risk3sixty white papers


Understanding the HITRUST CSF Framework

HITRUST CSF Whitepaper


HITRUST CSF Certification represents one of the fastest growing and most popular forms of providing information assurance over a company’s implemented system to prospects, clients, partners, and other stakeholders in the healthcare industry.

In an age where third-party due diligence is a business imperative, organizations are increasingly being pressured by regulators and other stakeholders to conduct due diligence on their partners and vendors.  This often comes in the form of annual security questionnaires and requirements for vendors to fill out vendor security packets.  In an effort to streamline this time-consuming and lengthy process, organizations often accept or require third-party assurance reporting, such as a SOC 2 report, ISO 27001 certification, or HITRUST CSF Certification, in lieu of or as a complement to other vendor risk management requirements.

For the companies seeking to meet the most popular and preferred third-party assurance standard in the healthcare industry, streamline the sales process, reduce barriers to doing business, and unify compliance efforts across multiple frameworks and regulatory requirements, implementing the HITRUST CSF and obtaining a HITRUST CSF Certification provides one of most compelling ways to build, manage, and maintain a security and compliance program.

Team Specialist

Phil Brudney


Philip leads Security, Privacy, and Compliance research and quality assurance at risk3sixty. He oversees privacy and attestation reporting and is the co-quality assurance manager for the assurance practice where he is responsible for ensuring each engagement meets risk3sixty’s rigorous quality standards in line with AICPA requirements. Phil leads development and peer review of thought leadership, research, and whitepapers. In addition, Phil acts as the Data Protection Officer (DPO) for a wide array of US based firms facing GDPR compliance.

Speak With An Expert

Let Us Know How We Can Help

Fill out the form and let us know what service you’re interested in; or ask any general question and we’ll get back to you as soon as possible.