Databricks, a provider of unified data analytics, has announced that Azure Databricks is now certified for the HITRUST Common Security Framework (HITRUST CSF).
HITRUST collaborates with privacy, information security, and risk management leaders from the public and private sectors to develop, maintain, and provide common risk and compliance management frameworks and related assessment and assurance methodologies. HITRUST created and maintains the Common Security Framework (CSF), a certifiable framework to help organizations and their supply chains demonstrate security and compliance in a consistent and streamlined way. The CSF builds on HIPAA and the HITECH Act, and incorporates security, privacy, and other regulatory requirements from existing frameworks such as the PCI DSS, ISO 27001, and MARS-E.
“Azure Databricks helps customers address security and compliance requirements for regulated industry use cases, such as genomics, patient health analytics, and billing and payment solutions,” said David Cook, Chief Information Security Officer at Databricks. “The HITRUST CSF provides a benchmark and maturity model that builds upon HIPAA, NIST, ISO, COBIT, and SOC 2. We are pleased to demonstrate our commitment to security and compliance across use cases and industry verticals with the HITRUST CSF Certification.”
With HITRUST, organizations can measure and benchmark compliance using a standardized compliance framework, assessment, and certification process. HITRUST offers three degrees of assurance and Azure Databricks has met all of the requirements for CSF certification for the highest degree of assurance. Azure Databricks joins many other Azure services in formal certification with the HITRUST CSF, enabling customers to create and deploy cloud-based applications with confidence.
For more detail, read the HITRUST certification announcement blog post, view the Azure Databricks HITRUST CSF certification.