Lucas Baiocchi

Lucas Baiocchi is a seasoned cybersecurity leader with over seven years of experience in information security audits and assessments. He brings deep expertise across a broad spectrum of industry-recognized frameworks and standards, including HITRUST, NIST CSF, NIST 800-53, HIPAA, PCI, SOC 1 & 2, and ISO 27001.

As the HITRUST InfoSec Assurance Manager at Thoropass, Lucas leads and executes HITRUST assessments, working closely with organizations to evaluate their security posture, validate control effectiveness, and deliver clear, actionable insights that align compliance objectives with broader business goals. His approach ensures not only regulatory and standards-based compliance, but also the adoption of efficient, scalable, and realistic security solutions.

Lucas holds a Bachelor’s degree in Information Systems from San Diego State University and is certified as a Certified CSF Practitioner (CCSFP), Certified HITRUST Quality Professional (CHQP), and Healthcare Information Security and Privacy Practitioner (HCISPP).

He has successfully guided a diverse range of clients—from agile, cloud-native startups to complex, on-premises global enterprises—through the process of achieving and maintaining HITRUST certification.