HITRUST offers certifications for the following: (Select all that apply) [0017]

HITRUST issues certifications only for the HITRUST CSF (e.g., e1, i1, r2 certifications and designated privacy/AI certifications as defined by the program). While the CSF maps to and harmonizes with other frameworks and regulations (e.g., NIST SP 800-53, ISO/IEC 27001/27002, PCI-DSS), HITRUST does not issue certifications for those external standards.

“HITRUST provides certification against the HITRUST CSF. External standards and regulations are integrated as authoritative sources and mappings but are not certified by HITRUST.” [CCSFP Program Overview – Certifications & Mappings, 0017]