top of page

HITRUST CSF Certification

HITRUST Certified on Microsoft Azure

HITRUST certification by the HITRUST Alliance enables vendors and covered entities to demonstrate compliance to HIPAA requirements based on a standardized framework. When working with Project Hosts, applications, data and workloads inherit HITRUST compliance when migrated into our HITRUST Certified Cloud. As an organization seeking a HITRUST Certification, you have two options:


  1. You can do it yourself – Build a GSS solution. This GSS must include:
    •  Logging, Intrusion and Incident Response
    •  Backup, DR, Contingency Planning
    •  Vulnerability Scanning, Patching, Change Contro, POA&M
    •  Authenticationand Access Control
    •  General Support System

  2. You can work with Project Hosts – All GSS Services are already created in our HITRUST Certified Security Envelope on Microsoft Azure and pre-approved by the HITRUST Alliance.

The illustration below shows our pre-audited HITRUST Certifed Environment.

Project Hosts works directly with the HITRUST Alliance and Microsoft Azure to ensure that all of the necessary security controls are in place. Working with Microsoft Azure alone requires that your organization implement 60-84% of the security controls. The illustration below shows what Microsoft Azure’s Infrastructure as a Service (IaaS) offers in HITRUST compliance. The Blue Bar shows the compliance inherited by Microsoft Azure’s Infrastructure, covering 16-40% of the security controls. The Red Bar represents your organizations responsibility when you migrate into our HITRUST Certified environment on Azure. Project Hosts is represented by the Green Bar, covering the remaining security controls, and ensuring that our HITRUST CSF Certified cloud provides your applications, data and workloads with complete HITRUST compliance.

Project Hosts, along with Microsoft and the HITRUST Alliance’s Shared Responsibilty Workign Group has simplified HITRUST compliance for Healthcare other industries seeking a higher IT security standard. This is why healthcare providers and payers have adopted this security and privacy framework and are opting to work with our team at Project Hosts.

bottom of page