Our HITRUST CSF Practitioners closely advise your team in identifying the appropriate organizational details and factors that will be used to create your organization’s HITRUST Self-Assessment. The collaboration in this initial scoping exercise is one of the most critical activities on the journey towards adopting the HITRUST CSF.
Next, we guide and advise you through a facilitated self-assessment, which measures your organization’s compliance with five maturity evaluation criteria for each HITRUST requirement.
Once your organization has completed their self-assessment, our BluePrint information security consultants review each control and provide an inventory of specific gaps that exist between the current state and full compliance with the HITRUST CSF.
We provide consulting support and expertise to allow you to advance your program, demonstrate compliance with the CSF requirements, and produce evidence of that compliance.
Submission for Certification
Finally, in the Validated Assessment, our BluePrint information security consultants perform a full audit of three elements for each requirement: the response, the score, and the evidence. We follow a rigid testing plan to validate compliance with each requirement and document these findings in Assessor Notes.
Our info-sec consultants act as a liaison with HITRUST throughout the certification and submission process.