American Financial Resources Receives SOC 2 Type II Attestation

Independent Audit Verifies American Financial Resources’ Internal Controls and Processes

Parsippany, NJ – American Financial Resources, a full-service mortgage lender, today announced that it has successfully completed its SOC 2 Type II audit. This attestation provides evidence that American Financial Resources has a strong commitment to deliver high quality services to its clients by demonstrating they have the necessary internal controls and processes in place.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of American Financial Resources’ controls to meet the standards for these criteria.

“For the last 20 years, our industry success has been built upon the trust and confidence of our customers, clients and suppliers.” said Bill Packer, executive vice president and chief operating officer, American Financial Resources. “This attestation is independent validation and further proof of our ongoing commitment to hold ourselves to the highest of industry standards, which enable us to provide best-in-class service to all those we serve.”

“The SOC 2 audit is based on the Trust Services Criteria. American Financial Resources has selected the security and availability categories for the basis of their audit,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “American Financial Resources delivers trust-based services to their clients, and by communicating the results of this audit, their clients can be assured of their reliance on American Financial Resources’ controls.”

About American Financial Resources

American Financial Resources, Inc. (AFR), the leading FHA 203(k) lender for sponsored originations in the country and an innovator in the construction and renovation lending area, is ranked among the nation’s leading mortgage lenders. AFR utilizes the latest technology and delivers educational resources to mortgage brokers, loan originators and their customers. For more information, visit www.afrcorp.com.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.

Chartio Receives SOC 2 Type II Attestation

Independent Audit Verifies Chartio’s Internal Controls and Processes

San Francisco, CA – Chartio today announced that it has completed its SOC 2 Type II audit. This attestation provides evidence that Chartio has a strong commitment to delivering high quality services to its clients by demonstrating that the company has the necessary internal controls and processes in place.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of Chartio’s controls to meet the standards for these criteria.

Our security architecture is at the core of everything we do at Chartio,” said Brian Hartsock, VP of Engineering at Chartio.  “As more companies are moving their data to the cloud and more organizations are using Chartio’s data analytics product to enable everyone to get to insights, we want to provide our clients with solutions that adhere to the highest standards. This SOC 2 report confirms our commitment to the most rigorous security, integrity and availability standards and procedures in the industry.”

“The SOC 2 audit is based on the Trust Services Criteria. Chartio has selected the security and availability categories for the basis of their audit,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “Chartio delivers trust-based services to their clients, and by communicating the results of this audit, their clients can be assured of their reliance on Chartio’s controls.”

About Chartio

Chartio is on a mission to democratize data across organizations so that everyone can access, explore, transform, and visualize their data. To that end, Chartio has built a cloud-based data analytics platform that’s simple enough for every department yet powerful enough for the data team. Chartio has been named a “Leader” in Self-Service Business Intelligence software by G2 Crowd. For more information, follow us on Twitter (@Chartio).

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.

CBOSS Meets SOC 1 Type II, SOC 2 Type II, and PCI Standards

Independent Audit Verifies CBOSS’s Internal Controls and Processes

Boardman, OH – CBOSS, a payment processor, today announced that it has received their SOC 1 Type II, SOC 2 Type II, and PCI DSS compliance reports. These reports provide evidence that CBOSS has a strong commitment to deliver high quality services to its clients by demonstrating they have the necessary internal controls and processes in place to deliver quality services to its clients.

KirkpatrickPrice, a licensed CPA and PCI QSA firm, performed the audit and appropriate testing of CBOSS’s controls that may affect its clients’ financial statements, non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system, and controls that are relevant to the storing and transmitting of information from credit, debit, or other payment cards.

SOC 1 Type II is a reporting on the controls at a service organization that was established by the American Institute of Certified Public Accountants (AICPA). This report is in compliance with the SSAE 18 auditing standards and focuses on the controls of a service organization that are relevant to an audit of a user entity’s financial statements. The standard demonstrates that an organization has adequate controls and processes in place. The SOC 1 Type II audit report includes CBOSS’s description of controls as well as the detailed testing of its controls over a minimum six-month period.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of CBOSS’s controls to meet the standards for these criteria.

