MedStack, an out-of-the-box privacy compliance solution for digital health startups, is proud to announce that we have successfully completed our Service Organization Control (SOC) 2 Type I audit. Conducted by the independent CPA firm ControlCase Attestations, the detailed audit report attests that MedStack’s information systems meet the SOC 2 Trust Service Principles of security, availability, and confidentiality.
The completion of our SOC 2 report adds to the security and privacy guarantees that MedStack’s platform already offers for HIPAA, PIPEDA, PHIPA, and ISO 27001. And, it means that our customers can now more easily and quickly achieve their own SOC 2 audit reports.
As app developers increasingly make use of cloud services, the industry needs confidence and assurance that their providers are operating their services with a high degree of trust and transparency. SOC 2 is the standard of the AICPA that is widely considered the benchmark for trust in the cloud industry. SOC 2 auditors gather evidence about information system controls, such as policies, procedures, and activities in the critical areas of cybersecurity, system availability, and data confidentiality. Our SOC 2 report provides detailed information about our operations and attests that we are meeting our commitments to our customers.
The protection of personal health information (PHI) is of paramount importance in the digital healthcare industry, and will continue to be a hot button issue in the years to come. For good reason, healthcare provider enterprises such as hospitals and insurance companies often make SOC 2 certification a requirement for the vendors they work with.
In 2019, MedStack committed to achieving a SOC 2 report, and we take pride in being able to fulfill this promise. We are now able to provide our customers with further peace of mind knowing that their data is secure, which in turn strengthens their own customer relationships. As a result of MedStack’s compliance guarantees, our customers can now inherit SOC 2 controls from us and more speedily pass their own SOC 2 audits, further building a strong chain of compliance guarantees to speed industry adoption of digital health.