The latest cloud infrastructure announcements, technical solutions, and enterprise cloud insights.

Oracle Cloud Infrastructure achieves HITRUST CSF Certification

Andrew Hahn
Cloud and Architecture Content Manager

Co-authored by Agnieszka Walkowiak and Sarah Fujita

We’re pleased to announce that Oracle Cloud Infrastructure (OCI) is now Health Information Trust Alliance (HITRUST) certified on the Common Security Framework (CSF).


The CSF is a well-established framework that’s accepted within the healthcare community and is being widely adopted across other industries as a global privacy and security standard.

With deep roots in the healthcare industry, HITRUST has set out to provide a prescriptive definition of HIPAA compliance, where no other certification exists. Although initially aimed to address HIPAA compliance gaps, HITRUST has since broadened its scope to include security and privacy controls from 45 authoritative sources into a single Common Security Framework (CSF). This framework includes compliance heavyweights like NIST, HIPAA, GDPR, and PCI DSS.

When an organization achieves HITRUST CSF Certification, you can be confident that they have endeavored a comprehensive assessment and validation process and implemented a risk-based approach to security and privacy protection.

Because the HITRUST CSF Certification relies on an “Access once, report many” approach, it can reduce the time and money spent on managing vendor security audits and lengthy security questionnaires. As a HITRUST certified cloud service provider, you can be confident that OCI is committed to managing risk, improving its security posture, and meeting multiple compliance framework requirements. For more information visit the HITRUST Alliance website.

See what’s in scope on the Oracle Cloud Infrastructure Compliance page.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha