Co-authored by Agnieszka Walkowiak and Sarah Fujita
We’re pleased to announce that Oracle Cloud Infrastructure (OCI) is now Health Information Trust Alliance (HITRUST) certified on the Common Security Framework (CSF).
The CSF is a well-established framework that’s accepted within the healthcare community and is being widely adopted across other industries as a global privacy and security standard.
With deep roots in the healthcare industry, HITRUST has set out to provide a prescriptive definition of HIPAA compliance, where no other certification exists. Although initially aimed to address HIPAA compliance gaps, HITRUST has since broadened its scope to include security and privacy controls from 45 authoritative sources into a single Common Security Framework (CSF). This framework includes compliance heavyweights like NIST, HIPAA, GDPR, and PCI DSS.
When an organization achieves HITRUST CSF Certification, you can be confident that they have endeavored a comprehensive assessment and validation process and implemented a risk-based approach to security and privacy protection.
Because the HITRUST CSF Certification relies on an “Access once, report many” approach, it can reduce the time and money spent on managing vendor security audits and lengthy security questionnaires. As a HITRUST certified cloud service provider, you can be confident that OCI is committed to managing risk, improving its security posture, and meeting multiple compliance framework requirements. For more information visit the HITRUST Alliance website.
See what’s in scope on the Oracle Cloud Infrastructure Compliance page.