About Us

Compliance Information

iVitaFi is committed to building trust with our customers and partners. We adhere to information security, confidentiality and processing integrity and ensure compliance through regulatory controls and policies and procedures. As iVitaFi achieves industry designations, we’ll share them with you here.

SOC 2® Compliance

The SOC 2 System and Organization Controls Report demonstrates an organization’s internal controls relative to security, availability, processing integrity and confidentiality. Adherence to the AICPA’s Trust Services Criteria is confirmed by a third-party certified public auditor and is evidenced by an audit report.

Businesses rely on SOC 2 audits and reports to build trust and confidence in their service provider’s ability to design, operate and control environments on which their business depends. Please contact us to request more information regarding our SOC 2 Type II audit report.

We are pleased to announce that iVita Financial is SOC 2 Type II compliant as of September 2021

PCI Compliance

iVita Financial has achieved Payment Card Industry Data Security Standard (PCI DSS) validation. This annual validation verifies that our solution has passed the Payment Card Industry Security Standards Council’s rigorous standards.

The PCI DSS is a set of security requirements intended to protect cardholder data (credit card data). The steady increase in electronic payment options available makes it extremely important to protect customers’ personal information.

iVita Financial abides by all applicable PCI DSS requirements under which we secure any and all cardholder data that we store, process or transmit for our customers.


iVita Financial is compliant with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations and applicable consumer lending laws and regulations.

We understand the sensitivities and obligations associated with keeping patient healthcare data of our covered entity clients protected from unauthorized disclosures and adhere to the physical, administrative, and technical safeguards outlined in HIPAA, which covered entities and business associates must uphold to protect the integrity of Protected Health Information (PHI).

Make it easy, affordable and convenient for patients to pay their bills.