Our Commitment

Patient Funding Alternatives LLC (“PFA”) is committed to the protection of sensitive health information. We are unwavering in our commitment to safeguarding patient data, ensuring privacy, and maintaining the highest standards of cybersecurity and compliance.

PFA adheres to rigorous data protection protocols guided by the National Institute of Standards and Technology (NIST) frameworks, particularly those relevant to Protected Health Information (PHI) and Personally Identifiable Information (PII). Our security practices are aligned with NIST SP 800-53 and NIST Cybersecurity Framework (CSF), ensuring that our systems are resilient against threats and compliant with federal regulations.

To further demonstrate our dedication to data security and regulatory compliance, PFA’s applications and infrastructure are HITRUST certified—a gold standard in healthcare information protection. This certification validates our comprehensive approach to risk management, data governance, and continuous improvement in safeguarding electronic protected health information (ePHI). We believe that trust is earned through transparency, accountability, and excellence in data stewardship. At PFA, protecting patient data isn’t just a responsibility—it’s a core part of who we are.

COMPLIANCE PORTAL ACCESS

Access to the Compliance Portal is for current customers and pre-authorized individuals and organizations. To request access, please contact your Patient Funding Alternatives representative.