Karen Johnston, CCSFP, CIA, CISA, CCSFP-CHQP
Partner, Lead Auditor
Karen Johnston is Wipfli’s national digital health industry leader. With over 20 years of experience, she works closely with technology companies to drive innovation and improve how her clients get things done. As the leader of our HITRUST, ISO and HIPAA service lines, Karen is also responsible for security and privacy engagements, successfully guiding organizations through their compliance challenges. She believes in fostering collaborative partnerships and the power of meaningful connections.
Professional memberships and activities
- HITRUST Alliance Assessor Council
- The Institute of Internal Auditors (IIA) - Member
- Information Systems Audit and Control Association (ISACA) - Member
Areas of Focus
- HITRUST assessments
- ISO 27001, 27701 and 27017
- SOC 1 and SOC 2 examinations
- HIPAA risk assessments
- Internal control assessments
- Internal audits
- Information technology (IT) audits
- IT governance
Education
Bloomsburg University- Bachelor of science degree in business administration
Recent Insights
Articles
Navigating the AI frontier: HITRUST’s pioneering assurance program
Nov 14, 2024
Navigating data compliance in the age of AI: Challenges and opportunities
Oct 28, 2024
Why digital health organizations need to put security concerns top of mind
Feb 16, 2024
Enhance your financial institution’s cybersecurity with HITRUST
Aug 24, 2023
Add HITRUST calculators to your HITRUST assessment toolkit
Nov 29, 2022
HITRUST scoring 101: How scoring works and how to self-score
Dec 09, 2020
SOC 2? HITRUST? Which of these 7 third-party assurance audits should you choose?
Nov 20, 2019
Webinars
Cert stacking: A new approach to third-party audits
Sep 17, 2024
Webinar: The impact of AI in software development
Sep 27, 2023