HITRUST, in collaboration with private sector, government, technology and information privacy and security leaders, has established the HITRUST CSF, a certifiable framework that can be used by any organization that creates, accesses, stores or exchanges sensitive information. The HITRUST CSF harmonizes multiple frameworks, standards, state, federal and International regulations and leading practices into a single framework. The HITRUST CSF addresses industry- specific challenges by leveraging and enhancing existing frameworks, standards and regulations to provide organizations of varying sizes, geographic operation and risk profiles with prescriptive implementation requirements and guidelines.

The HITRUST CSF is a scalable, prescriptive and certifiable framework that harmonizes numerous standards, regulations, control frameworks and leading practices

The CSF Assurance Program is the oversight and assessment methodology governed by HITRUST and designed to address regulatory and business needs

The MyCSF Risk Assessment Platform (SaaS) is a secure, web-based solution for assessing against the HITRUST CSF or any of its harmonized standards, regulations, control frameworks and authoritative sources to manage compliance and measure risk

The HITRUST Academy provides education to individuals about the HITRUST CSF Assurance and De-Identification processes