The HITRUST Common Security Framework (CSF) provides an overarching set of standards that is designed to guide healthcare organizations through compliance with a wide variety of laws and regulations. The HITRUST CSF provides a certifiable framework that gives healthcare organizations a comprehensive and efficient path to regulatory compliance. The CSF incorporates 14 categories of security controls, comprising 156 individual control specifications covering all aspects of cybersecurity, from program management through privacy practices.