In DME billing, security is non-negotiable. But a system can be completely secure and still process your data incorrectly — and in billing, incorrect data has a direct cost.
Misstated receivables. Payment posting errors. Inaccurate financial reporting. Audit exposure. These aren’t security failures. They’re accuracy failures. And they’re exactly what SOC 2 Processing Integrity certification is designed to prevent.
As Chris Delposen, managing director at MedBill, puts it: “This is billing. It’s critical stuff.”
That’s why, in pursuing SOC 2 certification for TrueSight, we didn’t stop at Security. We pursued Processing Integrity, too.
Why Secure Data Isn’t Enough: You Need Reliable Data
SOC 2 certification gives organizations the option to pursue Processing Integrity as a certification domain—and many don’t. Most stop at Security. Processing Integrity is optional, but for a billing platform, it’s the more consequential standard.
The Processing Integrity criterion evaluates whether a system processes data completely, accurately, and in a timely manner. Your system must do what it says it does—correctly and consistently—at the transaction level, not just on paper.
For DME billing, the consequences of failing that standard are concrete: misstated receivables, payment posting errors, inaccurate financial reporting, and audit exposure. SOC 2 Processing Integrity forces validation at the system level, not just at the policy level.
For larger organizations and hospital groups, vendor validation like this is often a procurement requirement. We chose to bring that standard to providers of all sizes.
What Processing Integrity Looks Like in Billing
To earn SOC 2 certification under the Processing Integrity domain, a system must demonstrate documented controls that validate outputs against inputs — proving the data that enters the system matches the data that comes out.
In DME billing, the clearest test of that is the accounts receivable (AR) roll forward: a reconciliation that accounts for every transaction across a billing period.
Every transaction gets accounted for. Every balance tied out. If a billing system can’t produce this report accurately and completely, it has a data integrity gap, regardless of how secure it is.
Getting there isn’t simple. It requires coordination across technical systems, billing operations, accounting logic, and reporting infrastructure with validation gathered from critical vendors along the way.
“Doing this AR roll forward is not for the faint of heart,” says Chris. “It’s where the rubber meets the road with IT and billing coming together.”
TrueSight’s team began this process in January 2026, simultaneously implementing a system update that further strengthened TrueSight’s reporting and reconciliation capabilities.
If you’d like to learn more about TrueSight’s SOC 2 certification or how its reporting and reconciliation capabilities support compliant billing operations, reach out to your Medbill account manager or contact the team.