We’re excited to announce the addition of 55 new services in scope under our latest Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification, for a total of 119 AWS services in scope.
You can deploy environments onto AWS and inherit our HITRUST certification provided that you use only in-scope services and apply the controls detailed in the CSF. The full list of HITRUST CSF certified AWS services is available on our Services in Scope by Compliance program page. The HITRUST CSF certification of AWS is valid for two years.
AWS has released a Quick Start reference architecture for HITRUST on AWS. The Quick Start includes AWS CloudFormation templates to automate building a baseline architecture that fits within your organization’s larger HITRUST program. It also includes a security controls reference (XLS download), which maps HITRUST controls to architecture decisions, features, and configuration of the baseline.
You can download the new HITRUST CSF certificate now through AWS Artifact in the AWS Management Console. As always, we value your feedback and questions. Please feel free to reach out to the team through the Contact Us page.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.