February 24, 2021 – ABCorp Boston Facility Achieves HITRUST Certification

What is the HITRUST Common Security Framework (CSF)?

The HITRUST CSF is the leading information security framework for the healthcare industry. According to the Health Information Trust Alliance, the HITRUST CSF was developed to address the multitude of security, privacy and regulatory challenges facing healthcare organizations through a comprehensive and flexible framework of prescriptive and scalable security controls.

The CSF includes federal and state regulations, standards, and frameworks, and incorporates a risk-based approach that provides specific criteria to assess the protection of confidentiality, integrity, and availability of information systems — all particularly relevant to healthcare.


“Gold Standard” of Healthcare Data Security. Healthcare payers, and an increasing number of health systems and hospitals, are requiring their business associates to become HITRUST certified because the certification demonstrates that the organization has made a dedicated commitment to maintain the greatest level of protection for their customer’s healthcare data.

 Scalable and Cost-Effective. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address rapidly-evolving information security challenges affecting every healthcare organization no matter of size.

Because of its consolidated controls approach, an organization can generate multiple reports addressing legislative, regulatory or best practice frameworks with just one assessment, creating a well-established, robust, and documented security program to present whenever needed.

Though it is a rigorous process, once certified, the organization can respond more thoroughly and faster, using fewer resource hours in a repeatable manner. This can significantly reduce the burden of a continuous stream of arduous and lengthy security questionnaires that are a customary part of doing business as a healthcare technology or services company.

 Competitive Advantage.  Healthcare organizations’ customers are aware and concerned about the ever-growing threat to their data security. They understand the importance of working with organizations who are educated on these threats and have taken the necessary steps to make sure they are protected according to the highest standards in the industry.

HITRUST Certification demonstrates that an organization is a leader in security, privacy, and compliance because they have the certification to back it up. This credibility and status in the healthcare industry sets an organization apart.