Video Blog

HITRUST + SOC 2 Video Series Part 3: If a vendor says they have undergone a HITRUST audit, is that the same thing as being certified?

In this video, Chris Morrison, Manager of Security and IT at Springbuk, discusses the differences between a HITRUST audit and a HITRUST certification.

Q: If a vendor says they have undergone a HITRUST audit, is that the same thing as being certified?
A: Not necessarily. HITRUST isn't an audit. It's an assessment
In a certification, audits are usually more about an opinion on compliance, while an assessment defines the current state versus the ideal state and identifies weaknesses and gaps. So I suppose one could go through a HITRUST-based audit without the full assessment and certification. But to become HITRUST certified, the assessment process must go through an approved external assessor and then go through a HITRUST audit themselves.

Tagged:
News
Featured Posts
White Paper
Employee Health Trends 2024
Product
Springbuk Activate
E-book
The Benefit Leader’s Guide to Maximizing Point Solution Investments

Featured Resources

More than data analytics, we provide thought leadership to help drive results.
White Paper

Employee Health Trends 2024

Product

Springbuk Activate

E-book

The Benefit Leader’s Guide to Maximizing Point Solution Investments

E-book

The User Analytic Journey

White Paper

Employee Health Trends 2023

E-book

Empowering Your Moments in Time

View ALL Resources