Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » HiTRUST » HITRUST Inheritance Program

HITRUST Inheritance Program

The HITRUST Inheritance Program lets organizations rely on shared security controls provided by internal IT services or external third parties, like service providers, vendors, cloud platforms (SaaS, IaaS/PaaS), colocation data centers, and other managed services.

For example, if you’re using Salesforce, the HITRUST Inheritance Program allows you to incorporate the controls Salesforce uses into your audits and assessments.

This means you don’t have to review Salesforce’s audit reports individually. Instead, your assessor can rely on the fact that Salesforce has already met the required testing for those controls and their HITRUST assessor has reviewed everything. It simplifies the process and saves time while ensuring compliance.

Now, here’s how you can use HITRUST Inheritance:

External Inheritance: You can adopt up to 85% of the control testing scores from HITRUST-certified third-party Cloud Service Providers (CSPs).
Internal Inheritance: You can also inherit results from your organization’s assessments, but this feature is available only with Corporate and Premium subscriptions.

This makes it easier to leverage existing compliance work and streamline your own assessments.

Additional reading

Blogs Tools

Secureframe Pricing: Should You Invest?

Evaluating compliance automation tools is a cumbersome process, and there’s no denying the fact that the market is crowded. All of them promise faster audits, automated evidence collection, and seamless integrations. But do all businesses have the same requirements + budget? Not likely. If you’re exploring Secureframe’s pricing, you’re obviously looking for an efficient way…

Blogs

Sprinto Named G2 Leader in Security Compliance (Again!)

G2 Fall 2022 Reports are out and we’re thrilled to announce that Sprinto has been recognized as a Leader in Security Compliance, once again!

Blogs Cybersecurity

NIS2 Directive Scope: Does It Apply to You?

This November, a concerning revelation came to light: over a fifth of senior cybersecurity professionals at the UK’s largest organizations were unsure whether the EU’s NIS2 directive applied to them. The study by Green Raven Limited stated that 22% of respondents admitted they didn’t know if the directive impacted their business—a significant gap in awareness…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales