CompliancePoint Auditor Profile
CompliancePoint is a HITRUST-authorized assessor organization based in Georgia with independent CPA assurance capability. Specializes in healthcare compliance and multi-framework assessments.
Founded in 2010, CompliancePoint has established itself as a trusted partner for healthcare and technology companies navigating complex compliance requirements. Their HITRUST authorization and integrated approach to multi-framework assessments allow clients to achieve multiple certifications efficiently through coordinated engagements.
What CompliancePoint Does Well
- HITRUST authorized — Full authorization to perform HITRUST CSF validated and certified assessments.
- Healthcare focus — Deep expertise in HIPAA, HITRUST, and health information security.
- Integrated assessments — Combines HITRUST with SOC 2 for efficiency in healthcare SaaS companies.
Engagement Process
- Discovery call to understand compliance objectives and current security posture.
- Scoping and framework selection based on business requirements and customer demands.
- Readiness assessment with gap identification and remediation roadmap.
- Formal assessment fieldwork including control testing and evidence validation.
- Report delivery with findings review and ongoing compliance maintenance guidance.
Pricing Expectations
CompliancePoint offers competitive pricing for HITRUST and healthcare compliance assessments. HITRUST validated assessments start around $30,000, SOC 2 Type II engagements from $20,000, and HIPAA risk assessments from $15,000. Organizations pursuing combined HITRUST and SOC 2 assessments may benefit from efficiency savings through their integrated approach.
Who Should Choose CompliancePoint
CompliancePoint is ideal for healthcare SaaS companies, health IT organizations, and technology firms handling protected health information that need HITRUST certification, HIPAA compliance, or combined multi-framework assessments from a specialized, authorized assessor with deep healthcare domain knowledge.