Skip to Content


Managing risk

Managing risk: Protecting people and data
6 min read
Assess enterprise-wide risk management with SOC for Cybersecurity
SOC for Cybersecurity offers businesses a general-purpose attestation report on the design and effectiveness of cybersecurity risk management programs. Here's what you should know to meet business objectives, satisfy stakeholder expectations, and allay their cybersecurity concerns.
Tim Bowling
Article August 15, 2017 6 min read

Want to be HIPAA compliant? Get HITRUST certified
Frequently asked questions regarding CSF and the certification process

HITRUST Thought Leadership

  • HITRUST CSF: What is it, and why do you need it?
    If you’re in the healthcare industry or deal with Protected Healthcare Information, listen to our less-than-five-minute podcast as our cybersecurity manager, Alexis Kennedy, shares what HITRUST CSF is and why you may need it.
    Podcast April 13, 2017 4 minute listen
    Man in deep thought at desk

Up Next

Are your customers requiring that you’re HITRUST certified? Do you want a competitive advantage or a leg up in the sales process? The HITRUST common security framework (CSF) was developed to address security, privacy, and regulatory challenges facing the healthcare industry. It provides a comprehensive framework of prescriptive security controls to help organizations comply with HIPAA and HITECH requirements. We can help by taking into consideration specific risk factors to generate an appropriate control baseline for your organization so you can become certified and ensure success.

Up Next

Our Team

We're one of only a handful of CSF assessors for HITRUST and can certify your organization's readiness and compliance with the HITRUST common security framework. You'll benefit from access to our entire cybersecurity consulting team to navigate through the process. We have experts across various disciplines, helping to uphold information security and privacy standards. We work with healthcare organizations and their service providers to assess compliance with security control requirements and recommend corrective action plans that align with the CSF.


Raj Patel CISM, CISA, CRISK, FCAA (UK), Partner, Cybersecurity Practice Leader