Casechek is SOC 2 Type 1 Certified. What does it mean for you?
At Casechek, as we work to integrate your clinical and financial data, nothing is more important to us than keeping that data safe. Therefore, we made it a priority to become certified as SOC 2 Compliant.
What does it mean to be SOC 2 Compliant and why is it important?
SOC 2 stands for System and Organization Controls 2 and is considered the best practice for customer data security in the cloud. This certification was created by the American Institute of Certified Public Accountants (AICPA) and defines how an organization should manage its customers’ data and implement effective security protocols.
The certification is based on five Trust Services Criteria:
- Security: Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to meet its objectives.
- Availability: Information and systems are available for operation and use to meet the entity’s objectives.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected to meet the entity’s objectives.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed to meet the entity’s objectives.
To obtain SOC 2 compliance, a third-party auditor must review the controls, policies, and documentation showing that all the SOC 2 defined principles are addressed. Subsequently, a monitoring period is utilized where the company must provide evidence of following the policies and requirements. The final audit report provides assurance to customers, partners, and prospects that organizations are managing their data securely – meeting or exceeding industry-standard security best practices.
The SOC 2 certification means that Casechek has been independently reviewed to provide enterprise-level security for your data.
What is the difference between SOC 2 Type 1 and 2?
To continue demonstrating to you and all our clients that your data is secure at Casechek, our next step will be to obtain SOC 2 Type 2 Certification.
- Type 1 describes the organization’s current systems and whether its systems and policies comply with the AICPA trust principles.
- Type 2 details the operational efficiency of these systems. In other words, if the company can employ these systems and policies over a period of time. We will be evaluated over the coming months to validate that our controls are functioning at all times.
If you have any questions regarding our SOC 2 Compliance or Casechek, please feel free to reach out at [email protected]
Casechek Attains SOC 2, TYPE 1 Compliance for Enterprise-Level Security, was successfully distributed via our Online Visibility Engine on January 24, 2023 and is now available at https://www.prweb.com/
The Casechek Team
Together We Win.