Tackle the privacy and compliance challenges facing your healthcare organization with confidence.

The HITRUST Common Security Framework is an information security framework designed to increase compliance while minimizing impact by aligning your existing security requirements with:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health (HITECH)
  • Payment Card Industry (PCI)
  • Control Objectives for Information and Related Technology (COBIT)
  • National Institute of Standards and Technology (NIST)
  • Federal Trade Commission (FTC)

Increase Compliance, Minimize Impact

Pre-Assessment/Gap Analysis

  • Analysis of current security environment
  • Documentation preparation
  • Tracking security control implementation for on-site assessments


  • Examining documentation
  • Conducting interviews
  • Testing system components that fulfill required security controls


  • Comparing pre-assessment efforts to assessment results, driving the remediation period before submission to HITRUST for certification

Why Veris Group?

As a Health Information Trust (HITRUST) Alliance Common Security Framework Assessor, we help you align your security objectives with healthcare industry regulation and standards to maximize efficiency and minimize impact on your organization by:

  • Applying best practices in government compliance to healthcare–experience gained from working with the Department of Health and Human Services
  • Customizing assessments according to your compliance objectives
  • Minimizing operational impact with a single assessment designed to achieve compliance across multiple regulatory fields
  • Limiting audit redundancies by utilizing past audit results, minimizing the impact on organizational resources
  • Maximizing efficiency by providing extended remediation times to ensure that compliance objectives are met prior to final reporting

Additional Resources:

HIPAA on Amazon Web Services (AWS) – What You Need To Know

Understanding the regulatory roadmap for HIPAA on AWS Summary Many organizations have adopted, or are actively considering, cloud technologies to improve their business. The speed, [...]