The Health Information Trust Alliance is referred to as HITRUST. It was established in 2007 and makes use of the “HITRUST strategy” to assist businesses from many industries, but particularly the healthcare industry, in managing data, information risk, and compliance. Vendors and covered entities can demonstrate compliance with HIPAA rules using a standardised framework thanks to HITRUST certification from the HITRUST Alliance.

The HITRUST Common Security Framework (CSF) evaluation can be used by organisations that produce, access, store, or exchange sensitive information as a road map for data security and compliance. The CSF standard was created as a risk-based approach to organisational security as opposed to a compliance-based approach, and it is certifiable (by security assessors). The HITRUST CSF assurance programme incorporates elements from NIST, PCI, ISO, and HIPAA, among other popular security frameworks.