Health Information Trust Alliance. (n.d.). One framework, one assessment, globally. HITRUST CSF. This resource speaks to the foundation of all HITRUST programs and services as a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management.
Cybersecurity & Infrastructure Security Agency. (2016, May). Healthcare
sector cybersecurity framework implementation. This resource seeks to help Healthcare Sector organizations understand and use the HITRUST RMF to achieve the goals of the NIST CsF and provide additional guidance. Focus on reading pages 9-13.
National Institute of Standards and Technology. (2018, April 16). Framework for improving critical infrastructure cybersecurity, version 1.1. CSRC. This resource presents a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk to promote protection and resilience of critical infrastructure and other sectors important to the economy and national security. Focus on reading the Executive Summary.
Cybersecurity and Infrastructure Security Agency. (2016, May). Healthcare sector Cybersecurity framework implementation. This resource presents background information on the NIST and HITRUST frameworks, including potential benefits to Healthcare Sector organizations, explains the relationship between the two frameworks and how the HITRUST RMF provides a model implementation of the NIST CSF -CSF for the Healthcare Sector, presents a mapping of HITRUST CSF controls to the NIST CSF-CSF subcategories, and provides additional implementation guidance. Focus on reading pages 9–14.
HITRUST. (2020, June 22). HITRUST releases version 9.4 of the HITRUST CSF incorporating the DoD CMMC, and approach to community standards. HITRUST CSF. This resource highlights the new HITRUST CSF version 9.4 and its entailed components.