The Assessment Handbook defines the requirements for organizations assessing their information protection programs against the HITRUST CSF through a readiness or validated assessment. The assessment handbook is intended to provide guidance and expectations of the assessment process to the HITRUST community.
HITRUST has published an exposure draft of the Assessment Handbook and invites all stakeholders to review and submit feedback by July 7, 2023.
The Assessment Handbook is not yet final and will not be enforced during the exposure draft review period. HITRUST will continue to enforce the existing guidance published within the HITRUST website (www.hitrustalliance.net).
P. 35, 8.1 Requirement Statement Background, paragraph 3: "Each Requirement Statement in aa r2, i1 or e1 assessment contains" has an extra "a" before r2