As part of our journey in the HITRUST RightStart program, we’ve been surveying the vendor landscape to see who else has HITRUST certification.
Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain.
In this post, we will determine whether Google is HITRUST certified or not.
Since Google is many things to all people, we’ll limit the scope of Google’s product line to G Suite and Google Cloud Platform (GCP).
G Suite is Google’s brand of cloud computing, productivity and collaboration tools. Its most popular services are Gmail, Google Calendar, and Google Drive (including Docs, Sheets, Slides, and Forms).
While these services are typically free to use for consumers, G Suite adds enterprise features such as branded email addresses at a domain (@yourcompany.com), as well as phone and email support.
Formerly known as Google Docs, Google rebranded the service to G Suite in September 2016.
Google Cloud Platform (GCP)
Google Cloud Platform, or GCP, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube.
GCP consists of a set of physical assets, such as computers and hard disk drives, and virtual resources, such as virtual machines (VMs), that are contained in Google’s data centers around the globe.
Google and HITRUST
Although there isn’t a formal HIPAA certification issued by the U.S. Department of Health and Human Services (HHS), HITRUST certification is widely regarding as the closest thing to it.
A quick search revealed that Google does mention HITRUST on its Standards, Regulations & Certifications page.
Is G Suite HITRUST Certified?
On 6 March 2018, Google was issued a HITRUST Certification Letter for G Suite and Google Cloud Platform (GCP).
Conclusion: Yes, Google’s G Suite and Google Cloud Platform are HITRUST certified.
The RightStart program, which is a new initiative from HITRUST, aims to give startups the tools needed to make information security and compliance easier to establish and manage. The newly-introduced program helps startups like us accelerate adoption of the most comprehensive risk management, compliance, privacy and security suite of services in the marketplace.