BDO USA, LLP Achieves HITRUST CSF Assessor Designation for Healthcare Organizations

December 2016

Sally Slater
Bliss Integrated Communication

Chicago, Dec. 1, 2016 – BDO USA, LLP, a leading provider of accounting and consulting services, today announced that it has been approved as a HITRUST CSF Assessor by the Health Information Trust Alliance (HITRUST). With this achievement, BDO USA is now approved to provide services using the HITRUST CSF, a comprehensive security framework that addresses the multitude of security, privacy and regulatory challenges facing healthcare organizations in order to comply with healthcare (HIPAA, HITECH), third-party (PCI, COBIT), and government (NIST, FTC) regulations and standards.

CSF Assessors are critical to helping uphold information security and privacy standards for the healthcare industry and a core component of the HITRUST CSF program by providing trained resources to healthcare organizations of varying size and complexity to assess compliance with security control requirements and document corrective action plans that align with the CSF. CSF Assessors such as BDO USA serve as a key component of the program by providing assessment and remediation services.

“The industry’s transition to electronic health records (EHRs), though critical to progress and innovation, has also opened the door to significant security and privacy risk,” said Patrick Pilch, Managing Director & National Leader of The BDO Center for Healthcare Excellence & Innovation. “As an approved HITRUST CSF Assessor, BDO can help healthcare clients ensure they meet all regulatory requirements while protecting sensitive client and patient data.”

“The healthcare industry was the top target for cyberattacks last year, and as events this year have shown, that trend is not slowing down,” said Shahryar Shaghaghi, National Leader of BDO’s Technology Advisory Services practice and Head of International BDO Cybersecurity. “Clients that take advantage of the HITRUST framework can streamline HIPAA compliance and mitigate cyber vulnerabilities.”

“Trust is a critical element of effective healthcare. That trust is built on a promise of confidentiality which, when broken—even inadvertently—jeopardizes the provider-patient relationship,” said Josh Ayers, Audit Managing Director in BDO’s Assurance practice. “Organizations certified under HITRUST can provide their patients and partners with ease of mind, ensuring they’re doing everything they can to safeguard sensitive information.”
“We are pleased to have BDO as a CSF Assessor to help healthcare organizations with the process of adopting and utilizing the CSF's requirements and give their customers confidence in the protection of their information,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “The company’s long-standing leadership in health IT privacy and security solutions make it a perfect addition to our program.”

With the second phase of the U.S. Department of Health and Human Services’ Office of Civil Rights’ auditing efforts around HIPAA underway, BDO advises healthcare organizations to review their internal compliance and security controls and implement any necessary remediation actions.
About The BDO Center for Healthcare Excellence & Innovation
The BDO Center for Healthcare Excellence & Innovation unites recognized industry thought leaders to provide sustainable solutions across the full spectrum of healthcare challenges facing organizations, stakeholders and communities. Leveraging deep healthcare experience in financial, clinical, data analytics and regulatory disciplines, we deliver research-based insights, innovative approaches and value-driven services to help guide efficient healthcare transformation to improve the quality and lower the cost of care. For more information, please visit
BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals.  The firm serves clients through more than 60 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multi-national clients through a global network of more than 1,300 offices in over 150 countries. 

BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. For more information, please visit: