HealthFirst Financial Receives SOC 1 Type II Attestation

by Sarah Harvey / May 17th, 2017

Independent Audit Verifies HealthFirst Financial’s Internal Controls and Processes for Protecting Healthcare Provider Data and Personal Health Information

Springfield, OR – May 16, 2017 – HealthFirst Financial, a leader in patient financing, has successfully completed a voluntary SOC 1 Type II audit. This attestation, established by the American Institute of Certified Public Accountants (AICPA), verifies that HealthFirst Financial has the proper internal controls and processes to protect provider and patient data and deliver high quality services to its healthcare clients. HealthFirst stands out among other patient financing firms in securing this designation for the second time.

“Protecting our provider clients and their patients’ data is paramount,” said KaLynn Gates, President and Corporate Counsel for HealthFirst Financial. “The recent ransomware attacks hijacking hundreds of thousands of computers in more than 150 countries underscores the importance of ensuring partners and vendors deliver the highest level of security for safeguarding personal health information through robust technology and procedures.  Even before these recent attacks, nearly nine in 10 healthcare organizations had experienced a data breach that involved patient data being stolen, according to a study by the Ponemon Institute.”

KirkpatrickPrice, a licensed CPA firm, performed the audit and appropriate testing of HealthFirst Financial’s controls that may affect its clients’ financial statements. The Service Organization Control 1 (SOC 1) Type II audit report includes HealthFirst Financial’s description of controls as well as the detailed testing of its controls for a one-year period.

“Providers and their patients rely on HealthFirst Financial to protect personal health information,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, HealthFirst Financial has implemented the best-practice controls that all healthcare providers should require of their partners to manage information security and compliance risks.”

Federal regulations such as the Health Insurance Portability and Accountability Act (HIPAA) require corporations to audit the internal controls of their suppliers. KirkpatrickPrice’s expert review validates HealthFirst Financial’s controls and the tests they perform provide assurance regarding the security, confidentiality and privacy of patient payment programs provided by HealthFirst Financial.

About HealthFirst Financial

Founded in 2001, HealthFirst Financial is a national patient financing leader that has helped hundreds of thousands of patients afford care while improving the financial performance of healthcare organizations. HealthFirst Financial is the first and only company awarded the prestigious Peer Review Designation from the Healthcare Financial Management Association for its patient financing programs following a rigorous evaluation of the overall effectiveness, quality and value of its payment solutions.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 550 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 11 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, ISO 27001, FISMA, and CFPB frameworks.

###

Media Contact for HealthFirst Financial

Shannon Conklin

206.618.7801

sconklin@healthfirstfinancial.com