Partners and associates

Radnor

170 North Radnor-Chester Road
Radnor, PA 19087

Tel:

215.989.3630

Email: kjohnston@wipfli.com

Karen Johnston, CCSFP, CIA, CISA, CCSFP-CHQP

Partner, Lead Auditor

Karen Johnston is Wipfli’s national digital health industry leader. With over 20 years of experience, she works closely with technology companies to drive innovation and improve how her clients get things done. As the leader of our HITRUST, ISO and HIPAA service lines, Karen is also responsible for security and privacy engagements, successfully guiding organizations through their compliance challenges. She believes in fostering collaborative partnerships and the power of meaningful connections.

Professional memberships and activities

HITRUST Alliance Assessor Council
The Institute of Internal Auditors (IIA) - Member
Information Systems Audit and Control Association (ISACA) - Member

Services

Risk advisory services

Areas of Focus

HITRUST assessments
ISO 27001, 27701 and 27017
SOC 1 and SOC 2 examinations
HIPAA risk assessments
Internal control assessments
Internal audits
Information technology (IT) audits
IT governance

Education

Bloomsburg University

Bachelor of science degree in business administration

Recent Insights

Articles

True or false? An authorized external assessor breaks down 9 common HITRUST certification myths
May 05, 2025

HITRUST vs HIPAA: What is the difference?
May 01, 2025

HITRUST scoring 101: How scoring works and how to self-score
Apr 30, 2025

Unleashing the dry powder: Exploring funding trends in digital health
Mar 07, 2025

Navigating the AI frontier: HITRUST’s pioneering assurance program
Nov 14, 2024

Navigating data compliance in the age of AI: Challenges and opportunities
Oct 28, 2024

Why digital health organizations need to put security concerns top of mind
Feb 16, 2024

Enhance your financial institution’s cybersecurity with HITRUST
Aug 24, 2023

Add HITRUST calculators to your HITRUST assessment toolkit
Nov 29, 2022

SOC 2? HITRUST? Which of these 7 third-party assurance audits should you choose?
Nov 20, 2019

Videos And Webcasts

Cert stacking: A new approach to third-party audits
Sep 17, 2024

Webinar: The impact of AI in software development
Sep 27, 2023

© 2025 Wipfli LLP. "Wipfli" refers to Wipfli LLP, a Wisconsin limited liability partnership, and its subsidiaries. Assurance, tax and consulting services are offered through Wipfli LLP. Investment banking and related services are offered through Wipfli Corporate Finance LLC. Wipfli LLP is a member of Allinial Global, an association of legally independent firms. ”Wipfli CPA” is the DBA name of Wipfli LLP in New York state, and refers to Wipfli LLP.