TrustCloud’s common control framework, programmatic policy mapping and evidence collection and an evidence-viewing portal make readiness and assessment more efficient for both auditors and companies pursuing HITRUST
Boston MA—November 2, 2023—TrustCloud™, the Trust Assurance platform using AI to upgrade GRC into a profit center, announced today that they are an authorized HITRUST readiness licensee. With this new qualification, TrustCloud can help companies prepare for a HITRUST e1, i1 or r2 assessment, in addition to many other frameworks including HIPAA, SOC 2, ISO 27001 and more. By combining efficient audit prep with faster security reviews to accelerate revenue and a dynamic, enterprise-wide risk register to decrease liability, TrustCloud upgrades GRC into a profit center for healthcare and insurance technology companies.
The HITRUST framework is designed to ensure companies meet the highest standards of information protection to safeguard Protected Health Information (PHI), and is currently used by eight of the ten top cloud security providers. Companies seeking the HITRUST certification are typically in the healthcare or insurance sectors; they may already comply with the HIPAA and SOC 2 frameworks, and are looking to go the extra mile to showcase their commitment to protecting information and upholding data security standards.
Given the rigorous nature of the HITRUST framework, companies seeking certification are often looking for guidance and support when preparing for a HITRUST audit. TrustCloud helps companies prepare for their assessment, as well as:
- Save time: Automated policy mapping and control testing allow companies to instantly cover a significant portion of the HITRUST framework, and use the TrustCloud API and other AI-powered automation capabilities to quickly address remaining requirements.
- Conserve resources: AI and automation-driven efficiency, support from a team of specialists and former auditors, and a portal designed to improve the auditor experience mitigate the need to spend more and hire additional resources to support the HITRUST process
- Avoid redundant work: TrustCloud’s common controls framework enables companies to leverage adherence with frameworks like HIPAA, SOC 2, ISO 27001 and more and apply it to HITRUST preparation
- Improve collaboration: In addition to control testing and policy mapping, TrustCloud’s integrations with tools like Slack and JIRA make it easier for GRC leaders to track, collect and manage required evidence without sending dozens of emails or training colleagues to learn a new tool
- Make the business case for HITRUST: Dashboards that clearly tie the amount of revenue accelerated and liability protected by adhering to specific frameworks show leadership how HITRUST impacts business growth
- Ensure a productive audit: A unified portal allows auditors to view evidence and assess adherence to HITRUST and many other frameworks, for faster assessments, less back and forth communication, and a clear feedback channel
“Readiness Licensees are an integral part of the HITRUST Community. In addition to their vast experience in information security, all Readiness Licensees undergo significant training in the HITRUST Assessment process and methodology which enables them to be trusted and independent resources for clients needing to improve their security posture,” said Matthew Datel, Director of Strategic Partnerships at HITRUST. “We are excited to welcome TrustCloud as an authorized partner so they can provide quality services for clients seeking e1, i1, and r2 assessments.”
“Extremely secure, reliable management of customer data is at the core of our business, and we’re pursuing the HITRUST certification to assure our healthcare customers that we’re taking all possible steps to protect PHI,” said Joe Doran, SVP Security & Compliance at Relay Network. “Working with TrustCloud allows us to efficiently prepare for our HITRUST audit, and their programmatic control mapping and continuous testing assures me and our customers that we’re being as thorough as possible. Instead of spending time collecting evidence or figuring out which controls to adhere to, we can focus on building the most secure, effective digital engagement platform in the market.”
“The healthcare technology space fosters powerful innovation while leveraging extremely sensitive data, so information security is paramount,” said Sravish Sridhar, CEO and Founder of TrustCloud. “Our customers want to leverage the HITRUST framework to prove their commitment to security and win new business and investment, but they are often intimidated by the potential time and budget required. TrustCloud is excited to join HITRUST as an authorized readiness partner, so we can make HITRUST accessible, affordable, and revenue-generating for a new set of healthcare and insurance businesses, who are ready to upgrade GRC into a profit center.”