Blog News and Events Thoropass deepens HITRUST partnership, streamlining your path to certification Today we’re announcing a major expansion of our partnership with HITRUST that will make it even easier for organizations to achieve and maintain their HITRUST certifications. Since 2022, Thoropass has been the first and only compliance automation platform that’s also an accredited HITRUST Assessor. Now we’re taking our partnership to the next level: Thoropass will directly integrate with HITRUST’s audit portal, MyCSF, and is now an authorized MyCSF reseller. This means you can work with a single trusted partner throughout your entire HITRUST journey — from initial procurement through control automation and all the way to assessment and certification. Why HITRUST? Organizations in healthcare, finance, and technology need more than just basic security measures — they need a comprehensive, verifiable approach to protecting sensitive data. That’s where HITRUST comes in. Not only is it required to work with many healthcare organizations, but it’s also become the gold standard for managing risk and demonstrating robust security practices across industries. What sets HITRUST apart is its ability to solve the challenge of overlapping compliance requirements. Instead of managing multiple frameworks separately, HITRUST provides a unified approach that addresses numerous regulatory standards like HIPAA, GDPR, and NIST. This means you can meet multiple compliance requirements through a single, comprehensive certification process. What’s New? The biggest change is that we’re directly integrating with MyCSF for HITRUST e1, i1, and r2 assessments. This means direct and automatic two-way syncing of controls and evidence between Thoropass and MyCSF. We’ve also added automated access review and privileged access monitoring for MyCSF users, making it easier to maintain compliance across your organization. What This Means for Current Thoropass Customers: Smoother evidence management: Prior to this integration, Thoropass managed evidence migrations on behalf of users, so you likely won’t notice a major change. But now your evidence will automatically sync between Thoropass and MyCSF, ensuring everything remains consistent across systems. Enhanced access controls: You can now automate access reviews and privileged access monitoring for MyCSF users directly through Thoropass, streamlining your compliance process. Simplified billing: If you’re using both platforms, you can now get everything on a single invoice — no more managing multiple vendors and payment processes. What This Means if You’re New to Thoropass or HITRUST: End-to-end HITRUST procurement: Get everything you need for HITRUST certification from a single vendor — compliance automation, HITRUST certification, and HITRUST assessment, all from a single vendor and on a single invoice. Accelerated timeline: Our integrated tooling can speed up HITRUST assessments by up to 50% compared to standalone platforms. Unified controls: with our HITRUST control library, you can leverage the 60%+ overlap between HITRUST, SOC 2, and ISO 27001 general controls to quickly expand your compliance program. Comprehensive support: Access our library of over 700 controls supporting e1, i1, and r2 assessments, along with automated evidence collection and expert guidance throughout your certification journey. Proven track record: We’re not just a software provider — we’re HITRUST i1 Certified ourselves and have helped numerous organizations achieve their HITRUST certifications. This partnership goes beyond just making compliance easier — it’s about transforming how organizations approach security and compliance altogether. As Blake Sutherland, EVP of Market Engagement at HITRUST, explains: For many years, HITRUST and Thoropass have shared a vision that strong risk management and assurance are key to effectively demonstrating compliance. Through closer integration, we believe that mutual customers will gain efficiencies in their processes while improving relevance and reliability of their assurances. Bringing a deeper level of integration with industry leaders like Thoropass is key to advancing this vision as we seek to push the boundaries for what is possible for greater and greater efficiency and value for our customers. Blake Sutherland EVP of Market Engagement HITRUST Looking Ahead This deeper integration with HITRUST reflects our commitment to making compliance a business enabler rather than just a checkbox exercise. As HITRUST continues to raise the bar for information security compliance, we also continue to evolve our platform to help organizations meet these higher standards more efficiently. Our customers are already seeing the impact of our streamlined HITRUST certification process. Andrew Park, Healthcare Technology Lead at ELEKS, recently shared his experience: Achieving HITRUST certification demonstrates ELEKS’ dedication to meeting the highest security and compliance standards for our current and future healthcare clients. Thoropass has been a true partner, providing clear guidance and setting expectations early throughout our certification process. Andrew Park Healthcare Technology Lead ELEKS Ready to learn more about how Thoropass can streamline your HITRUST certification journey? Visit our HITRUST solutions page or talk to an expert to get a demo. Get Started with HITRUST Your journey to HITRUST certification starts here. The future of health tech is HITRUST! Whether you’re seeking e1, i1 or r2, Thoropass is your most comprehensive solution. Sam Li See all Posts Get Started icon-arrow Sam Li See all Posts Share this post with your network: Facebook Twitter LinkedIn