HIPAA / HITRUST
Security, Privacy and Breach Notification Rules
Covered entities and business associates face a challenging compliance issues with respect to complying with HIPAA and HITECH. Security, privacy, and breach notification rules require specific practices to secure protected health information. The HITRUST Common Security Framework (CSF) was developed with HIPAA in mind. HITRUST is now a widely adopted security framework in the healthcare industry. We help companies navigate compliance through the following:
We perform an assessment to identify the applicable HIPAA / HITECH regulations, relevant systems and process deficiencies mapping their practices against proven controls and safeguards. The result of this effort will be a detailed roadmap to achieve compliance.
We conduct an independent attestation of your compliance with the privacy, security and breach notification rules.
HITRUST Gap Analysis
HITRUST is a widely recognized security framework in the health care world, used to help companies implement controls to meet HIPAA requirements. We help companies get ready to meet the HITRUST Common Security Framework by reviewing your current practices against the HITRUST framework.
HITRUST SOC2+ Assessments
We can add HITRUST to your current SOC2 assessment. We will map your existing controls to the HITRUST Common Security Framework, and test and report on them as part of your regular SOC2 assessment. It’s an easy way to show your customers what you’re doing to meet HITRUST requirements.
Christian started with Cadence in 2013, and leads the FedRAMP, HITRUST and HIPAA compliance practices. As the primary FedRAMP lead, Christian serves as Cadence's liaison to the FedRAMP PMO, provides readiness and and assessment services to various cloud-companies, and oversees the operations of the FedRAMP compliance practice. As the HITRUST and HIPAA lead, Christian provides readiness and reporting services to companies across multiple industries.