Armor Helps Simplify HIPAA Compliance

HITRUST CSF-Certified Solutions
Armor is certified by HITRUST whose framework is designed to simplify HIPAA compliance requirements by providing prescriptive compliance guidelines.

Inherited Compliance Controls
Our technology was built to address the risk-based nature of HIPAA compliance.

HIPAA Compliance Support
Our security team provides 24/7/365 support to help you overcome any compliance challenge.

Security-driven Compliance
True cloud security means compliance is an outcome of a security program, not its goal. Our approach to security does just that—proactive cybersecurity powered by the experts in our 24/7/365 Security Operations Center.

It wasn’t just about achieving HITRUST CSF certification, though that was the original intention. Now it’s about moving beyond certification and becoming a security thought leader in the healthcare industry.
Brenton McKinney VP of Security
Medecision

Compliance Standards We Support

Armor Compliance Hightrust Logo
Logo Cert Ssae
Armor Compliance Pci Logo
Logo Cert Iso
Logo Privacy Shield Framework
Logo Cert Hipaa

Inherited HITRUST CSF Controls

Armor customers benefit from inherited HITRUST CSF controls just by securing their data workloads and applications with our certified solutions. This means streamlined audits and cost savings for organizations.

Click on the tabs below to see key HITRUST CSF controls addressed by our solutions:

Armor Security Services HIPAA/HITECH Controls HITRUST CSF v8 Controls Required for Certification Risk Mitigation
Intrusion Detection Security best practice – implied control under 164.306(A) 09.m Malicious allowed traffic
Internal Network Vulnerability Scanning Included in §164.308(a)(1) 10.m Exploits due to missing patches/updates; improper network firewall configuration
File Integrity Monitoring §164.312(e) 09.ab, 10.h Monitoring unauthorized changes to critical files
OS Patching/Updating Security best practice implied control under 164.306(A) 10.m OS weaknesses
Malware Protection §164.308(a)(5)(ii)(B) 09.ab(HT4), 10.h Compromise due to virus/malware infection
Log & Data Management §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) 09.aa, 09.ab, 09.ac Detection of malicious activity
*Please note that the above table does not represent all HITRUST controls nor those covered by Armor. View the full compliance matrix for additional information.

Armor Security Services HIPAA/HITECH Controls HITRUST CSF v8 Controls Required for Certification Risk Mitigation
IP Reputation Filtering §164.308(a)(1)(ii)(A) 09.m Activity from known bad sources
DDoS Mitigation Security best practice implied control under 164.306(A) 09.m, 09.h (included in Level 2 implementation) Loss of availability due to high volume of malicious activity
Web Application Firewall Security best practice – implied control under 164.306(A) 09.m Application layer flaws and exploits
Intrusion Detection Security best practice implied control under 164.306(A) 09.m Malicious allowed traffic
Network Firewall (Hypervisor-Based) Security best practice implied control under 164.306(A) 01.m, 01.o, 01.w, 09.m Unwanted network connectivity
Secure Remote Access (Two-factor authentication) §164.312(d), §164.312(a)(2)(iii) 01.j, 05.i, 09.s Unauthorized remote use of administrative access
Secure Remote Administrative Access §164.312(d) 01.j, 05.i, 09.m, 09.s Disclosure of administrative credentials
OS Patching/Updating Security best practice implied control under 164.306(A) 10.m OS weaknesses
Malware Protection §164.308(a)(5)(ii)(B) 09.ab, 10.h Compromise due to virus/malware infection
Log & Data Management §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) 09.aa, 09.ab, 09.ac Detection of malicious activity
Physical Security §164.310(a)(2)(i), §164.310(a)(2)(ii), §164.310(a)(2)(iii), §164.310(a)(2)(iv) 08.b, 08.d, 08.j, 09.ab, 09.q Physical theft or compromise of data
*Please note that the above table does not represent all HITRUST controls nor those covered by Armor. View the full compliance matrix for additional information.

Armor Compliance Expertise: HIPAA

Armor is HITRUST CSF certified. We are HIPAA compliance experts. In fact, HITRUST chose us to secure their MyCSF application. Plus, you’re compliant the day you entrust your security needs with Armor.

Our talent and best-of-breed security technologies culminate in a heightened level of cloud security and compliance that only Armor can deliver.

  • Our CISO Is Your CISO: Extend your cloud security roster with proven security talent. We streamline audits and assessments with hands-on expertise and guidance through any HIPAA and HITRUST CSF cloud compliance challenge.
  • Certifiable Cyber Security Experts: The individuals in our Security Operations Center and compliance team have industry-leading certifications.
  • Proven Cloud Security Results: Our Security Operations Center analyzes over 224M events and handles over 80 incidents daily.

Ready to Get Started?

Get started with our pricing tool or chat with our experts for answers on-demand.