Shareholder, Information Security

Image of Mark Fulford, CISSP, CISA, ABCP, HITRUST

Lipscomb University, Bachelor of Science in Business Administration

Mark Fulford, CISSP, CISA, ABCP, HITRUST, is a Shareholder in the risk services division of LBMC, PC.

With nearly 25 years of experience in information technology, audit, and security, Mark brings a wealth of knowledge to each engagement.

With oversight for client projects focused on audit and assessment, Mark consults regularly with clients on matters such as Service Organization Control (SOC 1&2) audits, HITRUST validation and certification assessments, Sarbanes-Oxley Section 404 IT controls documentation and testing, as well as HIPAA risk assessments for large multi-facility healthcare providers as well as healthcare business associates.

  • SOC Attestation engagements for numerous service organizations across a variety of industries, including large application service providers.
  • HITRUST readiness assessment and related consulting for a large healthcare claims clearinghouse.
  • Outsourced CISO for a system of seven acute care hospitals.
  • HIPAA Risk Assessment and security program development for a 200+ practice Dental Services Organization.
  • SOX IT controls documentation and testing engagements for over fifteen public companies.


  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Associate Business Continuity Professional (ABCP)
  • HITRUST Certified Security Framework assessor
  • Associate Business Continuity Planner (ABCP)

Thought Leadership

Evolving Cyber Security Threats in Healthcare
HIPAA Security Compliance and OCR Audits
Beware: Myths about Data Security and HIPAA Compliance