Project Hosts’ Turnkey Healthcare Compliant Cloud is both HIPAA compliant and HITRUST CSF certified.  We ensure that all HIPAA & HITRUST security controls are implemented and documented when your solutions are deployed.  This means less time and money spent on compliance activities.

Why we include HITRUST

HITRUST CSF provides a prescriptive set of controls that meet the requirements of not only HIPAA, but other security standards such as PCI and NIST 800-53 v.4.  HITRUST builds on HIPAA, a non-prescriptive compliance framework, and creates a standardized compliance framework, assessment, and certification process for the healthcare industry.  HITRUST CSF certification is a much more rigorous process, with a higher burden of proof put on the organization trying to achieve certification, than a HIPAA audit. That is why Project Hosts provides not only a HIPAA compliant cloud, but a HITRUST certified cloud environment to host your data, workloads and applications.


  • Self attestation
  • Compliant through ISO audit
  • Not Updated (Stagnant)
  • Not very prescriptive – Example: passwords – (Password rules are not mandated)


  • Official certification
  • Audited by HITRUST certified auditors
  • Continually updated
  • Prescriptive – Example: passwords – (Minumum length: 8 characters, Complexity: 3 out of 4 character types, Change requires 4 changed characters, Password expiration: Every 60 days, Reuse: Can’t use last 6 passwords, Etc.

As a result, many Providers, Payers and other covered entities are requiring HITRUST.

Join our webinar

    Health Clouds for Providers
    Healthcare Providers Cloud
    Health Clouds for Payers
    Healthcare Payers Cloud
    Health Clouds for Medical Devices
    Medical Devices Cloud
    Health Clouds for ISVs
    Healthcare ISV Cloud