Compliance

Coalfire celebrates a decade as HITRUST assessor

Zach Shales 70px png

Zach Shales

Senior Director, Cloud Infrastructure, Coalfire

Blog Images temp images 10yrs HITRUST

As one of the original Authorized External Assessors, Coalfire is pleased to celebrate our 10th anniversary working with the HITRUST Alliance. Since our first engagement in 2011, we’ve achieved many milestones including:

  1. Assessed and advised more than four hundred Fortune 500 and enterprise organizations on over 1,000 HITRUST-related projects
  2. Consulted with major healthcare organizations, and 8 of the top 10 cloud service providers (CSPs)
  3. Provided continuing industry thought leadership to the HITRUST Alliance by participating in the HITRUST Assessor Council, Quality Control Subcommittee, and Third-Party Risk Management (TPRM) Council
  4. Built a team of nearly 60 best-in-class HITRUST assessors and practitioners who advise and assess the most prominent, influential, and innovative organizations in the world

Our dedicated Coalfire team is proud to be one of only about 100 assessors, and quite possibly the world’s most experienced with the HITRUST CSF.

The origin of HITRUST CSF

When first established in 2007, HITRUST’s visionary founders recognized the need to aggregate disparate regulations and standards to form a single, certifiable framework. The “one framework, one assessment” foundation has provided thousands of organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. Consequently, more and more organizations use the HITRUST “seal of approval” as a competitive differentiator to show the highest level of commitment to customer data protection.

Developed over the years with data protection professionals including Coalfire, the CSF rationalizes relevant regulations and standards into a single overarching security framework that has built generational trust and assurance for millions of patients, buyers, and partners. As a result of HITRUST’s tremendous market adoption, the number of advisory and assessment projects for Coalfire’s HITRUST practice has consistently grown year-over-year. We’re proud to serve as consultants to the world’s leading healthcare and cloud service provider organizations.

Coalfire’s 10-year partnership with CSF

As CSF has matured over the years, Coalfire has contributed to best practices at every step through our involvement — first with councils to shape the future of the framework — and now as an AWS Advanced Consulting Partner and AWS Healthcare Partner. Coalfire’s methodology and technologies have helped healthcare organizations of all sizes achieve HITRUST certification and follow-on optimization. Coalfire’s HITRUST services include:

  • HITRUST Assessment Services – Readiness, Validated, and Interim
  • HITRUST Advisory Services – Policy & Procedure Creation, Implementation & Remediation Support, Program Management, Workshops
  • HIPAA Security, Privacy, and Breach Notification Compliance Assessments
  • HIPAA Advisory Services – Policy & Procedure Creation, Workshops
  • HIPAA Security Risk Analysis
  • Vulnerability Scanning & Penetration Testing
  • Enterprise Risk Analysis
  • Third-Party Risk Management
  • OCR Audit Response

What’s next for HITRUST and Coalfire?

Coalfire is incredibly excited for 2022. We are fully committed to developing world-class solutions for our teams and customers. On the immediate horizon is the newly announced i1 assessment, and we’re eagerly anticipating more news regarding CSFv10. Alongside these developments from HITRUST, we’re making significant investments in audit automation and assessment tools that will streamline the entirety of an assessment.

We’ve learned a lot over the past 10 years but one thing Coalfire has always known that our team and customers are at the vanguard of our priorities. We extend a heartfelt and sincere ‘thank you’ to our amazing team and customers. We’re looking forward to the next decade as one of the most experienced, dedicated, and involved HITRUST partners!