Press Releases

Episource Achieves HITRUST CSF® Certification and HITRUST Certification of the NIST Cybersecurity Framework

Certified Status Demonstrates a Cutting Edge Cybersecurity Program


LOS ANGELES, February 5, 2019. Episource, a leading provider of risk adjustment and quality solutions to healthcare payer organizations, today announced it worked with ecfirst to earn Certified status for information security in its epiEncounter and epiAnalyst solutions by HITRUST. 

HITRUST CSF Certified status demonstrates that Episource’s epiEncounter and epiAnalyst have met key regulatory requirements and industry-defined requirements and are appropriately managing risk. This achievement places Episource in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“Episource’s HITRUST certification was a smooth process as a result of innovative tech thoughtfully built into our systems,” said Eric Simonsen, Chief Operating Officer of Episource. “This allowed us to provide audit evidence and supporting documentation that were critical components of the certification process.”

In an increasingly fast and complex world, Episource is reinventing the way healthcare organizations manage risk adjustment for their member populations through elegantly simple solutions for analytics, submissions, in-home health assessments, coding, and chart retrieval.



About Episource
Episource is driven to collect data that’s insightful and accurate. With innovative technology for end-to-end risk adjustment projects, our mission is to help Payer Healthcare Organizations meet their members’ needs in a way that results in more accurate risk scores and Stars ratings.

From robust Risk Adjustment Analytics, Retrospective Chart Reviews, Quality Reporting, Encounter Data Submissions, and in-Home Health Assessments, Episource starts with the smallest details and translates them to create better insights around patient disease profiles and care gaps.

Episource is headquartered in Gardena, California. For more information on Episource, visit


About ecfirst
ecfirst delivers compliance and cybersecurity services across the United States, and globally. With deep expertise in cyber standards such as NIST, HITRUST, and ISO 27001, and extensive experience with regulations including HIPAA and GDPR, ecfirst provides flexible solutions ranging from managed compliance and on-demand consulting. The bizSHIELD™ ecfirst signature methodology is supported by a world-class suite of certification training programs: Certified HIPAA Professional (CHP), Certified Security Compliance SpecialistTM (CSCSTM), and the Certified Cyber Security ArchitectSM (CCSASM). Each ecfirst engagement includes complimentary access to TRACERSM, a cybersecurity and compliance portal.

ecfirst is a HITRUST Authorized Assessor. For more information on ecfirst, visit


The Health Information Trust Alliance, or HITRUST, is a privately held company located in the Frisco, Texas that, in collaboration with healthcare, technology and information security leaders, has established a Common Security Framework (CSF) that can be used by all organizations that create, access, store or exchange sensitive and/or regulated data. The CSF includes a prescriptive set of controls that seek to harmonize the requirements of multiple regulations and standards. For more information on HITRUST, visit


We simplify the management of member programs by making it radically more efficient, and increasing value to healthcare organizations and their members

Presentation @ RISE VBC: Effective Collaboration Strategies Between Payer & Provider