Helping companies demonstrate trust and comply with HITRUST’s rigorous standards

Partnerships with A-LIGN and Prescient Assurance for the HITRUST e1 Validated Assessment

Vanta, the leading trust management platform, announced today a partnership with HITRUST® Services Corp., the leader in cybersecurity assurances, to be the first automated compliance partner for the HITRUST e1 Assessment and reseller for the HITRUST MyCSF platform. The partnership brings greater efficiencies to control monitoring, compliance management, and assurance for organizations wanting to achieve HITRUST e1 Certification and demonstrate their commitment to safeguarding data and protected health information (PHI).

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240522230857/en/

In this first-of-its-kind partnership with HITRUST, Vanta equips organizations with the necessary tools to become HITRUST e1 certified and demonstrate trust to their customers through third-party assessments and external validation from HITRUST. (Graphic: Business Wire)

Rising Risk in Healthcare

Data breaches in the healthcare industry have become more prevalent, with an all-time high of 725 healthcare-related breaches in 20231, resulting in consumers and businesses alike becoming more mindful of the vendors they choose to share their data with.

While historically organizations have utilized HIPAA as a way to demonstrate a strong security posture, according to Vanta’s State of Trust Report, 66% of companies report that customers, investors, and suppliers are increasingly looking for proof of security and compliance. The HITRUST e1 Certification complements HIPAA by enabling organizations to certifiably demonstrate their cybersecurity measures while benchmarking them against HITRUST’s meticulous third-party assessment process.

Safeguarding Sensitive Data

In this first-of-its-kind partnership with HITRUST, Vanta equips organizations with the necessary tools to become HITRUST e1 certified and demonstrate trust to their customers through third-party assessments and external validation from HITRUST. As the first pre-built HITRUST e1 solution, Vanta natively includes the necessary controls, documents, and policies for e1 assessment and eliminates the manual “do-it-yourself” approach that other platforms require.

Vanta’s HITRUST e1 solution automates up to 80% of requirements by including:

  • Guidance around requirements: 44 new controls and 72 automated tests to ensure comprehensive and continuous compliance.
  • Documents and policy templates: 80 new documents and 10 policy addendums to outline practices around managing sensitive data.
  • Automated evidence collection: With over 300 integrations, Vanta automatically and continuously collects evidence from an organization’s technology stack.

Vanta’s platform also applies overlapping, implemented controls from other supported frameworks, including up to 50% of SOC 2 and ISO 27001, to eliminate duplicative work across compliance programs.

Coming soon, Vanta’s partnership with HITRUST will expand into an integration with their audit portal, MyCSF, for automatic importing of evidence into their audit platform — further streamlining the HITRUST validation process.

“By combining Vanta's innovative control monitoring technology with the comprehensive coverage of the HITRUST assurance program, we are setting a new standard for automated, continuous compliance and assurance,” said Blake Sutherland, EVP of Market Engagement, HITRUST. “Opening our platform for deeper integration with industry leaders like Vanta is part of HITRUST’s commitment to raise the relevance and reliability of our assurances, while improving efficiency through integration with the broader security ecosystem.”

To help customers get HITRUST e1 certified, Vanta has partnered with highly-regarded audit firms, A-LIGN and Prescient Assurance, as the preferred assessors for the HITRUST e1 Validated Assessment. A central requirement for compliance, the Validated Assessment assures customers that an organization’s PHI practices are ready to meet the rigorous standards of HITRUST e1.

“As the leading issuer of HITRUST certifications, we're thrilled to partner with Vanta to expand our portfolio of joint offerings and help our customers streamline the HITRUST process,” said Scott Price, Founder & CEO, A-LIGN. “By combining industry-leading compliance services with innovative technology, together we can deliver world-class compliance programs with unparalleled quality and efficiency.”

About Vanta

Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Over 7,000 companies including Atlassian, Omni Hotels, Quora and ZoomInfo rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, New York, San Francisco and Sydney. For more information, visit www.vanta.com.

1 https://www.hipaajournal.com/security-breaches-in-healthcare/

press@vanta.com