HITRUST Compliance

LBMC HITRUST External Assessor

The HITRUST Common Security Framework (CSF) allows healthcare entities to demonstrate compliance with many different standards and regulations such as HIPAA, ISO, NIST, SOC 2, GDPR, PCI, CMS, MARS-E, and more. You can learn more about their background here: https://hitrustalliance.net/about-us/

One of a select group of HITRUST CSF assessors, LBMC Information Security participated in the effort to integrate security standards from Centers for Medicare and Medicaid Services (CMS) and NIST into the HITRUST Alliance framework. In 2010, we became one of the first HITRUST CSF assessor organizations, making us exceptionally qualified to use HITRUST CSF to assure your organization’s information is safe and secure.

HITRUST Readiness & Expertise

As a HITRUST assessor, LBMC Information Security’s experts can help ensure that your organization is prepared for HITRUST as you embark on the journey of certification and establishing a well-known and generally-accepted security framework within any industry.

HITRUST Certification

HITRUST has developed an assurance program that allows for independent HITRUST certification or validation against the framework. These validation or certification engagements must be performed by organizations (assessors) that have been specially trained and vetted by HITRUST as having experience and expertise specifically in healthcare information security.

HITRUST Interim Assessments

As required by HITRUST, an interim assessment must be completed as a follow-up after the first year of Certification. LBMC Information Security can help provide this assessment to gauge the organization’s current state against the HITRUST CSF and will leverage any evidence gathered to submit an Annual Review Letter to HITRUST.

Testimonial Icon
Needing a HITRUST assessment, we wanted a partner with HITRUST experience that we could engage with routinely face to face. This led us to choose a local firm with large enough resources and a solid reputation. LBMC was attractive because they had it all. All in all, our team greatly values LBMC’s highly-qualified professionals and accessible expertise.
Chief Information Security Officer at a healthcare management company in Nashville

HITRUST Bridge Assessment

The COVID-19 pandemic has created difficulties in carrying out certain aspects of HITRUST CSF Assessments due to restrictions on travel, meetings, and access to company sites. In response, HITRUST issued guidance for requesting an extension to the certification period. If you are seeking an external assessor to perform the assessment, LBMC stands ready to assist you.  With ten years of experience helping companies with their HITRUST needs, and the most experienced team in the industry, we aren’t going anywhere!

WEBINAR: HITRUST i1 Assessment

Play Button

Executive Team

Link to Drew HITRUST

Drew Hendrickson

Shareholder, Information Security

phone icon email icon Nashville
phone icon email icon Nashville
Link to Robyn HITRUST

Robyn Barton

Shareholder, Risk Services

phone icon email icon Nashville
phone icon email icon Nashville