Health Information Trust Alliance Common Security Framework
HITRUST CSF
Overview
The Health Information Trust Alliance Common Security Framework (HITRUST CSF) incorporates nationally and internationally accepted security frameworks such as ISO27001 and NIST 800-53 to create a comprehensive set of baseline security and privacy controls tailorable to your specific data flows and architectures.
HITRUST has developed the HITRUST CSF Assurance Program, which incorporates the common requirements, methodology, and tools which enable an organization and its business partners to take a consistent and incremental approach to managing compliance. Moreover, it allows business partners and vendors to assess and report against multiple sets of requirements to satisfy third-party risk assessment and assurance needs.
AWS customers can design and implement an AWS environment suitable to their needs, and use HITRUST-certified AWS services in a manner which supports the requirements of HITRUST CSF. Customers can also inherit the AWS certification for controls pertinent to their cloud architectures established under the HITRUST Shared Responsibility Matrix (SRM).
