I recently came across an article by Microsoft that spoke about the importance of AI companies in the healthcare industry becoming HITRUST certified. It made me realize that, while AI remains in its infancy, many are struggling to trust the technology in the healthcare space.

Article by Michael Reddy, President at Digital Authority Partners

A large reason for this apprehension is that people are struggling to trust that their data is safe in the hands of such a new technology.

This is understandable – how are people supposed to trust something when they know so little about it?

The answer is usually that they have back-up from a certified, verifiable source. In the case of AI and other medical software within the healthcare industry, this is often left to certification known as HITRUST.


HITRUST is a certification required by organizations that handle protected health information. It consists of a combination of different security standards that already exist, which include:

  •      HIPPA
  •      HITECH
  •      PCI
  •      COBIT
  •      NIST
  •      FTC

This not-for-profit organization created the “Common Security Framework”, which has quickly become the most widely applied security framework in the USA according to HealthcareWeekly.

To become HITRUST certified, you must apply for an initial assessment process that can last between 3 and 4 months depending on the complexity of your organization and the time of year.

You must also commit to yearly reassessments to make sure that you are continuously up to date with the latest security measures.

If you’re still wondering why, as an AI company, you should work on becoming HITRUST certified, let us provide you with some compelling reasoning.

Medical Software Is Becoming More Important

Medical software is becoming an increasingly important part of healthcare, with wearable devices and the mobilization of previously restrictive medical equipment partly to blame.

According to Othogonal, medical software is also increasing independent from hardware, allowing clients to run the same applications from several different devices.

This is great news, as it means people can transfer information from one device to another; whether that be from a phone to a wearable device, or from a wearable device to a doctor’s computer.

Medical software being used in such a manner requires sharing often sensitive data across platforms, and having it stored within said software through accounts that could potentially be hacked into and shared without permission if the right precautions aren’t taken.

In this instance, becoming HITRUST gives people the trust they need in AI, which as we mentioned earlier in the article is still a very new technology to most people, to continue using—or start using—your software. Without it, you could lose customers, and limit your ability to advertise the thing you have been working hard on.

Data Breaches In Healthcare Are Rising

One of the biggest concerns with healthcare’s digital revolution was over the safety of data being stored through online software.

This is still a big concern for the general public, and perhaps for good reason, when you realize that data Breaches are continuing to rise. In fact, Digital Authority Partners reports that a cyber-attack happens every 39 seconds.

To reassure the target audience of your AI developments that their data will never be included in one of these attacks, or that the risk of it happening has been significantly reduced, you need some form of verified certification.

This will help to overcome your client’s fears about the precautions they may need to take in order to prevent foul play from occurring when interacting with your software.

Becoming HITRUST certified as an AI company to avoid data breaches isn’t just useful for your clients, however.

The yearly reassessments can also help your company stay up to date with the latest developments, and helps you to keep on top of your software by providing you with all the information you need to make changes where necessary.

It Proves That Your Company Makes Data Protection A Priority

With AI considered to be in its infancy in the eyes of healthcare executives and consumers alike, you need to prove that you are the company that will put their privacy at the top of your priority list.

This is difficult to prove and, like with most things, actions usually speak louder than words.

Essentially, people are going to listen more to AI companies who are willing to take action and prove that they are making consistent updates to protect data over those who simply say that are they are with no proof.

Due to the yearly reassessments, HITRUST is the perfect way to put your money where your mouth is and prove that your company is committed to your client.

Not only will this appeal to your clients, but with HITRUST’s Common Security Framework being the most popularly implemented in the US, it will be recognized among most professionals.

This means that if your AI company is targeting executives and other senior members of healthcare staff, you will be able to provide them with instantly recognizable certification of your privacy commitment.


The truth is, AI companies are at an automatic disadvantage when it comes to proving that your technology is safe for use and protects the privacy of users.

This is due to the belief by many that AI is simply in its infancy stages, and it’s too difficult to tell the true implications of using it to handle big data at this moment in time.

With certification like HITRUST, however, it is possible to overcome people wary of investing or implementing your software because of concerns like the above.

Due to the fact that it is recognized throughout the USA, your disadvantage turns into an advantage as you can easily display your commitment to being compliant. This information can also be referred onto clients, either directly or through healthcare services, which will only increase your profits and potential custom over time.

With these reasons provided, the question is not whether or not you should become HITRUST certified, it’s why you haven’t already taken the leap.

With so many people struggling to trust such a new technology, you need to get ahead of the game and make sure your certification request is filed today.


Please enter your comment!
Please enter your name here