The PCI Data Security Standard is a complex security standard that focuses on security management, policies, procedures, network architecture, software design, and other critical protective procedures.  These security standards are relevant to any merchant or service provider that uses, stores or transmits information from a payment card. In accordance with the PCI Security Standards Council, KirkpatrickPrice’s Qualified Security Assessors assisted CBOSS in becoming PCI compliant.

“Many of CBOSS’s clients rely on them to protect, process, and store consumer information,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “As a result, CBOSS has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions provided by CBOSS.”

“CBOSS is committed to delivering robust, secure solutions for payment processing to all our customers,” stated Mike Lendvay, Security & Compliance Manager for CBOSS, Inc. “To that end, we strive to make security and reliability integral to every aspect of our operations. We appreciate the KirkpatrickPrice’s thoroughness and we are proud to have met or exceeded all the requirements they validated.”

About CBOSS

The expertise of CBOSS’ specialists empowers all of its clients to focus on their core business, including industry segments such as services, manufacturing, non-profit sector and education.  Solutions include online payment processing, web applications and business process automation.  Since 1994 over 700 businesses and government agencies across the United States and Latin America have looked to CBOSS to deliver feature-rich services and solutions that are cost-effective, reliable and secure.  CBOSS is a validated PCI Compliant Level 1 Service Provider for the Payment Card Industry Data Security Standard (PCI-DSS), which provides the highest levels of security for e-commerce and other e-payment processing services.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.

 

CompuMail Achieves Multiple Compliance Achievements

CompuMail Receives SOC 1 Type II and SOC 2 Type II Attestations, PCI Compliance, HIPAA Security Rule Compliance, and FISMA Compliance

Concord, CA – CompuMail, a direct mail company, today announced that it has completed its SOC 1 Type II, SOC 2 Type II, PCI, HIPAA, and FISMA audits. Compliance with these standards verifies that CompuMail has the proper internal controls and processes in place to deliver high quality services to its clients.

KirkpatrickPrice, a licensed CPA and PCI QSA firm, performed the audit and appropriate testing of CompuMail’s controls. SOC 1 Type I is a reporting on the controls at a service organization that was established by the American Institute of Certified Public Accountants (AICPA). This report is in compliance with the SSAE 18 auditing standards and focuses on the controls of a service organization that are relevant to an audit of a user entity’s financial statements. The standard demonstrates that an organization has adequate controls and processes in place. The SOC 1 Type I audit report includes CompuMail’s description of controls as well as the detailed testing of its controls at a specific point in time.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a Service Organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of CompuMail’s controls to meet the standards for these criteria.

The PCI Data Security Standard is a complex security standard that focuses on security management, policies, procedures, network architecture, software design, and other critical protective procedures.  These security standards are relevant to any merchant or service provider that uses, stores or transmits information from a payment card. In accordance with the PCI Security Standards Council, KirkpatrickPrice’s Qualified Security Assessors tested CompuMail’s controls that are relevant to the storing and transmitting of information from credit, debit, or other payment cards and assisted CompuMail in becoming PCI compliant.

The Health Insurance Portability and Accountability (HIPAA) Security Rule is a national standard set for the protection of consumers’ Electronic Protected Health Information (ePHI). The ePHI that an organization manages must be protected from anticipate breaches by mandating a Risk Assessment and implementing appropriate Physical, Administrative, and Technical Safeguards. HIPAA laws are regulated by the Office for Civil Rights (OCR) and are meant to protect unauthorized use and disclosure of ePHI.

The Federal Information Security Management Act (FISMA) is a United States legislation, enacted as part of the Electronic Government Act of 2002. FISMA’s intent is to protect government information and assets from unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems. CompuMail’s FISMA audit was based on the National Institute of Standards and Technology (NIST) Special Publications 800 171 rev. 1 and 800-53 rev. 4.

