HIPAA and HITRUST – What to Do?

HIPAA and HITRUST – What to Do? 600 445 Drummond Group

Many clients want to understand HIPAA and HITRUST®, how the two are related, and what they need to do. The Health Insurance Portability and Accountability Act (HIPAA), which passed in Congress in 1996, outlines privacy and security standards for health care data. HIPAA compliance is critical in order to ensure proper protection of data; however, it can be difficult to implement and manage.

To help address this challenge, HITRUST, founded in 2007, is an organization that helps you achieve those standards. HITRUST provides detailed documentation and guidance on how to implement security and privacy protections for all healthcare organizations as part of their certifiable security and privacy framework, the HITRUST CSF®.

While the HIPAA regulations took the first step in ensuring that organizations prioritize the security and privacy of sensitive health information, the HITRUST CSF provides the building blocks to build the necessary security and privacy program to comply with HIPAA and other state and organizational requirements. Implementing HITRUST CSF controls is the best way to build a strong security and privacy program. Achieving HITRUST CSF Certification is the best way to demonstrate to clients, patients and the public that you have successfully implemented that program that complies with regulations like HIPAA and protects sensitive patient data.

The HITRUST CSF is a certifiable framework that brings together several other compliance frameworks and standards including HIPAA, PCI, ISO, and NIST. With a HITRUST CSF Certification, you increase the likelihood that your organization:

  • Lowers your risk and evaluates your security against a certifiable framework
  • Complies with mandated certification by payors such as United Healthcare, Humana, Blue Cross/Blue Shield and many more
  • Eliminates the need for multiple responses to security questionnaires from clients and partners
  • Ensures compliance with Federal HIPAA regulations, and many state regulations (California, Texas, Nevada, New York, Massachusetts).
  • Avoids Federal and State hefty fines
  • Can leverage the HITRUST CSF Certification report for marketing purposes
  • Win and retain customers with your HITRUST CSF Certification

More and more of our clients are asking for HITRUST CSF Certification preparation and Drummond is ready to help you. We help our clients expedite the pre-assessment phase and evidence collection process to get them HITRUST CSF Certified. Our commitment and expertise in healthcare aligns with HITRUST’s purpose to ensure a high-quality security program and a trusted assessment.

Why achieve HITRUST CSF Certification through Drummond?

  • HITRUST External Assessor Since 2010
  • Serving the Health Care Industry Since 1999
  • Combined Audits – Assess Once, Report Many – HITRUST, PCI, & SOC
  • 100% of work performed by full-time US-based Drummond HITRUST Practitioners
  • We provide extensive consulting and preparation services before we submit to HITRUST for certification

We are happy to help you do the proper research to determine which programs are right for your company’s efficiency, compliance, and productivity. Experience our team of highly skilled experts ready to collaborate with you and your team. Increase trust, gain expertise and experience our unique approach and attention to detail and we partner with you to achieve compliance and get HITRUST CSF Certified.

To get started, contact us at sales@drummondgroup.com.

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.