HITRUST Security Assessment Program

HITRUST framework experience is a genuine technical discriminator against firms that cite HIPAA without credentialed audit personnel on staff. Tony Paul's CISA, CRISC, CISM, and HITRUST credentials apply directly to VA, HHS, and CMS security volume evaluations. HIPAA compliance attestation is supported by demonstrated HITRUST audit execution - not self-certification.

HITRUST CSF | ISO 27001 | CISA | CRISC | CISM | GDPR/PIMS | Vendor Risk Management

Tony Paul (CISO - assessment lead)

Third-party security assessments conducted using HITRUST framework

End-to-end vendor risk management including acquired organizations

Global scope: Europe and US coverage

13 years of sustained healthcare security governance