Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary Β» HiTRUST Β» HITRUST Inheritance Program

HITRUST Inheritance Program

The HITRUST Inheritance Program lets organizations rely on shared security controls provided by internal IT services or external third parties, like service providers, vendors, cloud platforms (SaaS, IaaS/PaaS), colocation data centers, and other managed services.

For example, if you’re using Salesforce, the HITRUST Inheritance Program allows you to incorporate the controls Salesforce uses into your audits and assessments. 

This means you don’t have to review Salesforce’s audit reports individually. Instead, your assessor can rely on the fact that Salesforce has already met the required testing for those controls and their HITRUST assessor has reviewed everything. It simplifies the process and saves time while ensuring compliance.

Now, here’s how you can use HITRUST Inheritance:

  • External Inheritance:Β  You can adopt up to 85% of the control testing scores from HITRUST-certified third-party Cloud Service Providers (CSPs).Β 
  • Internal Inheritance: You can also inherit results from your organization’s assessments, but this feature is available only with Corporate and Premium subscriptions.

This makes it easier to leverage existing compliance work and streamline your own assessments.

Additional reading

Quick Guide: How to Implement Data Privacy Framework?Β 

Did you know that 76% of users think companies should do more to safeguard their data online? But here’s the big question: Are you doing everything you can to protect your client’s data? If you’re uncertain, examining your current practices more closely is crucial.  As organizations increasingly rely on data-driven processes, safeguarding personal and confidential…

Top 10 ISMS Software Ranked: Compare Features [Free ISMS Manual PDF]

TL; DR This article compares the top ISMS software solutions to help organizations build, manage, and maintain an ISO-aligned Information Security Management System, evaluating tools based on automation depth, control monitoring, risk management, audit readiness, and ease of implementation. Top ISMS Software in 2026:1. Sprinto2. ISMS.online3. AuditBoard4. Vanta5. Hyperproof6. Scytale7. Secureframe8. Drata9. 6clicks10. Thoropass As…

Data Retention Policy for ISO 27001: A Simple Guide (+ Template)

Imagine a customer requests a copy of their personal data or asks for it to be deleted.  Without clear rules, finding that data or knowing if it should still exist can take days or even weeks.  Moreover, outdated or unnecessary information may remain in shared drives, backups, or archived systems. This leads to compliance risks…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales