Next, we guide and advise you through a facilitated self-assessment, which measures your organization’s compliance with five maturity evaluation criteria for each HITRUST requirement.


Once your organization has completed their self-assessment, our BluePrint information security consultants review each control and provide an inventory of specific gaps that exist between the current state and full compliance with the HITRUST CSF.

We provide consulting support and expertise to allow you to advance your program, demonstrate compliance with the CSF requirements, and produce evidence of that compliance.

Submission for Certification

Finally, in the Validated Assessment, our BluePrint information security consultants perform a full audit of three elements for each requirement: the response, the score, and the evidence. We follow a rigid testing plan to validate compliance with each requirement and document these findings in Assessor Notes.

Our info-sec consultants act as a liaison with HITRUST throughout the certification and submission process.

Contact Us

Embedded Contact - HITRUST
Copyright © 2019 – TouchPoint Health, LLC t/a Intraprise Health
All Rights Reserved