Video Blog

HITRUST + SOC 2 Video Series Part 3: If a vendor says they have undergone a HITRUST audit, is that the same thing as being certified?

In this video, Chris Morrison, Manager of Security and IT at Springbuk, discusses the differences between a HITRUST audit and a HITRUST certification.

Q: If a vendor says they have undergone a HITRUST audit, is that the same thing as being certified?
A: Not necessarily. HITRUST isn't an audit. It's an assessment
In a certification, audits are usually more about an opinion on compliance, while an assessment defines the current state versus the ideal state and identifies weaknesses and gaps. So I suppose one could go through a HITRUST-based audit without the full assessment and certification. But to become HITRUST certified, the assessment process must go through an approved external assessor and then go through a HITRUST audit themselves.

Tagged:
News
Featured Posts
White Paper
Employee Health Trends 2024: Mid-year Update
Product
Springbuk Activate
E-book
The Benefit Leader’s Guide to Maximizing Point Solution Investments

Featured Resources

More than data analytics, we provide thought leadership to help drive results.
White Paper

Employee Health Trends 2024: Mid-year Update

Product

Springbuk Activate

E-book

The Benefit Leader’s Guide to Maximizing Point Solution Investments

E-book

The User Analytic Journey

White Paper

Employee Health Trends 2024

E-book

Empowering Your Moments in Time

View All Resources