Do you need to complete any of the following?

  • Onsite Risk Assessment (We will help you prepare and get the highest score possible)
  • HITRUST Self Assessment
  • HITRUST Validation
  • HITRUST Ceritification

There are 10,000 companies that need to be HITRUST certified by the end of 2017, don't wait too long. It is to your benefit to engage us as early as possible!

We recommend that you thoroughly screen the HITRUST Assessor firms you are considering. Becoming HITRUST Certified is a big task. Choosing the wrong fit for your organization could cost you a lot of time and money.

We have created a set of nine screening questions to ensure that you get the best fit with your HITRUST Assessor.

# Question Reply




Do you have a proven methodology in place? Yes, we developed the ComplySmart HITRUST System (CHS) over the last four years to get your organization HITRUST Certified as quickly and inexpensively as possible. Give us 30 minutes to prove it!  GreenCheckMark



We need a lot of assistance; do you guide us through the process? Yes, we guide you every step of the way. Our ComplySmart HITRUST System includes daily collaboration with your assigned HITRUST Assessor.  GreenCheckMark




How long has your organization been a HITRUST Assessor? ComplySmart was designated a Certified HITRUST Assessor in March 2013. We were the 12th firm to be awarded the certification. A majority of the HITRUST Assessors on the list were added in the last year or two.  GreenCheckMark




Have you worked with firms in my line of business? We’ve worked with companies of all types, including: cloud providers, data analytic companies, data centers, third party processors, health care organizations, SAAS providers, print companies, medical device companies, wellness companies, etc.  GreenCheckMark



Do you have references that you will provide? Absolutely! We have a lot of happy customers. We will be happy to provide references.  GreenCheckMark



Do you use off-shore resources? No, ComplySmart only uses U.S. personnel.  GreenCheckMark



Do you use resources that are not HITRUST Certified Assessors to perform the work? No, all our resources are HITRUST Certified Assessors.  GreenCheckMark



Do you use junior auditors? ComplySmart only uses senior HITRUST Assessors with 20+ years of experience. Our Assessors have the leading industry security and compliance certifications.  GreenCheckMark




Is your team pleasant to work with? A lot of organizations overlook this aspect.   You are going to be working with your HITRUST Assessor for quite a while. ComplySmart employs a “No Jerks” policy. Our people are pleasant to work with, and have a good sense of humor.  GreenCheckMark

ComplySmart HITRUST System (CHS)

ComplySmart can assist you in becoming HITRUST Certified as inexpensively and quickly as possible. Our system dramatically reduces the amount of labor your organization will spend becoming HITRUST compliant. 

We are able to assist whether you are ready to immediately pursue HITRUST certification or need some help and guidance to prepare.

Please fill out the information request form on the right for a free 30 minute analysis of your current state of readiness and an explanation of our certification program. We will discuss next steps and provide you with same day pricing.

We've found that many organizations need help to prepare for HITRUST certification and if left on their own it could take a year or two to put everything in place.

Many organizations spend a lot of money and take months to have an assessment performed. At the end of the assessment they have a list of what they are missing, but they aren’t any closer to compliance.

Our ComplySmart HITRUST System includes the following items which we will integrate with what you already have in place:

  • HITRUST aligned policies and procedures document
  • All necessary forms and document templates
  • Over 25 workflows that your organization can adopt to assist in achieving certification
  • Recocommendations on low cost security tools that you may need to put in place to achieve compliance. Examples are listed below:
  1. Log Management/File Integrity Monitoring
  2. Security Awareness Training
  3. Workflow Management System
  4. Anonymous Reporting Hotline
  5. Penetration Testing
  6. Internal, External, and Web Application Vulnerability Scanning
  7. Asset Management/Unauthorized Connections
  8. Risk Management System
  9. Intrusion Detection
  10. Wireless Scanning

By integrating what you already have and filling any gaps with our tools and templates you will quickly be able to achieve HITRUST certification.

What is HITRUST?

The HITRUST Common Security Framework (CSF), developed in collaboration with healthcare and security experts, is a certifiable, information security framework that provides organizations with an actionable roadmap tailored to the unique needs of the healthcare industry. To date, the HITRUST CSF is the most widely-adopted security framework in the U.S. healthcare industry and has become the de facto standard. For more information on the HITRUST standard go to: www.hitrustalliance.net

Why is it Important to Me?

Becoming HITRUST certified is a significant competitive advantage and is becoming necessary to perform services in the healthcare field. Many healthcare organizations are now requiring their Business Associates/Service Providers that either capture, store, or process Protected Health Information (PHI) to become HITRUST CSF Certified. This is a necessary step to ensure that their Business Associates/Service Providers have established adequate controls to protect PHI and comply with the HIPAA Privacy, Security, and HITECH regulations.

Recognizing the significance of the role played by their business associates when it comes to the protection of health information, leading healthcare organizations, including CVS Caremark, Health Care Services Corp., Highmark, Humana, United Health Group and WellPoint, have announced their commitment to leverage the CSF Assurance Program in their business associate information compliance programs and require the submission of the CSF assessment reports as part of those programs.

Why Should I Use ComplySmart?

As a HITRUST CSF Assessor, ComplySmart provides readiness, certification, and remediation services for healthcare organizations and their business associates to assess compliance with industry security requirements and standards, and create solutions that help organizations align with the HITRUST Common Security Framework (CSF).

ComplySmart offers the following:

  • Senior assessors with 20+ years of experience in many industries, not young assessors right out of college
  • Senior assessors actually do the work, project is not handed off to junior assessors
  • Senior assessors with all of the top industry certifications in security, compliance, and privacy
  • ComplySmart works with you until you are compliant and provides guidance along the way, this is not a pass/fail engagement
  • ComplySmart provides document templates and advice to help you reach compliance as quickly and easily as possible
  • ComplySmart uses a web based collaboration site to manage our projects. This site is used to assign tasks, manage documents, and provide up to the minute project status. This allows you and your staff to work on the project when it is convenient for you not the assessor.