HITRUST CSF v11.2 is the latest version of the HITRUST Common Security Framework, providing a comprehensive approach to regulatory compliance and risk management for organizations handling sensitive information. This update refines the controls and assessment methodology from v11, incorporating feedback from industry practitioners and adapting to the evolving threat landscape. The framework harmonizes multiple industry standards and regulations including HIPAA, GDPR, NIST, ISO, PCI, and others into a single overarching framework, allowing organizations to address multiple compliance requirements through a unified assessment. HITRUST CSF v11.2 employs a risk-based approach with maturity-level scoring across its control categories, enabling organizations to demonstrate their security posture with scalable levels of assurance from self-assessment to validated assessment with certification.