Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » HiTRUST » HITRUST Inheritance Program

HITRUST Inheritance Program

The HITRUST Inheritance Program lets organizations rely on shared security controls provided by internal IT services or external third parties, like service providers, vendors, cloud platforms (SaaS, IaaS/PaaS), colocation data centers, and other managed services.

For example, if you’re using Salesforce, the HITRUST Inheritance Program allows you to incorporate the controls Salesforce uses into your audits and assessments. 

This means you don’t have to review Salesforce’s audit reports individually. Instead, your assessor can rely on the fact that Salesforce has already met the required testing for those controls and their HITRUST assessor has reviewed everything. It simplifies the process and saves time while ensuring compliance.

Now, here’s how you can use HITRUST Inheritance:

  • External Inheritance:  You can adopt up to 85% of the control testing scores from HITRUST-certified third-party Cloud Service Providers (CSPs). 
  • Internal Inheritance: You can also inherit results from your organization’s assessments, but this feature is available only with Corporate and Premium subscriptions.

This makes it easier to leverage existing compliance work and streamline your own assessments.

Additional reading

Top 11 Data Loss Prevention (DLP) Software in 2026

TL;DR The best tools combine endpoint + cloud + email coverage with DSPM-style discovery and AI-driven intent detection to cut false positives and catch real leaks. You need DLP if you handle regulated or high-value data: PII/PHI/PCI and IP protection typically requires always-on monitoring, policy enforcement, and audit-ready logging for SOC 2, ISO 27001, HIPAA, GDPR,…

The Complete Guide To Identity And Access Management

In 2023, 83% of organizations experienced at least one identity-related data breach, according to the Defined Security Alliance. These incidents—ranging from unauthorized access to stolen credentials—cost companies millions and eroded customer trust.  This tells us how crucial it is to have a well-defined Identity and Access Management (IAM) strategy. IAM is a collection of procedures,…

Top 11 Picks for Compliance Audit Software in 2026

TL;DR Continuous monitoring beats point-in-time prep: The best compliance audit software keeps controls monitored year-round instead of scrambling before fieldwork. Framework reuse reduces compliance debt: Strong platforms map one control across multiple standards, eliminating duplicate work. Fit depends on maturity and complexity: Startups need guided, fast certification tools; enterprises require configurable workflows, multi-entity oversight, and…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales