ACA Aponix Achieves HITRUST CSF Assessor Designation

February 14, 2019

We're pleased to announce that ACA Aponix® has been designated as a HITRUST CSF Assessor by HITRUST. This achievement allows us to provide services using the HITRUST CSF, a comprehensive security framework that addresses the multitude of security, privacy, and regulatory challenges facing organizations in order to comply with healthcare (HIPAA, HITECH), third-party (PCI, COBIT), government (NIST, FTC), and other industry-specific regulations and standards.

CSF Assessors are critical to helping uphold information security and privacy standards for the healthcare industry. The program provides resources to assess an organization’s compliance with security control requirements and document corrective action plans that align with the HITRUST CSF. As a HITRUST CSF Assessor, ACA Aponix can provide assessment and remediation services to all industries that deal with protected health information (PHI) and/or personally identifiable information (PII).

"As a certified HITRUST CSF Assessor, ACA Aponix is excited to better serve the healthcare industry as well as our private equity clients who invest in healthcare-focused portfolio companies," said Raj Bakhru, Partner at ACA Aponix. “With healthcare data breaches on the rise, it's more critical than ever for healthcare organizations to adopt the HITRUST’s CSF requirements. Major industry participants, such as the largest insurance payors, are demanding and expecting HITRUST CSF certification from their affiliates, which speaks to the HITRUST CSF's quality as a healthcare standard and its importance to current and potential private equity sponsors. I would like to thank the ACA team for their dedication to achieving this designation and our clients for their continued support."

"We are pleased to have ACA Aponix as a CSF Assessor to help organizations with the process of adopting and utilizing the HITRUST CSF's requirements and give their customers confidence in the protection of their information," said Ken Vander Wal, Chief Compliance Officer at HITRUST. "ACA's long-standing expertise and leadership in IT privacy and security solutions make it a perfect addition to our program.”

About ACA Aponix

ACA Aponix, a division of ACA Compliance Group, provides cybersecurity and technology risk assessments, vendor and M&A diligence services, network testing, and advisory services. Our team of highly experienced technologists combines expertise across the breadth of cybersecurity and information technology. Our award-winning Technology Risk Assessment is designed to address the latest requirements from regulators and boards. We offer a suite of consulting and advisory services designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.

For More Information

For more information, please contact your regular ACA Aponix consultant or email us at