The foundation of all HITRUST programs and services is the HITRUST Common Security Framework, a certifiable framework that provides organizations with the needed structure, detail and clarity relating to information security tailored to the healthcare industry.

The HITRUST CSF:

• Leverages existing, globally recognized standards
• Scales according to type, size and complexity of an implementing organization
• Provides prescriptive requirements to ensure clarity
• Follows a risk-based approach offering multiple levels of implementation requirements determined by risks and thresholds
• Allows for the adoption of alternate controls when necessary
• Evolves according to user input and changing conditions in the healthcare industry and regulatory environment

Orange Parachute consultants possess years of expertise in healthcare information security management, and we can assist you in identifying current gaps in your program and help you to remediate.

Services include:

• Readiness Assessment / Gap Analysis – We can help you to clarify the scope of certification, and then identify the gaps to determine your organization's readiness to proceed with the certification process.
• Remediation Services – We can provide you with assistance in closing the gaps that would prevent you from obtaining certification. This includes the creation of a Corrective Action Plan (CAP), which describes the specific measures that are planned to correct deficiencies in your CSF implementation effort.