You are here

Our Experience

The healthcare industry is a complex information security and regulatory landscape. The Health Information Trust Alliance (HITRUST) was created to ensure that information security becomes a core tenet of the technology environment at healthcare organizations throughout the U.S.

Whether you’re a Covered Entity or a Business Associate, the HITRUST Common Security Framework (CSF) incorporates several data security frameworks into a comprehensive and flexible approach to help you meet contractual, regulatory and security audit requirements. In fact, we are seeing a growing vendor-management contractual requirement from healthcare providers and insurers for their Business Associates to perform a validated HITRUST assessment.

HITRUST Common Security Framework AssessorAs a HITRUST CSF Assessor, Wolf & Company's Healthcare security team has the experience to handle all of your HITRUST CSF compliance needs.  

Our Approach

With our history in heavily regulated industries and focusing on information security from our IT Assurance group’s inception our information security work incorporates practices that correspond to the HIPAA Privacy and Security Rule, ISO 27001, NIST, and PCI DSS.

We start by discussing with you what your current information security stature is and where you would like it to be. Our goal is to provide more than a report that checks all the boxes. We want to provide you a report that will inform your action plan so you may be in a stronger information security posture going forward.

While the actual onsite work is for a specific number of hours, we approach client service as a year-round event. We routinely reach out to our clients when security threats evolve and we want and expect you to contact us with any questions you have throughout the year. Our service team is supported by the audit principles of a 100+ year-old CPA firm with the network and security skills you’ll find in a boutique firm.

Whether you are looking to align yourself with the HITRUST CSF standard, receive a validated HITRUST CSF audit, or a SOC 2 for a HITRUST assurance report, we have the team and the custom approach to meet your needs.   

HITRUST Common Security Framework services include:

  • HITRUST CSF Self-Assessment consulting
  • HITRUST CSF Validated Audit

Contact Wolf & Company to find out more about our HITRUST services.