Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » HiTRUST » HITRUST Inheritance Program

HITRUST Inheritance Program

The HITRUST Inheritance Program lets organizations rely on shared security controls provided by internal IT services or external third parties, like service providers, vendors, cloud platforms (SaaS, IaaS/PaaS), colocation data centers, and other managed services.

For example, if you’re using Salesforce, the HITRUST Inheritance Program allows you to incorporate the controls Salesforce uses into your audits and assessments. 

This means you don’t have to review Salesforce’s audit reports individually. Instead, your assessor can rely on the fact that Salesforce has already met the required testing for those controls and their HITRUST assessor has reviewed everything. It simplifies the process and saves time while ensuring compliance.

Now, here’s how you can use HITRUST Inheritance:

  • External Inheritance:  You can adopt up to 85% of the control testing scores from HITRUST-certified third-party Cloud Service Providers (CSPs). 
  • Internal Inheritance: You can also inherit results from your organization’s assessments, but this feature is available only with Corporate and Premium subscriptions.

This makes it easier to leverage existing compliance work and streamline your own assessments.

Additional reading

Is ISO 42001 the solution to AI risk management??

AI is everywhere. Artificial intelligence has become a seamless part of modern business, from the tools your team uses daily to third-party applications you barely notice. However, with this rapid adoption comes a significant problem: managing the risks that AI introduces.  Hallucinated outputs, biased decision-making, and even unauthorized data usage aren’t hypothetical; they’re real challenges…

Sprinto Is SOC 2 Compliant

Security and trust are at the heart of everything we build at Sprinto. We’re excited to share that Sprinto is officially SOC 2 compliant. This certification reinforces our commitment to upholding the highest standards for data security, availability, and confidentiality.  As a company that empowers others to meet the requirements of SOC 2 with confidence…

ISO 42001 Certification: Steps, Cost, Timelines for ‘AI first’ compliance

As AI systems are increasingly deployed across industries, the need for ethical guardrails has never been more urgent. A recent US Responsible AI Survey by PwC revealed that only 11% of executives have fully implemented responsible AI practices like inclusiveness and accountability. That’s an alarming figure. As AI has pervaded industries from healthcare to finance,…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales