MuleSoft is thrilled to announce that we have achieved HITRUST CSF Certification. This certification will greatly assist our customers in accelerating their time to market for a diverse range of strategic initiatives in the healthcare sector.
What is HITRUST?
Health Information Trust Alliance (HITRUST) is a globally recognized security framework that provides organizations with a comprehensive, certifiable approach to managing risk and protecting sensitive information.
The HITRUST Common Security Framework (CSF) harmonizes the requirements of multiple regulations and standards into a single, unified framework – making it the gold standard for information security assurance. This significant milestone underscores MuleSoft’s unwavering commitment to data protection and regulatory compliance.
Regulatory compliance
This certification demonstrates MuleSoft’s compliance with key healthcare and data protection regulations, including Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH). Additionally, the HITRUST framework incorporates requirements from NIST, ISO, PCI-DSS, and GDPR, ensuring a comprehensive approach to regulatory adherence.
Data protection
The HITRUST certification covers the protection of Protected Health Information (PHI), Electronic Protected Health Information (ePHI), and Personally Identifiable Information (PII), ensuring that sensitive patient and member data remains secure throughout its lifecycle.
Value to our customers
MuleSoft’s HITRUST certification is crucial for any healthcare provider, hospital system, health insurance or payer organization, life sciences or pharmaceutical company, healthcare technology vendor, or any organization handling Protected Health Information (PHI).
It ensures that we meet the highest standards for data protection and compliance, giving these customers high confidence their sensitive information is secure. This certification demonstrates our commitment to safeguarding customer data and allows them to focus on delivering exceptional care and services to patients and clients.
MuleSoft’s HITRUST certification delivers incredible value to our customers across several dimensions that include:
- Faster vendor onboarding and “assess once, report many”: Security reviews can often be the bottleneck in a new digital transformation project. By achieving HITRUST, MuleSoft provides a pre-validated security posture that your compliance teams can trust immediately and benefit from reduced audit fatigue, and accelerated time-to-market.
- The power of inheritance: If your organization is pursuing its own HITRUST certification, you can ‘inherit’ the controls already validated by MuleSoft. This means you don’t have to spend time or resources testing the security of the MuleSoft platform yourself. You can simply pull our validated evidence into your own assessment, significantly lowering your cost and effort of compliance.
- Threat-adaptive assurance: Cyber threats evolve every day. The HITRUST certification is unique because its control set is updated quarterly to reflect the latest threat intelligence. This ensures annual recertification is conducted against the latest controls. When you build on MuleSoft, you’re building on a platform that is continuously adapting to keep your data safe.
This HITRUST certification covers both our Legacy Commercial Architecture as well as MuleSoft on Hyperforce to ensure coverage for all customers requiring HITRUST throughout the migration to Hyperforce.
Our commitment to trust
At MuleSoft and Salesforce, trust is our number one value. Achieving the HITRUST certification is a key step in our journey to provide the most secure and reliable integration platform on the planet. Whether you are a startup looking to enter the healthcare market or a global enterprise looking to streamline your compliance program, we are here to help you connect your data—and your customers—with total confidence.
Ready to learn more? Check out our Trust Center to see our full list of certifications and how we’re keeping your data secure.
