Back to Resources | Press Releases

BARR Advisory Releases Exclusive Resources on Healthcare Compliance

August 15, 2023 | HITRUST

KANSAS CITY, Mo. — BARR Advisory has released a pair of exclusive resources for healthcare organizations aiming to improve their security postures and better manage third-party risk.

In a new whitepaper, the cloud security and compliance solutions firm takes a deep dive into the 19 domains within the HITRUST Common Security Framework (CSF) and explores why each is integral to a comprehensive information security program.

The whitepaper calls HITRUST CSF “a comprehensive and flexible framework” that is quickly “becoming a benchmark for cybersecurity best practices” even beyond the healthcare industry.

Steve Ryan, BARR’s attest services manager specializing in healthcare compliance, echoes that sentiment in the latest installment of the firm’s cyBARR Chats series.

The recently released episode breaks down the new partnership between HITRUST and Health3PT, aimed at providing healthcare organizations with more comprehensive third-party risk management solutions.

According to Ryan, HITRUST’s suite of certification options empowers organizations across all stages of growth to implement many of the key tenets of Health3PT’s Recommendation Practices and Implementation Guide, which outlines actionable solutions for improving data security and managing third-party risk.

The HITRUST e1, i1, and r2 assessments share common control requirements, allowing organizations to progressively achieve higher levels of assurance as their levels of risk change.

“The HITRUST Assurance Program is designed to grow with your organization,” Ryan said. “Regardless of where your organization is in its HITRUST journey, our team at BARR Advisory is ready to help at every step of the way.”

BARR is one of just nine firms in the U.S. that is accredited to audit against all three of the highest-regarded cloud security standards: HITRUST, SOC 2, and ISO/IEC 27001. 

Learn more about BARR Advisory.


BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.

BARR Advisory services include:

  • Compliance Program Assistance
  • SOC 1 Examinations 
  • SOC 2 and 3 Examinations
  • SOC for Cybersecurity
  • PCI DSS Assessment Services 
  • ISO 27001 Assessments
  • FedRAMP Security Assessments 
  • HIPAA/HITECH Services 
  • HITRUST Services
  • Penetration Testing and Vulnerability Assessments
  • Cybersecurity Consulting


Michelle Carson
BARR Advisory
[email protected]