The HITRUST Alliance initially created this framework to help customers demonstrate compliance with HIPAA and HITECH regulations. The HITRUST CSF initially focused on creating a control framework for protecting healthcare related data. The framework has since grown to encompass ISO, NIST, PCI, and FFIEC related controls. The Experience Management Platform™ meets all the specifications of HiTRUST, so you can be sure your platform is compliant.
NIST Cybersecurity Framework
In addition to the HITRUST certification, we’ve mapped the results of testing to the NIST Cybersecurity Framework (NIST CSF). This specifically addresses controls around identifying, protecting, detecting, responding, and recovering risks to the organization.
Protecting Health Information
Our HITRUST certification allows you to map your specific requirements to our ~300 controls. These controls are evaluated at least annually as part of our internal audit and external assessments. Information around our controls and how they are performed are published as part of our Security White Paper.
Trusted by 20,000+ organizations.
Built with security at every layer.
Protect Data
+ Data encryption in transit
+ Email security (SMTP, DKIM)
+ Data isolation with BYOK
+ Local and offsite redundancy
+ 24/7 security operations center
Control Access
+ Role-based authentication
+ Single sign-on (SSO)
+ Password and session management
+ User opt-out for re-contact
+ Security governance oversight
Monitor and Improve
+ Continuous network monitoring
+ Internal and external audits
+ Regular risk assessments
+ Policy and action tracking
+ Annual recertification and reviews
Contact our sales team to learn more
about Qualtrics Security
Contact our sales team to learn more
about Qualtrics Security