Project Hosts’ Turnkey Healthcare Compliant Cloud is both HIPAA compliant and HITRUST CSF certified. We ensure that all HIPAA & HITRUST security controls are implemented and documented when your solutions are deployed. This means less time and money spent on compliance activities.
Why we include HITRUST
HITRUST CSF provides a prescriptive set of controls that meet the requirements of not only HIPAA, but other security standards such as PCI and NIST 800-53 v.4. HITRUST builds on HIPAA, a non-prescriptive compliance framework, and creates a standardized compliance framework, assessment, and certification process for the healthcare industry. HITRUST CSF certification is a much more rigorous process, with a higher burden of proof put on the organization trying to achieve certification, than a HIPAA audit. That is why Project Hosts provides not only a HIPAA compliant cloud, but a HITRUST certified cloud environment to host your data, workloads and applications.
Compliant through ISO audit
Not Updated (Stagnant)
Not very prescriptive – Example: passwords – (Password rules are not mandated)
Audited by HITRUST certified auditors
Prescriptive – Example: passwords – (Minumum length: 8 characters, Complexity: 3 out of 4 character types, Change requires 4 changed characters, Password expiration: Every 60 days, Reuse: Can’t use last 6 passwords, Etc.
As a result, many Providers, Payers and other covered entities are requiring HITRUST.