AICPA, SOC certification

axialHealthcare Completes SOC 2, Type II + HITRUST CSF Examination

Successful examination demonstrates exceptional commitment to data security by healthcare startup

Nashville, TN – axialHealthcare, a national leader in pain management and pain medication solutions, today announced it has successfully completed a System and Organization Controls (SOC) 2, Type II and Health Information Trust Common Security Framework (HITRUST CSF) examination. SOC 2, Type II attestation examinations are recognized as one of the most comprehensive standards for service providers, and the HITRUST CSF is a nationally recognized security framework that addresses the security, privacy, and regulatory challenges facing healthcare organizations.

“Our clients entrust us with their members’ highly valuable medical and prescription claims data to inform our pain and opioid management capabilities,” said John J. Donahue, chairman and chief executive officer of axialHealthcare. “We understand the significance of our responsibility to protect the data of more than 100 million patient lives in our current database, which is why we pursued and successfully completed a SOC 2, Type II + HITRUST CSF examination.”

axialHealthcare chose to test against all five Trust Service Principles – common criteria/security, availability, processing integrity, confidentiality and privacy – to attain the most comprehensive attestation examination that a SOC 2, Type II provides. axialHealthcare also incorporated the HITRUST CSF covering healthcare security control objectives, adding 66 additional implementation requirements.

“These extensive requirements are intended for large companies, yet we were able to accomplish this as a growing startup in what most would consider to be a non-standard security environment, and I’m incredibly proud of our team for this feat,” said Joe Degati, chief information officer of axialHealthcare. “We take our clients’ data protection seriously, and they can be confident in the security of their data while working with axialHealthcare.”

One of approximately 10 HITRUST CSF assessors in Tennessee, Nashville-based KraftCPAs performed the audit and appropriate testing of axialHealthcare. Gina Pruitt, the member-in-charge of risk assurance & advisory services at KraftCPAs, said, “In completing the SOC 2, Type II + HITRUST CSF attestation examination for axialHealthcare, we covered a comprehensive set of security, privacy, and regulatory controls specific to healthcare organizations. The results of our testing confirm that axialHealthcare is committed to meeting regulatory requirements and the protection of their client’s data.”

About axialHealthcare
axialHealthcare is a pain and opioid care solutions company that partners with health insurers nationwide. axialHealthcare’s pain management solutions engage physicians, clinics, and patients with coordinated care by applying advanced analytical insight, proven clinical evidence and highly effective consumer support. axialHealthcare’s solutions optimize pain care outcomes, reduce opioid misuse and materially improve financial performance for health benefit providers. For more information, visit 

About KraftCPAs PLLC
Since its inception in 1958, KraftCPAs PLLC has become one of the largest independent certified public accounting firms in Tennessee. Founded by the late Joe Kraft, the firm has 16 members and a total staff of more than 190. With offices in Nashville, Columbia and Lebanon, the firm provides not only audit, tax, and accounting, but a broad range of consulting services to meet the needs of its clients. The risk assurance & advisory services practice works with clients in various industries to help them maintain the security of their data, meet regulatory compliance requirements, and add value to their business processes. For more information, visit

Isabelle McLaughlin

Leave a Comment

Scroll to Top