Compliance services every healthcare organization needs.
HITRUST stands for Health Information Trust Alliance and was created to maintain the Common Security Framework (CSF). The framework was created to bring together and harmonize the compliance frameworks of HIPAA, ISO 27001/27002, NIST 800-53, GDPR, and PCI DSS. The HITRUST CSF is used by healthcare organizations and their business associates to manage regulatory risk. A HITRUST certification is valid for 24 months.
Our HITRUST CSF Services
As a HITRUST CSF assessor, 360 Advanced has been approved to perform assessment services associated with the CSF Assurance Program.
HITRUST CSF Self-Assessment Assistance Engagement
This engagement is designed as an introduction to compliance with CSF, and is the springboard to a validated assessment. This is completed quickly and is the least burdensome on your organization’s resources. HITRUST does not perform any validation of your self-assessment.
HITRUST CSF Validated Security Assessment
A validated assessment offers your relying entity (aka client) assurance from 360 Advanced, an authorized CSF Assessor, about your CSF compliance. HITRUST requires us to perform on-site procedures along with executing an extensive testing program. Upon completion, HITRUST reviews the completed assessment and issues a Validated Report. In general, if your organization achieved a rating of 3+ or higher (on a scale of 1 – 5) in each domain, then your organization is eligible to become HITRUST CSF Certified valid for a two-year period.
HITRUST CSF Interim Assessment
In order to maintain your organization’s two-year HITRUST CSF Certification, an interim assessment must be conducted by an authorized CSF Assessor and submitted to HITRUST within the 90 day window leading up to the one year anniversary of the certification issuance date. Since your organization has made the effort to achieve certification, it’s critical to maintain that status with the Interim Assessment.
See what our clients are saying about us.
360 Advanced showed great professionalism as it relates to getting acquainted with a very unique industry like ours, the school transportation industry. We know that’s not easy and we appreciate all the extra effort that was put into learning about us and our industry. We’re extremely pleased with the service.
The one thing that sticks out more than anything else is the audit readiness they provide before the audit process starts. I appreciated the coaching and mentoring we received so we were well prepared for the audit. 360 Advanced always answer their phones, whether for quick issues or questions. And, they are not nickel and diming us – we paid one fee and they are still assisting us post audit.
Vice President and Chief Information Officer
R.C. Giltner Services, Inc.
I think the strength of SSA16 accreditation compliance has been such an advantage for us, allowing us to improve our processes, provide oversight and have our customers see the difference. The SOC examination has exceeded our wildest dreams. We are communicating this as part of our sales process and now it’s a requirement in nearly all the RFPs. We’ve won every single bid we submitted on since we received compliance. We think that is the key differentiator.
Audit Services Company
You deserve a conversation, not a questionnaire.
We build long-term relationships through trust and value. If you’re looking for a trusted business advisor to build your holistic compliance strategy, let’s chat!