HITRUST

DirectTrust is an Authorized HITRUST Assessor specializing in accreditation and certification for healthcare organizations

Use Our Healthcare Accreditation Expertise For Your HITRUST Assessment

HITRUST certification demonstrates your commitment to the highest standards of data privacy and security. HITRUST’s Common Security and Privacy Framework (CSF) contains controls spanning different privacy and security regulations and requirements, as well as international, federal, and state legislation. Within the HITRUST CSF is the Risk-based, 2 Year (r2) Validated Assessment. r2 is recognized by various industry outlets as a gold standard in demonstrating protection and compliance of handling sensitive health information. For instance, the Trusted Exchange Framework and Common Agreement (TEFCA) specifies HITRUST r2 Certification for potential QHINs.

HITRUST authorizes external assessors to perform assessments and services associated with the HITRUST Assurance Program and the HITRUST CSF. DirectTrust is a proud authorized HITRUST assessor, with the unique quality of also being an non-profit accreditation body ourselves.

DirectTrust provides 20+ specific healthcare programs through EHNAC which include but are not limited to HIE’s, ePrescribers, clearinghouses and billing organizations. Each program contains many stakeholder specific requirements unique to each program and their data handling responsibilities. While programs are unique, the inclusion of privacy, security, and other healthcare-specific safeguards is consistent.

Our Assessors average 28 years of healthcare experience, and are experts in healthcare accreditation. If you’re looking for a HITRUST Assessor with healthcare accreditation expertise to guide you through the process, look no further than DirectTrust.

Apply for HITRUST

Partner with the healthcare experts at DirectTrust for your HITRUST Assessment

What Our Clients Say

“Because the healthcare industry is continuously faced with data and security issues involving PHI, it is important to us at Alpha II to not only provide credibility, but to also add strength to our technology solutions. The HITRUST CSF® certification of our solutions proves our commitment to maintaining the integrity of healthcare data for our partners and clients by providing a stamp of approval from a recognized independent source. EHNAC’s HITRUST Assessor has been instrumental in helping Alpha II complete our HITRUST Certification and HITRUST Interim Review in a timely manner.”

-Stuart Newsome, CPCO, VP, Corporate & Client Experience, Alpha II

“MedAllies decided to pursue HITRUST CSF certification to achieve security maturity levels meeting both industry best practices and regulatory requirements. Based on excellent past experiences with EHNAC, MedAllies chose to partner with them again as its HITRUST third party assessor. While the HITRUST process can be rigorous from attestation to validation with its breadth of domains and controls, EHNAC has made the experience as efficient as could be with utmost professionalism and deep knowledge of the framework.”

-Ethan Yehud, Chief Information Security Officer, MedAllies

Why choose DirectTrust as your HITRUST CSF Assessor?

By selecting DirectTrust as your organization’s HITRUST Assessor, you’ll have a healthcare accreditation expert as your partner. 

DirectTrust Assessors are also HITRUST Practitioners, meaning that, in many cases, the review process to obtain HITRUST CSF certification and DirectTrust accreditation governed by EHNAC is likely to be streamlined and may reduce costs.

Benefits include:

  • DirectTrust is a non-profit with extensive experience in healthcare accreditation and certification
  • Organizations achieving HITRUST certification have 100% of their privacy and security credited to their DirectTrust accreditation
  • Organizations with existing DirectTrust accreditation have the majority of their HIPAA-related privacy and security controls developed to apply to HITRUST CSF
  • DirectTrust Assessors are also HITRUST Practitioners, making it easier for organizations to undergo audits
  • Obtaining both HITRUST CSF certification and DirectTrust accreditation at the same time significantly reduces the time, expense, and redundancy needed to prepare documentation and undergo required site visits.
  • DirectTrust participates in key HITRUST workgroups, influencing the privacy and security requirements in future CSF versions.

Are you looking for hands-on support to help you through the pre-assessment steps, readiness planning process and more? Learn about our Consulting and Advisory Services which have been designed to support HITRUST Certification.