Skip to main content

HITRUST i1 & r2 Readiness Assessments

Fixed-fee HITRUST i1 and r2 readiness assessments for healthcare organizations all throughout North America.

Fixed-fee Validated Assessments for healthcare organizations

NDB offers HITRUST Implemented, 1-year (i1) Validated Assessments for fixed fees for healthcare organizations all throughout North America. Per HITRUST, they are“...addressing the need for a continuously relevant cybersecurity assessment that aligns and incorporates best practices and leverages latest threat intelligence to stay ahead of information security risks and emerging cyber threats, such as ransomware”. As a result, the i1 Assessment includes coverage of controls for addressing emerging cyber threats active as of now, while also continuing to address new threats as they surface.

HITRUST i1 and r2 validation and certification compliance is a goal many healthcare organizations throughout North America are striving for. And per HITRUST®, “Before starting the Certification process, HITRUST recommends a self-assessment or readiness assessment be performed to prepare organizations for the validated assessment.”

A readiness assessment is highly important for helping properly scope the actual engagement, determining what gaps exist, while also putting in place a roadmap for remediating control deficiencies, along with planning for major milestones for the project itself.

If you’re a healthcare organization located in North America – starting with a HITRUST self-assessment or readiness assessment for the i1 and/or r2 validation and certification is critical, and NDB can assist.

Benefits of NDB’s i1 and r2 HITRUST Readiness Assessments

Assessing Scope: Depending on which validated assessment offering you choose - i1 or r2, performing a HITRUST Readiness Assessment is crucial. After all, organizations will want to have a clear picture in terms of critical scoping and remediation issues prior to performing an actual validated assessment. Key areas covered with NDB’s HITRUST Readiness Assessment are determining business processes, information systems, personnel, and third-party applicability deemed in scope.

Determining Documentation Requirements

Earning HITRUST i1 and/or r2 validation and certification requires that healthcare organizations have in place a large number of InfoSec and operational policies and procedures, ranging from information security policies to operational policies, and more. Knowing the types of documents that need to be developed, gaps that exist, and the roadmap for remediation for policies and procedures, are a few of the advantages of performing a HITRUST i1 and/or r2 Readiness Assessment.

It's essential to note that because no two healthcare companies are alike in terms of their business models and operations, customized security policies will need to be developed reflecting one’s actual control environment. Using pre-populated security policy templates is not going to work, rather, a customized approach whereby information security policies and procedures truly reflect an organization’s controls is what’s needed, and necessary.

NDB can assist with essential HITRUST i1 and/or r2 information security policy writing – it’s one of our core remediation services offered to healthcare organizations located all throughout North America.

Understanding I.T./Security Remediation: Protecting consumer healthcare information requires healthcare organizations to put in place numerous information security and operational best practices. From encryption to two-factor/multi-factor authentication, Data Loss Prevention (DLP), File Integrity Monitoring (FIM) – and more – NDB can help in determining what security tools and solutions are necessary.

HIPAA & HITRUST Compliance Experts

This can take time, but with NDB at your side, the process becomes much quicker and more efficient. NDB has years of experience working in the healthcare sector. We know healthcare inside and out, and we also know HIPAA and HITRUST and what it truly takes to become compliant. Contact NDB today at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more about our fixed-fee services and solutions for HITRUST certification.