• 2 min read

Azure expands certification scope of Health Information Trust Alliance Common Security Framework

I’m proud to announce that our Azure Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) Certification was not only renewed by HITRUST, but our certification scope has expanded from last year by more than 250 percent! The HITRUST CSF Certification is the most widely recognized security accreditation in the healthcare industry.

I’m proud to announce that our Azure HITRUST® CSF Certification was not only renewed by HITRUST, but our certification scope has expanded from last year by more than 250 percent! The HITRUST CSF Certification is the most widely recognized security accreditation in the healthcare industry. The HITRUST CSF builds on Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, by providing a framework for complex compliance requirements that include technical and process elements such as HIPAA, National Institute of Standards and Technology (NIST), The Information Services Office (ISO) and Control Objectives for Information and Related Technologies (COBIT) to ensure controls are in place to safeguard Protected Health Information (PHI).
   
Health customers can further leverage our HITRUST CSF Certification as part of their own certification process when they build on Azure. To accelerate adoption and utilization for customers managing health data, we also recently released the Azure Security and Compliance Blueprint – HIPAA/HITRUST Health Data and AI, which provides tools and guidance for building HIPAA/HITRUST solutions.

Our greatly expanded HITRUST CSF assessment is another indication of our commitment to safeguarding information and maintaining the trust of our customers and the members they serve.
  
“HITRUST has been working with the industry to ensure the appropriate information protection requirements are met when sensitive information is accessed or stored in a cloud environment. By taking the steps necessary to obtain HITRUST CSF Certified status, Microsoft Azure is distinguished as an organization that people can count on to keep their information safe,” said Ken Vander Wal, Chief Compliance Officer, HITRUST.

Learn more by taking a closer look at the Official Letter of Certification.

You can also learn more about the Trust Center and all Microsoft products that comply with HIPAA and HITRUST.

The following is a complete list of Azure services included in this HITRUST certification spanning Azure, Azure Government, and Azure Germany clouds: