HITRUST (In Progress)
Health Information Trust (HITRUST) Alliance
HITRUST is an acronym for the Health Information Trust (HITRUST) Alliance, an independent testing organization that issues the Certified Security Framework (CSF) certification to vendors who successfully pass their rigorous security evaluation. HITRUST CSF certification indicates that an organization has met industry-defined requirements and is appropriately managing risk when protecting patient data. It’s similar to having TSA pre-boarding clearance at the airport – you breeze through security because you’re a known quantity that’s been pre-verified.
Here’s how the process works. Over the course of many months, HITRUST conducts multiple rounds of security audits that highlight potential vulnerabilities, by which the vendor then makes corrections and resubmits its solution for further testing until the solution receives a passing grade across all categories. For PG Solutions Group, this process took " " months and numerous rounds of updates to meet HITRUST’s stringent guidelines. The testing criteria included 172 baseline controls across 19 domains, and generated more than 500 written ratings and responses. Needless to say, no stone was left unturned and we are extremely pleased to be the first vendor of our kind to achieve the HITRUST CSF certification.