XIFIN Exceeds Stringent SSAE 18 Auditing Requirements to Provide the Highest Levels of IT Availability and Security

Leader in IT solutions for diagnostic service providers safeguards customer data with commitment to highest security standards 

SAN DIEGO, Calif., -- April 3, 2018 -- XIFIN, Inc., the healthcare information technology company revolutionizing the business of healthcare diagnostics, today announced the successful completion of the new Statement on Standards for Attestation Engagements (SSAE) 18, Service Organization Control SOC 1 and SOC 2 Type 2 audits. Conducted by an independent auditor, the audits review XIFIN's internal controls for the financial integrity of their service and confirm that XIFIN's operations, system architecture and security controls support the provision of highly secure, available and private cloud-based software and services.

The company's flagship next generation revenue cycle management solution, XIFIN RPM, used to bill $29B in laboratory claims annually, has been verified to meet the standards for a secure, high availability, SSAE 18 and SOC1 and SOC2 compliant technology platform. Residing on the only certified Tier IV+ Gold data center, the platform delivers a coveted four 9s uptime, with complete data replication and a fully redundant infrastructure.

"The healthcare industry has some of the most demanding data confidentiality and security requirements in the world, and our customers require absolute confidence in their information system vendor's ability and commitment to ensuring data integrity for cloud-based systems and services," stated Bill Floeter, VP of security and compliance for XIFIN. "Compliance with SSAE 18 validates that XIFIN's processes and procedures meet the industry's stringent standards and best practices, and assures our customers that we have the infrastructure and controls in place at every level to protect their sensitive financial and clinical information."

The American Institute of Certified Public Accountants recently updated attestation standards for SOC 1 and SOC 2, and effective May 1, 2017, organizations must pass SSAE 18 in order to be certified as maintaining the internal controls and security measures compliant with these new protocols. The SOC 2 audit is based on existing SysTrust and WebTrust principles, and provides third-party assurance regarding an organization’s internal operating practices and information systems. 

Serving the healthcare diagnostics market for 20 years, XIFIN provides cloud-based technology solutions, business intelligence and consulting services to a broad range of the nation's largest and most complex diagnostic service providers in the laboratory, radiology and medical device markets. The company's leading product, XIFIN RPM, offers laboratory billing solutions for both in-house and outsourced clients with automated workflows to maximize cash collection; real-time and mobile business intelligence; built-in reporting packages for PAMA and FASB requirements; enhanced patient and physician portals and a best-in-class high-availability environment.

About XIFIN, Inc.

XIFIN is a healthcare information technology company that leverages diagnostic information to improve the quality and economics of healthcare. The company's cloud-based technology facilitates connectivity and workflow automation for accessing and sharing clinical and financial diagnostic data, linking healthcare stakeholders in the delivery and reimbursement of care. To learn more, visit or follow XIFIN on Twitter and LinkedIn.


Media Relations

To speak with XIFIN directly, contact Fran DuCharme at 858.436.2939 or complete the form below for assistance.