Stephanie Kaster, EVP and Chief Sales Officer at CompuMail, stated, “CompuMail understands how critical privacy, security, and reliability are to both our business and that of our clients. We recognize that data is one of the most valuable assets we have these days, which is why we’ve established strong quality management practices to protect and maintain data integrity while hosting and processing our clients’ data. Safeguarding data and ensuring compliance with the highest industry standards is of utmost importance to us and we demonstrate this by continuously adding to our list of externally validated certifications.”

“Many of CompuMail’s clients rely on them to protect sensitive consumer information” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, CompuMail has implemented best practice and industry-accepted controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the direct mail solutions and services provided by CompuMail.”

About CompuMail

CompuMail cultivates partnerships with our clients to ensure that they receive the best results, under the highest level of data security, at the most competitive price.  We provide mailing and communication services, with a real-time portal to meet your management and oversight needs.  Technology changes, business changes, but our commitment to service doesn’t.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.

QIRT Receives SOC 1 Type II Attestation

Independent Audit Verifies QIRT’s Internal Controls and Processes

Floral Park, NY – QIRT, a home health and hospice billing, coding, and consulting company, today announced that it has completed its SOC 1 Type II audit. This attestation verifies that QIRT has the proper internal controls and processes in place to deliver high quality services to its clients.

KirkpatrickPrice, a licensed CPA firm, performed the audit and appropriate testing of QIRT’s controls that may affect its clients’ financial statements. SOC 1 Type II is a reporting on the controls at a service organization that was established by the American Institute of Certified Public Accountants (AICPA). This report is in compliance with the SSAE 18 auditing standards and focuses on the controls of a service organization that are relevant to an audit of a user entity’s financial statements. The standard demonstrates that an organization has adequate controls and processes in place. The SOC 1 Type II audit report includes QIRT’s description of controls as well as the detailed testing of its controls over a minimum six-month period.

“QIRT places the value of quality at the forefront of our company’s mission,” explained Laura Page-Greifinger, President and CEO of QIRT. “Auditing and re-auditing our internal controls ensures that we continue to deliver the highest quality service available to our clients. This attestation reaffirms to the post-acute industry that we don’t merely speak about quality: we act as a true partner, requiring quality internally so we can provide it externally. I am proud of our employees and the operations staff in particular who have set up the appropriate processes to maintain quality and security.”

“Many of QIRT’s clients rely on them to protect consumer information,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “As a result, QIRT has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions provided by QIRT.”

About QIRT

In 2006, QIRT was founded by President/CEO Laura Page-Greifinger, BSN, MPA who worked within the post-acute provider space for over 30 years as a nurse, supervisor, and clinical consultant. QIRT’s initial service was providing multiple types of quality assurance reviews and coding. QIRT has since expanded services to the entire post-acute space including assessment review, hospice coding and eligibility reviews, QAPI audits, and ADR response.

All care providers have workflow processes or operations that create a patient journey from initial referral through reimbursement. The workflow requires quality assurance, education, compliance, and operational strategy within each step of a comprehensive and cyclical process, what QIRT calls: Quality Cycle Management (QCM). QIRT has acquired three post-acute service companies and formed five specialized divisions designed to support post-acute agencies throughout the quality management cycle.

QIRT’s employees undergo vigorous vetting prior to hire and continued oversight and monitoring monthly to maintain top-notch compliance. The company works 24/7/365 days a year.

In 2017, QIRT was named to the 2017 Inc. 500/5000 List of Fastest Growing Companies for the fifth consecutive year. As a leader in the post-acute support industry, QIRT earned the position of 1486, showing a three-year growth of 273%. Inc. magazine reports that companies making this list have, on average, grown six-fold since 2013 in the face of an economy that grew just 6.7 percent during that time. Of the thousands of companies who have applied for this distinction, only 7% have made the list five times, placing QIRT on the Inc. 5000 Honor Roll.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.