In an effort to normalize the security requirements of healthcare organizations, the HITRUST organization developed the CSF (Common Security Framework) which combines standards and regulations from 17 authoritative sources. The CSF is not a new standard, but rather a comprehensive tool that provides clarity and consistency among all the authoritative sources.
The CSF provides an online tool that can be used by a healthcare organization to help determine compliance of a system or the organization against the appropriate standards and regulations. The baseline assessment of the CSF provides a The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic h... scorecard and can scale for organizations large or small. The assessment can be a self-assessment, or one conducted by an authorized HITRUST assessor.