The saying, “kill two birds with one stone” accurately depicts why it may make sense for you to pursue SOC 2 + HITRUST. The SOC 2 + HITRUST incorporates certain criteria from the HITRUST Common Security Framework (CSF). HITRUST, a health information alliance, established the CSF as an information security framework that utilizes existing security requirements across various standards including HIPAA, PCI etc. The AICPA (Assure’s governing body) has developed mapping between the SOC 2 trust services principles and the HITRUST CSF. The SOC 2 + HITRUST allows our clients whom are required to meet both standards to undergo one unified audit. This unified audit and resulting report will cover both the HITRUST CSF and SOC 2 criteria in an efficient manner.