Wipfli logo
Back to Articles

HITRUST® and the cloud

Papador_Jason
Jason J. Papador
Aug 20, 2020
1 min read

When it comes to the cloud, do you meet HITRUST CSF requirements?

The HITRUST CSF® is one of the most widely adopted security and privacy frameworks. As a HITRUST Authorized External Assessor, Wipfli helps businesses and organizations assess their compliance with security and privacy control requirements, as well as create corrective action plans (CAPs) that align with HITRUST CSF.

A subject that frequently comes up during our work with clients is cloud computing services — in particular, whether Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and other third-party tools offer features that can help address the assurances required across the 19 HITRUST CSF Assessment domains.

In this whitepaper, we’re going to cover four specific areas related to the HITRUST CSF and the cloud:

  1. Cloud platform compliance, shared responsibility and how different cloud solutions compare
  2. Endpoint protection, portable media security and mobile device security
  3. Audit logging and monitoring
  4. Configuration management and vulnerability management

In each section, we’ll share some of the useful tools and features we’ve encountered while performing HITRUST CSF Assessments that can help with compliance.

Click here to download the whitepaper.

Author(s)

Papador_Jason
Jason J. Papador
Consultant
View Profile
Securing your data
How we helped one organization undertake both HITRUST and SOC audits successfully.
See their story

TOP PICKS

Matthew Hovis
Matthew Hovis 11/18/2024
Mind the gaps: Recent enforcement actions and what they say about AML/CFT data management
Read full story
Karen Johnston
Karen Johnston 11/14/2024
Navigating the AI frontier: HITRUST’s pioneering assurance program
Read full story
Blaser_Melissa
Melissa D. Blaser 10/24/2024
How to proactively manage UDAAP risks
Read full story